Social Engineering

5 minutes 5 Questions

Social Engineering is a set of strategies and tactics employed by threat actors to manipulate, deceive, or otherwise influence individuals into divulging sensitive information, granting unauthorized access, or installing malicious software on their computer systems. These tactics often prey on the …

Test mode:

Exam (Timed)

Practice (With explanations)

Start practice test

Question 1

A project manager receives a call from a vendor about a pending invoice. The vendor claims that their payment information has changed and asks for payments to be sent to their new bank account. What should the project manager do?

Verify the vendor's identity and confirm the requested changes through a previously known, trusted contact. Immediately update the payment information and process the payment. Ask the vendor to provide their new bank account details in writing. Ignore the call; it's probably a scam.

Correct Answer: Verify the vendor's identity and confirm the requested changes through a previously known, trusted contact.

The best response is to verify the vendor's identity and confirm the requested changes through a previously known, trusted contact, to avoid potential social engineering scams. Never provide or update sensitive information without thorough verification.

Question 2

An employee receives an email from a coworker who wants to know their supervisor's office hours as the coworker cannot locate their supervisor. The employee suspects the coworker is trying to gain unauthorized access. What should the employee do?

Provide the office hours via email. Report the coworker to management. Redirect the coworker to the HR department. Contact the coworker directly via phone or in person to verify their intent.

Correct Answer: Contact the coworker directly via phone or in person to verify their intent.

The correct answer verifies the coworker's intent by contacting them through a known communication method, reducing the risk of unauthorized access using social engineering.

Question 3

A user receives an unexpected email from a coworker with multiple attachments. The user was not expecting any attachments from this coworker. What should the user do?

Reply to the email asking for more information Contact the coworker through another method to verify the attachments Forward the email to another coworker Download and open all attachments

Correct Answer: Contact the coworker through another method to verify the attachments

By contacting the coworker through a different method, the user can verify the authenticity of the email, ensuring it's not a social engineering attempt.

🎓 Unlock Premium Access

CompTIA Security+ + ALL Certifications

Social Engineering

Guide: Understanding and Answering Questions on Social Engineering

CompTIA Security+ - Social Engineering Example Questions

Question 1

Question 2

Question 3

🎓 Unlock Premium Access