CompTIA Security+ (SY0-701) — Question 108

After a security awareness training session, a user called the IT help desk and reported a suspicious call. The suspicious caller stated that the Chief Financial Officer wanted credit card information in order to close an invoice. Which of the following topics did the user recognize from the training?

Answer options

• A. Insider threat
• B. Email phishing
• C. Social engineering
• D. Executive whaling

Correct answer: C

Explanation

The correct answer is C, Social engineering, which involves manipulating individuals into divulging confidential information. The other options, such as Insider threat and Email phishing, do not accurately describe the scenario where a caller impersonates an executive to gain sensitive data.