CompTIA Network+ (N10-009) — Question 319

During a recent security assessment, an assessor attempts to obtain user credentials by pretending to be from the organization's help desk. Which of the following attacks is the assessor using?

Answer options

• A. Social engineering
• B. Tailgating
• C. Shoulder surfing
• D. Smishing
• E. Evil twin

Correct answer: A

Explanation

The correct answer is A, Social engineering, as the assessor is manipulating individuals to gain confidential information by pretending to be a trusted source. The other options do not involve deception to obtain sensitive information; for example, tailgating involves unauthorized physical access, while shoulder surfing refers to observing someone’s information without their consent.