ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v11 All Questions

View all questions & answers for the 312-50v11 exam
Go to Exam

Exam 312-50v11 topic 1 question 144 discussion

Actual exam question from ECCouncil's 312-50v11
Question #: 144
Topic #: 1
[All 312-50v11 Questions]

Johnson, an attacker, performed online research for the contact details of reputed cybersecurity firms. He found the contact number of sibertech.org and dialed the number, claiming himself to represent a technical support team from a vendor. He warned that a specific server is about to be compromised and requested sibertech.org to follow the provided instructions. Consequently, he prompted the victim to execute unusual commands and install malicious files, which were then used to collect and pass critical information to Johnson's machine.
What is the social engineering technique Steve employed in the above scenario?

  • A. Diversion theft
  • B. Quid pro quo
  • C. Elicitation
  • D. Phishing
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by AmrAwad at April 14, 2021, 3:10 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
beowolf
Highly Voted 3 years, 1 month ago
B is the correct answer. EC council official book - page 1235
upvoted 15 times
blacksheep6r
3 years ago
Quid Pro Quo Quid pro quo is a Latin phrase that meaning “something for something.” In this technique, attackers keep calling random numbers within a company, claiming to be calling from technical support. This is a baiting technique where attackers offer their service to end-users in exchange of confidential data or login credentials. For example, an attacker gathers random phone numbers of the employees of a target organization. They then start calling each number, pretending to be from the IT department. The attacker eventually finds someone with a genuine technical issue and offers their service to resolve it. The attacker can then ask the victim to follow a series of steps and to type in the specific commands to install and launch malicious files that contain malware designed to collect sensitive information
upvoted 12 times
...
...
ANDRESCB1988
Highly Voted 3 years, 3 months ago
option B is the correct, quid pro quo
upvoted 12 times
...
insaniunt
Most Recent 9 months ago
Selected Answer: B
Quid pro quo: In this technique, attackers keep calling random numbers within a company, claiming to be calling from technical support. This is a baiting technique where attackers offer their service to end-users in exchange of confidential data or login credentials. For example, an attacker gathers random phone numbers of the employees of a target organization. They then start calling each number, pretending to be from the IT department. The attacker eventually finds someone with a genuine technical issue and offers their service to resolve it. The attacker can then ask the victim to follow a series of steps and to type in the specific commands to install and launch malicious files that contain malware designed to collect sensitive information. - Page 1348 from CEH v12 book
upvoted 1 times
...
shubhrant666
11 months, 2 weeks ago
Selected Answer: B
QUID is ryt 1 acc to cehv12 module
upvoted 1 times
...
sudowhoami
11 months, 3 weeks ago
Selected Answer: C
correct option is Elicitation
upvoted 1 times
...
Ciruuss_
1 year ago
Selected Answer: C
I was wrong, correct option is Elicitation, because quid pro por means "something for something" and in this example the attacker didn´t ask for anything so correct answer is Elicitation
upvoted 1 times
...
Ciruuss_
1 year, 1 month ago
Selected Answer: B
B is the correct answer. EC council official book - page 1235
upvoted 1 times
Ciruuss_
1 year ago
Selected Answer: C I was wrong, correct option is Elicitation, because quid pro por means "something for something" and in this example the attacker didn´t ask for anything so correct answer is Elicitation
upvoted 1 times
...
...
ostorgaf
1 year, 1 month ago
Selected Answer: B
Quid pro quo social engineering involves offering something in exchange for sensitive information or action from the victim. In this scenario, Johnson is offering supposed technical support and warning the victim about a server compromise, then providing instructions to follow. The victim is enticed to follow the instructions because they believe they are receiving assistance in preventing a compromise. This technique often involves a sense of urgency or fear to manipulate the victim into taking the desired actions, which aligns with the situation described in the scenario.
upvoted 1 times
...
Vincent_Lu
1 year, 2 months ago
Selected Answer: B
I have the expert knowledge to solve your problem, so we can "Quid pro quo", ahthough it's a scam.
upvoted 1 times
...
CHCHCHC
1 year, 2 months ago
this is a type of phishing attack! to be more specific it is vishing,
upvoted 1 times
...
victorfs
1 year, 5 months ago
Selected Answer: C
The correcto is C. Elicitacion
upvoted 2 times
...
jeremy13
1 year, 5 months ago
Selected Answer: B
B. Quid pro quo
upvoted 1 times
...
White_T_10
1 year, 5 months ago
Elicitation is a technique used to collect information that is not readily available and do so without raising suspicion that specific facts are being sought. This cannot be quid pro quo.
upvoted 4 times
...
ounuomi
1 year, 6 months ago
Quid Pro Quo
upvoted 1 times
...
Bob_234
1 year, 7 months ago
Selected Answer: C
In summary, quid pro quo involves an exchange of something valuable for information or access, while elicitation involves questioning techniques to obtain information from the victim without an exchange of something valuable.
upvoted 3 times
...
VOAKDO
1 year, 9 months ago
C these are the keys: Quick pro quo: calling random numbers (NO HERE) Elicitation: ..to communicate with persons who have access to sensitive information... (Here, when they say that "he found the contact number of sibertech.org -reputed cybersecurity firm-,....., he has "access to sensitive information".
upvoted 3 times
...
noblethic
1 year, 9 months ago
Selected Answer: B
ECH-11 book, page 1235 reads: "...For example, an attacker gathers random phone numbers of the employees of a target organization. They then start calling each number, pretending to be from the IT department."
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago