Social Engineering — CISSP Practice Questions
Social engineering refers to manipulation techniques that exploit human psychology rather than technical vulnerabilities to gain unauthorized access to information or systems, using approaches such as pretexting, phishing, baiting, and impersonation. Because these attacks target people rather than technology, they can bypass technical controls entirely and are among the most common vectors for data breaches. CISSP candidates must understand the taxonomy of social engineering attacks and the administrative and training controls used to mitigate them.
Free questions on social engineering
What is the primary purpose of security awareness training?
Free question · easy · full answer + explanation
More social engineering questions in the full bank
- What is the purpose of social engineering testing? Unlock answer & explanation →
- An organization is implementing a security awareness training program. Which topic should be PRIORITIZED based on threat landscape trends? Unlock answer & explanation →
- In security awareness, what is a phishing attack? Unlock answer & explanation →