Correct Answer: A
Explanation/Reference:
Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access. References: https://en.wikipedia.org/wiki/Social_engineering_(security)
Social engineering is a technique that relies on manipulating individuals into divulging confidential information or performing actions that compromise the security of a system. It often involves psychological manipulation and deception to trick people into revealing sensitive information, such as passwords or access credentials. It is considered a low-tech method because it doesn't rely on sophisticated technical skills but rather exploits human psychology and trust.
Everywhere I found information, including the courseware, it refers to interception of comunication between 2 devices.
P. 1232:
"Eavesdropping refers to an unauthorized person listening to a conversation or reading others’ messages. It includes the interception of any form of communication, including audio, video, or written, using channels such as telephone lines, email, and instant messaging. An attacker can obtain sensitive information such as passwords, business plans, phone numbers, and addresses."
https://www.fortinet.com/resources/cyberglossary/eavesdropping
https://www.investopedia.com/terms/e/eavesdropping-attack.asp
https://www.sangfor.com/glossary/cybersecurity/what-is-eavesdropping-attack-and-how-does-it-work
Voted B. Most of social engineering techniques need mid/high skills to GAIN ACCESS. For me the key is here. Eavesdropping is considered as a low-tech skill.
Social engineering is the art of manipulating people to divulge sensitive information to use it to perform some malicious action. (p. 1201)
Eavesdropping refers to an unauthorized person listening to a conversation or reading others’ messages. It includes the interception of any form of communication, including audio, video, or written, using channels such as telephone lines, email, and instant messaging. (p. 1216)
both are correct in my opinion. Eavesdropping can be non-technical. The question is not specific enough. If my students would get a question like this, they would sew me :-)
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
kidneysmasher
Highly Voted 3 years, 7 months agonoblethic
Highly Voted 1 year, 10 months agoKRZJ
Most Recent 3 weeks, 1 day agoostorgaf
1 year, 2 months agoawesomeduck
1 year, 7 months agojosevirtual
1 year, 11 months agoOyorQSEC
1 year, 11 months agoFamous_Guy
2 years agoDaniel8660
2 years, 1 month agoIsharafaz
2 years, 1 month agoastaroth
2 years, 3 months agouday1985
2 years, 5 months agoronxz
2 years, 5 months agomdmdmd
2 years, 6 months agoForrest43
1 year, 4 months agoRottenCow21
2 years, 6 months agocazzobsb
2 years, 7 months agopawel_ceh
2 years, 8 months ago