Certified Ethical Hacker (CEH v11) — Question 214
Sam, a professional hacker, targeted an organization with intention of compromising AWS IAM credentials. He attempted to lure one of the employees of the organization by initiating fake calls while posing as a legitimate employee. Moreover, he sent phishing emails to steal the AWS IAM credentials and further compromise the employee's account.
What is the technique used by Sam to compromise the AWS IAM credentials?
Answer options
- A. Insider threat
- B. Social engineering
- C. Password reuse
- D. Reverse engineering
Correct answer: B
Explanation
The correct answer is B, Social engineering, as Sam used deceptive tactics to manipulate the employee into revealing sensitive information. Options A, C, and D do not accurately describe the method employed; an insider threat involves a legitimate user compromising security, password reuse refers to using the same password across multiple accounts, and reverse engineering is the process of analyzing software or systems to uncover design or implementation details.