SY0-501 · Question #111
SY0-501 Question #111: Real Exam Question with Answer & Explanation
The correct answer is A: Vishing. This scenario describes a vishing attack, where an attacker uses telephone calls to impersonate a trusted entity and trick the CEO into divulging network authentication credentials.
Question
Anne, the Chief Executive Officer (CEO), has reported that she is getting multiple telephone calls from someone claiming to be from the helpdesk. The caller is asking to verify her network authentication credentials because her computer is broadcasting across the network. This is MOST likely which of the following types of attacks?
Options
- AVishing
- BImpersonation
- CSpim
- DScareware
Explanation
This scenario describes a vishing attack, where an attacker uses telephone calls to impersonate a trusted entity and trick the CEO into divulging network authentication credentials.
Common mistakes.
- B. Impersonation is a broader social engineering technique where an attacker pretends to be someone else, but vishing is the specific term for impersonation conducted over voice communication to solicit information.
- C. Spim (spam over Internet Messaging) refers to unsolicited messages sent via instant messaging platforms, which is not relevant to telephone calls.
- D. Scareware is malicious software that uses deceptive pop-ups and alarming messages to trick users into purchasing fake software or services, which is distinct from a phone call requesting credentials.
Concept tested. Social engineering (Vishing) attack identification
Community Discussion
No community discussion yet for this question.