Protection of Information Assets - Security Event Management

Correct Answer: Manipulating people into divulging confidential information or performing actions that compromise security

Social engineering attacks primarily involve manipulating people through psychological tactics rather than technical exploits. The correct answer accurately describes how social engineering focuses on exploiting human behavior and trust to gain confidential information or prompt security-compromising actions. The other options describe different types of cyber attacks: The second option describes cryptanalysis or network sniffing attacks that focus on technological means to intercept and decrypt data. The third option describes technical exploitation of vulnerabilities in systems and infrastructure, which is characteristic of hacking rather than social engineering. The fourth option describes automated password cracking or authentication bypass attacks that focus on technological weaknesses in security systems. Social engineering is distinct because it targets the human element of security through manipulation, deception, and psychological tactics rather than focusing on technical vulnerabilities.

Correct Answer: Port scanning

Port scanning is a reconnaissance technique used in penetration testing to probe network addresses and determine which hosts are active and which ports are open, closed, or filtered. This helps identify exposed services and potential entry points. Tools like Nmap or Masscan are commonly used for this purpose. The other options describe different attack vectors that do not involve enumerating active hosts and open ports.

Correct Answer: Man-in-the-Middle (MitM) attack

The scenario describes a Man-in-the-Middle (MitM) attack, which is characterized by an attacker secretly positioning themselves between two parties who believe they are communicating directly with each other. In this position, the attacker can intercept, read, or modify the data being exchanged. The other options are different types of attacks: Cross-Site Request Forgery (CSRF) attacks trick authenticated users into executing unwanted actions on websites where they're already authenticated, but don't necessarily involve intercepting communications between two parties. Session hijacking involves stealing a user's valid session token to gain unauthorized access to systems or accounts, but doesn't require positioning between two communicating entities. DNS poisoning involves corrupting a DNS server's cache to redirect traffic to malicious websites, but this attack targets the name resolution process rather than placing the attacker between communicating parties.