An organization is evaluating its defenses against cyber security threats and is concerned about the risks of social engineering by cyber criminals. How might these attacks happen?
C. Phishing emails
Explanation:
Phishing emails are a common form of social engineering attack, where cybercriminals impersonate legitimate entities (e.g., a trusted organization or person) to trick individuals into revealing sensitive information, such as passwords or financial details. This is one of the most common methods used to exploit human psychology rather than technical vulnerabilities.
Why not the other options?
A. SQL injection attacks:
SQL injection is a type of attack where malicious code is injected into a database query to gain unauthorized access. It is not a social engineering attack, as it targets technical vulnerabilities in applications.
B. Physical damage to hardware:
Physical attacks on hardware, such as destroying or tampering with equipment, are not social engineering attacks, as they involve direct physical access to devices rather than exploiting human behavior.
D. Distributed denial-of-service attacks (DDoS):
DDoS attacks overwhelm a network or server with traffic to make it unavailable. While it is a security threat, it does not involve social engineering tactics.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
joshnort
3 months, 1 week agojoshnort
3 months, 1 week ago