nerdexam
EC-Council

312-50V13 · Question #165

You are trying to break into a highly classified top-secret mainframe computer with highest security system in place at Merclyn Barley Bank located in Los Angeles. You know that conventional hacking d

The correct answer is B. Try to hang around the local pubs or restaurants near the bank, get talking to a poorly-paid or. When technical defenses are exceptionally strong, social engineering becomes the most effective method for penetrating secure systems by exploiting human vulnerabilities.

Submitted by neha2k· Mar 6, 2026Social Engineering

Question

You are trying to break into a highly classified top-secret mainframe computer with highest security system in place at Merclyn Barley Bank located in Los Angeles. You know that conventional hacking doesn't work in this case, because organizations such as banks are generally tight and secure when it comes to protecting their systems. In other words, you are trying to penetrate an otherwise impenetrable system. How would you proceed?

Options

  • ALook for "zero-day" exploits at various underground hacker websites in Russia and China and buy
  • BTry to hang around the local pubs or restaurants near the bank, get talking to a poorly-paid or
  • CLaunch DDOS attacks against Merclyn Barley Bank's routers and firewall systems using 100, 000
  • DTry to conduct Man-in-the-Middle (MiTM) attack and divert the network traffic going to the Merclyn

How the community answered

(18 responses)
  • B
    83% (15)
  • C
    6% (1)
  • D
    11% (2)

Why each option

When technical defenses are exceptionally strong, social engineering becomes the most effective method for penetrating secure systems by exploiting human vulnerabilities.

ALook for "zero-day" exploits at various underground hacker websites in Russia and China and buy

While 'zero-day' exploits are powerful, the question implies that the system is 'impenetrable' even against advanced technical means. Relying solely on discovering or buying a zero-day does not guarantee access, and social engineering is a more direct path when technical defenses are presumed insurmountable.

BTry to hang around the local pubs or restaurants near the bank, get talking to a poorly-paid orCorrect

When technical systems are described as 'impenetrable,' the most common and often successful approach for attackers is social engineering. This involves manipulating individuals through psychological tactics, such as building rapport or exploiting trust, to gain access to information or systems that are otherwise protected by technology.

CLaunch DDOS attacks against Merclyn Barley Bank's routers and firewall systems using 100, 000

Launching DDoS attacks primarily aims to disrupt the availability of a service (Denial of Service), not to gain unauthorized access or 'break into' the mainframe computer itself.

DTry to conduct Man-in-the-Middle (MiTM) attack and divert the network traffic going to the Merclyn

Man-in-the-Middle (MiTM) attacks intercept and potentially alter network traffic, but for a 'highly classified top-secret mainframe' with high security, establishing a MiTM might be challenging and might not directly yield internal system access or bypass strong authentication mechanisms without further steps.

Concept tested: Social engineering for penetration

Source: https://learn.microsoft.com/en-us/training/modules/protect-against-phishing/5-social-engineering

Topics

#Social engineering#Penetration testing#Human element#Target selection

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice