Understanding Cisco Cybersecurity Fundamentals (SECFND, legacy) — Question 4

Which two activities are examples of social engineering? (Choose two.)

Answer options

• A. receiving call from the IT department asking you to verify your username/password to maintain the account
• B. receiving an invite to your department’s weekly WebEx meeting
• C. sending a verbal request to an administrator to change the password to the account of a user the administrator does know
• D. receiving an email from HR requesting that you visit the secure HR website and update your contract information
• E. receiving an unexpected email from an unknown person with an uncharacteristic attachment from someone in the same company

Correct answer: A, E

Explanation

The correct answers, A and E, are examples of social engineering because they involve deceptive tactics to manipulate individuals into divulging sensitive information. Option A represents a direct request for sensitive credentials, while option E involves an unexpected email that could lead to phishing. Options B, C, and D do not exhibit the same deceptive or manipulative intent characteristic of social engineering activities.