nerdexam
Exams312-50V9Questions#602
EC-Council

312-50V9 · Question #602

312-50V9 Question #602: Real Exam Question with Answer & Explanation

The correct answer is C: Social Engineering is the act of getting needed information from a person rather than breaking into. Social engineering manipulates people into revealing confidential information rather than exploiting technical vulnerabilities. It is a non-technical attack vector targeting human psychology.

Question

Within the context of Computer Security, which of the following statements describes Social Engineering best?

Options

  • ASocial Engineering is the act of publicly disclosing information
  • BSocial Engineering is the means put in place by human resource to perform time accounting
  • CSocial Engineering is the act of getting needed information from a person rather than breaking into
  • DSocial Engineering is a training program within sociology studies

Explanation

Social engineering manipulates people into revealing confidential information rather than exploiting technical vulnerabilities. It is a non-technical attack vector targeting human psychology.

Common mistakes.

  • A. Publicly disclosing information describes data leakage or doxing, not the act of manipulating a person to obtain information.
  • B. Time accounting by human resources is an HR administrative function with no relation to cybersecurity attack techniques.
  • D. Social engineering in security has no connection to sociology academic training programs; it is a specific attack methodology.

Concept tested. Definition of social engineering in cybersecurity

Reference. https://www.cisa.gov/sites/default/files/publications/infosheet_socialmedia.pdf

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V9 Practice