Ethical Hacking Essentials Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for your Ethical Hacking Essentials Test. Study with flashcards and multiple choice questions with detailed hints and explanations. Enhance your cybersecurity skills and get ready for your exam!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

In a scenario where an attacker contacts IT support claiming to be a distressed employee, what is the primary tactic employed by the attacker?

  1. Intimidation

  2. Authority

  3. Compromise

  4. Deception

The correct answer is: Deception

The primary tactic employed by an attacker contacting IT support while posing as a distressed employee falls under deception. This approach involves manipulating the perceptions of the IT support personnel to gain unauthorized access or information. By fabricating a narrative of urgency, the attacker aims to instill a sense of trust and urgency, prompting IT support to act quickly without verifying the true identity of the requester. In this scenario, the attacker might leverage emotional cues and create a story that evokes sympathy, creating a deceptive context that makes it more likely for IT staff to comply with their requests. This tactic exploits human psychology rather than relying solely on technical vulnerabilities, highlighting the importance of awareness and verification in security protocols. The other options, while potentially relevant in different contexts, do not accurately encapsulate the core tactic being used here. Authority involves leveraging positional power, which is not applicable in this case since the attacker is impersonating someone else. Intimidation might involve threatening behavior, which is not the case if the attacker is posing as a distressed employee. Compromise generally refers to a situation where access is gained through previous breaches, which also does not apply in this scenario of impersonation.

More Questions Like This