312-50V13 · Question #165
You are trying to break into a highly classified top-secret mainframe computer with highest security system in place at Merclyn Barley Bank located in Los Angeles. You know that conventional hacking d
The correct answer is B. Try to hang around the local pubs or restaurants near the bank, get talking to a poorly-paid or. When technical defenses are exceptionally strong, social engineering becomes the most effective method for penetrating secure systems by exploiting human vulnerabilities.
Question
Options
- ALook for "zero-day" exploits at various underground hacker websites in Russia and China and buy
- BTry to hang around the local pubs or restaurants near the bank, get talking to a poorly-paid or
- CLaunch DDOS attacks against Merclyn Barley Bank's routers and firewall systems using 100, 000
- DTry to conduct Man-in-the-Middle (MiTM) attack and divert the network traffic going to the Merclyn
How the community answered
(18 responses)- B83% (15)
- C6% (1)
- D11% (2)
Why each option
When technical defenses are exceptionally strong, social engineering becomes the most effective method for penetrating secure systems by exploiting human vulnerabilities.
While 'zero-day' exploits are powerful, the question implies that the system is 'impenetrable' even against advanced technical means. Relying solely on discovering or buying a zero-day does not guarantee access, and social engineering is a more direct path when technical defenses are presumed insurmountable.
When technical systems are described as 'impenetrable,' the most common and often successful approach for attackers is social engineering. This involves manipulating individuals through psychological tactics, such as building rapport or exploiting trust, to gain access to information or systems that are otherwise protected by technology.
Launching DDoS attacks primarily aims to disrupt the availability of a service (Denial of Service), not to gain unauthorized access or 'break into' the mainframe computer itself.
Man-in-the-Middle (MiTM) attacks intercept and potentially alter network traffic, but for a 'highly classified top-secret mainframe' with high security, establishing a MiTM might be challenging and might not directly yield internal system access or bypass strong authentication mechanisms without further steps.
Concept tested: Social engineering for penetration
Source: https://learn.microsoft.com/en-us/training/modules/protect-against-phishing/5-social-engineering
Topics
Community Discussion
No community discussion yet for this question.