Social Engineering — CompTIA PenTest+ (PT0-002) Practice Questions
Social engineering covers techniques that manipulate people rather than systems to obtain credentials, sensitive information, or physical access. PT0-002 includes phishing, vishing, smishing, impersonation, and pretexting as in-scope attack vectors that testers may be authorized to execute against a client's workforce. Candidates must understand the psychological principles behind these attacks, the legal and ethical requirements for conducting them, and how to document results without causing lasting harm to targets. This domain also intersects with physical security testing, such as tailgating and badge cloning scenarios.
Free questions on social engineering
During information gathering, a penetration tester discovers email addresses of key employees through LinkedIn and public websites. What type of information gathering is this?
Free question · easy · full answer + explanation
More social engineering questions in the full bank
- Which of the following defenses is most effective against phishing attacks? Unlock answer & explanation →
- Which exploitation technique uses social engineering to gain initial access? Unlock answer & explanation →
- Which type of attack involves tricking users into revealing confidential information? Unlock answer & explanation →