What is a social engineering attack?

  1. Manipulating people into divulging confidential information or performing security-violating actions ✓
  2. A password cracking technique
  3. A computer virus
  4. A network intrusion

Correct answer: Manipulating people into divulging confidential information or performing security-violating actions

Social engineering is the practice of psychologically manipulating individuals into revealing confidential information, granting unauthorized access, or performing actions that compromise security, exploiting human trust rather than technical vulnerabilities, which makes Option A the correct definition. Option B is incorrect because password cracking refers to computational techniques such as brute force or dictionary attacks used to recover passwords from hashed or encrypted values, which is a technical rather than a human-manipulation approach. Option C is incorrect because a computer virus is a type of malware that self-replicates by attaching to legitimate files, representing a purely technical threat distinct from psychological manipulation. Option D is incorrect because a network intrusion involves unauthorized access to network infrastructure or systems through technical exploitation, not through manipulating people.

Topic: Security Operations · social engineering, human factor, security awareness, comptia security+

Practice CompTIA Security+ (SY0-701) Questions Free