CISSP – Information Systems Security Architecture Professional (ISSAP) — Question 26

Which of the following types of attack can be used to break the best physical and logical security mechanism to gain access to a system?

Answer options

• A. Social engineering attack
• B. Cross site scripting attack
• C. Mail bombing
• D. Password guessing attack

Correct answer: A

Explanation

A social engineering attack is effective because it exploits human psychology rather than relying on technical vulnerabilities, allowing attackers to bypass both physical and logical security controls. In contrast, cross site scripting, mail bombing, and password guessing attacks typically rely on exploiting specific vulnerabilities or weaknesses, making them less effective against robust security mechanisms.