CERTIFIED-IN-CYBERSECURITY · Question #558
CERTIFIED-IN-CYBERSECURITY Question #558: Real Exam Question with Answer & Explanation
The correct answer is D: A technique used by attackers to trick people into revealing sensitive information. Social engineering is a technique used by attackers to trick people into revealing sensitive information. Instead of breaking encryption or finding software vulnerabilities, an attacker using social engineering manipulates people into unknowingly performing actions or disclosing
Question
What is social engineering?
Options
- AA technique for systematic study of society and its institutions, aiming to understand social
- BA technique for optimizing algorithms on social media platforms to increase user engagement
- CA technique for designing public spaces to induce community interactions and social gatherings
- DA technique used by attackers to trick people into revealing sensitive information
Explanation
Social engineering is a technique used by attackers to trick people into revealing sensitive information. Instead of breaking encryption or finding software vulnerabilities, an attacker using social engineering manipulates people into unknowingly performing actions or disclosing confidential information (see ISC2 Study Guide, Chapter 5, Module 4). For example, an attacker might pose as a bank representative and ask a person for their account information under the guise of verifying their identity. This technique exploits human psychology and trust to gain unauthorized access to confidential data. Also, phishing is a type of social engineering in which an attacker sends an email that appears to be from a trusted source and tricks users into revealing personal or financial information. The remaining options, while sounding plausible, are not related to cybersecurity.
Topics
Community Discussion
No community discussion yet for this question.