CISSP Practice question #214

When a penetration calling an employee talks to the employee about friends they have in common, and then asks for help. It is which type of social engineering?
A: Authority.
B: Intimidation.
C: Scarcity.
D: Familiarity.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


D: Social engineering uses people skills to bypass security controls. Familiarity (Have a common ground, or build it) – Knowing something about the victim ahead of time and then reference it can raises chances of a successful attack drastically. People want to be helpful, if they feel like they know you they want to even more. Often successful with vishing and in-person social engineering.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

You may also like

Leave a Reply