A threat actor has sent a text message to a victim stating that they have won bitcoins in a bank contest. To claim their prize, the victim must click the…
Which Apple iOS and Android tools can spoof a phone number, record calls, and generate different background noises? Nessus Asterisk SpoofCard BeEF Explanation & Hint: Several call spoofing tools can…
What is the purpose of a vishing attack? to create emails and web pages to collect sensitive information from a user to convince a victim on a phone call to…
Who is the target of a whaling attack? upper managers such as the CEO or key individuals in an organization ordinary users user groups of social networks such as Facebook…
Which tool can launch social engineering attacks and be integrated with third-party tools and frameworks such as Metasploit? BeEF Nessus SET Asterisk Explanation & Hint: Social-Engineer Toolkit (SET) is a…
Which resource would mitigate piggybacking and tailgating? security guard camera "no trespassing" warnings badge/card access Explanation & Hint: An access control vestibule is an example of a preventive security control.…
Which two access control options are commonly used in conjunction with access control vestibules? (Choose two.) proximity card and PIN turnstile security guard toll collector biometric scan Explanation & Hint:…
What two physical attacks are mitigated by using access control vestibules? (Choose two.) shoulder surfing dumpster diving tailgating badge cloning piggybacking Explanation & Hint: Piggybacking and tailgating can be defeated…
Which Apple iOS and Android tool can be used to spoof a phone number? SpoofApp Nessus Asterisk BeEF Explanation & Hint: Several call spoofing tools can be used in social…
Which tool provides a threat actor a web console to manipulate users who are victims of cross-site scripting (XSS) attacks? Asterisk SET BeEF Nikto Explanation & Hint: Browser Exploitation Framework…
Which social engineering physical attack statement is correct? In the tailgating attack, an unauthorized person tags along with an authorized person to gain entry to a restricted area with the…
A threat actor has sent a phishing email to a victim stating that suspicious activity has been detected on their bank account and that they must immediately click on a…
Apple is a company constantly working towards making its products and processes more environmentally friendly. Therefore, the Apple brand is associated with ideals and values that customers can relate to…
A salesperson is attempting to convince a customer to buy a product because limited supplies are available. Which social engineering method of influence is being used by the salesperson? social…
What method of influence is characterized when a celebrity endorses a product on social media? social proof scarcity authority fear Explanation & Hint: Social proof is a method of influence…
Which option is a voice over IP management tool that can be used to impersonate caller ID? SpoofCard Asterisk SpoofApp Nikto Explanation & Hint: Several call spoofing tools can be…
Why would a threat actor use the Social-Engineering Toolkit (SET)? to send a spear phishing email to spoof a phone number to manipulate users by leveraging XSS vulnerabilities to practice…
A threat actor has altered the host file for a commonly accessed website on the computer of a victim. Now when the user clicks on the website link, they are…
What is the act of gaining knowledge or information from a victim without directly asking for that particular information? influence elicitation interrogation impersonation Explanation & Hint: Elicitation is the act…
What is a watering hole attack? an attack carried out in a phone conversation an attack targeted at high-profile business executives and key individuals in a company an attack that…