Which of the following is NOT a common social engineering technique?
Think about whether the technique involves manipulating people or computers.
Brute force attacks target computer systems directly, not people. Social engineering relies on tricking people.
Imagine a user receives an email asking to reset their password by clicking a link. The link leads to a fake website. What is the most likely outcome if the user enters their password?
Consider what happens when you enter sensitive info on a fake site.
Entering the password on a fake site sends it directly to attackers, compromising security.
A caller claims to be from IT support and asks for your login details to fix an urgent problem. Which of these is a red flag indicating a social engineering attempt?
Think about what trustworthy support staff would or wouldn't do.
Legitimate IT support never asks for passwords or forces immediate action without verification.
Which statement best explains the difference between social engineering and technical hacking?
Think about who or what each method tries to fool or attack.
Social engineering manipulates people, while technical hacking attacks systems directly.
You are tasked with improving your company's defense against social engineering attacks. Which of the following measures is most effective?
Consider what helps people avoid being tricked.
Employee training empowers people to spot and stop social engineering attempts, which target human behavior.