1. Which of the following is an example of a pretexting attack?

• A) Sending phishing emails with malicious links

• B) Impersonating an IT technician to gain system access

• C) Deploying malware through USB drives

• D) Exploiting unpatched software vulnerabilities

Answer: B) Impersonating an IT technician to gain system access

2. Which social engineering tactic involves enticing users to plug in infected devices like USB drives?

• A) Shoulder surfing

• B) Tailgating

• C) Baiting

• D) Quid pro quo

Answer: C) Baiting

3. An attacker calls a company’s help desk claiming to be the CFO, requesting urgent access to their email account. Which technique is being used?

• A) Vishing

• B) Pharming

• C) Phishing

• D) Impersonation

Answer: A) Vishing

4. Which social engineering method manipulates victims into revealing sensitive information by posing as a trusted website?

• A) Phishing

• B) Smishing

• C) Eavesdropping

• D) Tailgating

Answer: A) Phishing

5. An attacker follows an employee through a secure door by pretending to be on a phone call and avoiding eye contact. Which technique is this?

• A) Baiting

• B) Shoulder surfing

• C) Tailgating

• D) Dumpster diving

Answer: C) Tailgating

6. Which social engineering tactic involves sending fake SMS messages to manipulate users into revealing information?

• A) Pharming

• B) Smishing

• C) Vishing

• D) Spear phishing

Answer: B) Smishing

7. What is the primary goal of a spear phishing attack?

• A) Disrupt network connectivity

• B) Target a broad group of users

• C) Deceive specific individuals for sensitive data

• D) Infect systems with ransomware

Answer: C) Deceive specific individuals for sensitive data

8. Which method involves attackers searching through discarded documents for sensitive information?

• A) Phishing

• B) Dumpster diving

• C) Shoulder surfing

• D) Spoofing

Answer: B) Dumpster diving

9. An attacker sends a message claiming the victim’s account will be locked unless they provide login credentials. Which attack type is this?

• A) Social engineering

• B) Pharming

• C) Smishing

• D) Phishing

Answer: D) Phishing

10. Which of the following describes a “quid pro quo” attack?

• A) Offering free software in exchange for user credentials

• B) Demanding a ransom for stolen data

• C) Infecting websites to steal session cookies

• D) Leveraging unpatched system vulnerabilities

Answer: A) Offering free software in exchange for user credentials

11. Which of the following is a common goal of impersonation attacks?

• A) To infect the system with malware

• B) To bypass antivirus detection

• C) To gain trust and extract information

• D) To perform denial-of-service attacks

Answer: C) To gain trust and extract information

12. Which technique involves secretly observing a user entering their credentials?

• A) Pharming

• B) Eavesdropping

• C) Shoulder surfing

• D) Tailgating

Answer: C) Shoulder surfing

13. What is the primary defense against social engineering attacks?

• A) Strong passwords

• B) Network firewalls

• C) User awareness training

• D) Antivirus software

Answer: C) User awareness training

14. An attacker registers a website named “paypa1.com” to trick users into logging in. Which technique is this?

• A) Pharming

• B) Typosquatting

• C) Vishing

• D) Pretexting

Answer: B) Typosquatting

15. What is the primary objective of a “watering hole attack”?

• A) To exploit social media vulnerabilities

• B) To infect websites frequently visited by the target

• C) To intercept email communications

• D) To compromise VPN connections

Answer: B) To infect websites frequently visited by the target