Intruder's Testing Method
Question
An intruder attempted malicious activity and exchanged emails with a user and received corporate information, including email distribution lists.
The intruder asked the user to engage with a link in an email.
When the fink launched, it infected machines and the intruder was able to access the corporate network.
Which testing method did the intruder use?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.A.
The testing method used by the intruder in this scenario is social engineering. Social engineering is a type of attack where the attacker manipulates or tricks individuals into divulging confidential information or performing actions that are detrimental to the organization's security.
In this scenario, the intruder contacted the user via email and engaged in a conversation, possibly pretending to be a trusted source or using a sense of urgency or fear to convince the user to disclose sensitive information. The user then provided the intruder with email distribution lists and engaged with a link in the email, which launched malware that infected machines and provided the intruder with access to the corporate network.
Eavesdropping is a type of attack where the attacker intercepts and listens to network traffic to obtain sensitive information. Piggybacking is a physical security attack where the attacker follows someone into a restricted area to gain unauthorized access. Tailgating is also a physical security attack where the attacker follows someone into a restricted area without proper authentication or clearance.
In conclusion, the most appropriate answer to this question is A. social engineering.
