Which testing method did the intruder use?

An intruder attempted malicious activity and exchanged emails with a user and received corporate information, including email distribution lists. The intruder asked the user to engage with a link in an email. When the fink launched, it infected machines and the intruder was able to access the corporate network.

Which testing method did the intruder use?
A . social engineering
B . eavesdropping
C . piggybacking
D . tailgating

View Answer

Answer: A

Explanation:

Social engineering is a type of testing method that involves manipulating or deceiving people into performing actions or divulging information that can compromise the security of the organization. Social engineering can take various forms, such as phishing, vishing, baiting, quid pro quo, or impersonation. The scenario in the question is an example of a phishing attack, where the intruder sent an email to the user that appeared to be legitimate and contained a malicious link that infected the user’s machine and allowed the intruder to access the corporate network.

Reference: [Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) – Module 6: Security Incident Investigations]