Sign up to save your podcasts
Or
Share Part 5 - CEH v12 Practice Questions: Social Engineering Techniques and Tactics
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Part 5 - CEH v12 Practice Questions: Social Engineering Techniques and Tactics
1. Which of the following is an example of a pretexting attack?
• A) Sending phishing emails with malicious links
• B) Impersonating an IT technician to gain system access
• C) Deploying malware through USB drives
• D) Exploiting unpatched software vulnerabilities
Answer: B) Impersonating an IT technician to gain system access
2. Which social engineering tactic involves enticing users to plug in infected devices like USB drives?
• A) Shoulder surfing
• B) Tailgating
• C) Baiting
• D) Quid pro quo
Answer: C) Baiting
3. An attacker calls a company’s help desk claiming to be the CFO, requesting urgent access to their email account. Which technique is being used?
• A) Vishing
• B) Pharming
• C) Phishing
• D) Impersonation
Answer: A) Vishing
4. Which social engineering method manipulates victims into revealing sensitive information by posing as a trusted website?
• A) Phishing
• B) Smishing
• C) Eavesdropping
• D) Tailgating
Answer: A) Phishing
5. An attacker follows an employee through a secure door by pretending to be on a phone call and avoiding eye contact. Which technique is this?
• A) Baiting
• B) Shoulder surfing
• C) Tailgating
• D) Dumpster diving
Answer: C) Tailgating
6. Which social engineering tactic involves sending fake SMS messages to manipulate users into revealing information?
• A) Pharming
• B) Smishing
• C) Vishing
• D) Spear phishing
Answer: B) Smishing
7. What is the primary goal of a spear phishing attack?
• A) Disrupt network connectivity
• B) Target a broad group of users
• C) Deceive specific individuals for sensitive data
• D) Infect systems with ransomware
Answer: C) Deceive specific individuals for sensitive data
8. Which method involves attackers searching through discarded documents for sensitive information?
• A) Phishing
• B) Dumpster diving
• C) Shoulder surfing
• D) Spoofing
Answer: B) Dumpster diving
9. An attacker sends a message claiming the victim’s account will be locked unless they provide login credentials. Which attack type is this?
• A) Social engineering
• B) Pharming
• C) Smishing
• D) Phishing
Answer: D) Phishing
10. Which of the following describes a “quid pro quo” attack?
• A) Offering free software in exchange for user credentials
• B) Demanding a ransom for stolen data
• C) Infecting websites to steal session cookies
• D) Leveraging unpatched system vulnerabilities
Answer: A) Offering free software in exchange for user credentials
11. Which of the following is a common goal of impersonation attacks?
• A) To infect the system with malware
• B) To bypass antivirus detection
• C) To gain trust and extract information
• D) To perform denial-of-service attacks
Answer: C) To gain trust and extract information
12. Which technique involves secretly observing a user entering their credentials?
• A) Pharming
• B) Eavesdropping
• C) Shoulder surfing
• D) Tailgating
Answer: C) Shoulder surfing
13. What is the primary defense against social engineering attacks?
• A) Strong passwords
• B) Network firewalls
• C) User awareness training
• D) Antivirus software
Answer: C) User awareness training
14. An attacker registers a website named “paypa1.com” to trick users into logging in. Which technique is this?
• A) Pharming
• B) Typosquatting
• C) Vishing
• D) Pretexting
Answer: B) Typosquatting
15. What is the primary objective of a “watering hole attack”?
• A) To exploit social media vulnerabilities
• B) To infect websites frequently visited by the target
• C) To intercept email communications
• D) To compromise VPN connections
Answer: B) To infect websites frequently visited by the target
View all episodes
By Edward Henriquez1. Which of the following is an example of a pretexting attack?
• A) Sending phishing emails with malicious links
• B) Impersonating an IT technician to gain system access
• C) Deploying malware through USB drives
• D) Exploiting unpatched software vulnerabilities
Answer: B) Impersonating an IT technician to gain system access
2. Which social engineering tactic involves enticing users to plug in infected devices like USB drives?
• A) Shoulder surfing
• B) Tailgating
• C) Baiting
• D) Quid pro quo
Answer: C) Baiting
3. An attacker calls a company’s help desk claiming to be the CFO, requesting urgent access to their email account. Which technique is being used?
• A) Vishing
• B) Pharming
• C) Phishing
• D) Impersonation
Answer: A) Vishing
4. Which social engineering method manipulates victims into revealing sensitive information by posing as a trusted website?
• A) Phishing
• B) Smishing
• C) Eavesdropping
• D) Tailgating
Answer: A) Phishing
5. An attacker follows an employee through a secure door by pretending to be on a phone call and avoiding eye contact. Which technique is this?
• A) Baiting
• B) Shoulder surfing
• C) Tailgating
• D) Dumpster diving
Answer: C) Tailgating
6. Which social engineering tactic involves sending fake SMS messages to manipulate users into revealing information?
• A) Pharming
• B) Smishing
• C) Vishing
• D) Spear phishing
Answer: B) Smishing
7. What is the primary goal of a spear phishing attack?
• A) Disrupt network connectivity
• B) Target a broad group of users
• C) Deceive specific individuals for sensitive data
• D) Infect systems with ransomware
Answer: C) Deceive specific individuals for sensitive data
8. Which method involves attackers searching through discarded documents for sensitive information?
• A) Phishing
• B) Dumpster diving
• C) Shoulder surfing
• D) Spoofing
Answer: B) Dumpster diving
9. An attacker sends a message claiming the victim’s account will be locked unless they provide login credentials. Which attack type is this?
• A) Social engineering
• B) Pharming
• C) Smishing
• D) Phishing
Answer: D) Phishing
10. Which of the following describes a “quid pro quo” attack?
• A) Offering free software in exchange for user credentials
• B) Demanding a ransom for stolen data
• C) Infecting websites to steal session cookies
• D) Leveraging unpatched system vulnerabilities
Answer: A) Offering free software in exchange for user credentials
11. Which of the following is a common goal of impersonation attacks?
• A) To infect the system with malware
• B) To bypass antivirus detection
• C) To gain trust and extract information
• D) To perform denial-of-service attacks
Answer: C) To gain trust and extract information
12. Which technique involves secretly observing a user entering their credentials?
• A) Pharming
• B) Eavesdropping
• C) Shoulder surfing
• D) Tailgating
Answer: C) Shoulder surfing
13. What is the primary defense against social engineering attacks?
• A) Strong passwords
• B) Network firewalls
• C) User awareness training
• D) Antivirus software
Answer: C) User awareness training
14. An attacker registers a website named “paypa1.com” to trick users into logging in. Which technique is this?
• A) Pharming
• B) Typosquatting
• C) Vishing
• D) Pretexting
Answer: B) Typosquatting
15. What is the primary objective of a “watering hole attack”?
• A) To exploit social media vulnerabilities
• B) To infect websites frequently visited by the target
• C) To intercept email communications
• D) To compromise VPN connections
Answer: B) To infect websites frequently visited by the target