24 Nov Practice Test Question: Social Engineering
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
In a recent social engineering attack, the attacker found an employee of the target company at his gym and struck up a friendship there for several months before trying to slowly extract sensitive corporate information from the employee. What principle of social engineering is the attacker trying to exploit?
Correct Answer: C
This is a clear example of familiarity and liking. The attacker built up a relationship over time with the employee until they had a strong bond. He then leveraged that relationship to slowly extract information from the target.