Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Correct Answer: A
Explanation/Reference:
Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access. References: https://en.wikipedia.org/wiki/Social_engineering_(security)
Social engineering is a technique that relies on manipulating individuals into divulging confidential information or performing actions that compromise the security of a system. It often involves psychological manipulation and deception to trick people into revealing sensitive information, such as passwords or access credentials. It is considered a low-tech method because it doesn't rely on sophisticated technical skills but rather exploits human psychology and trust.
Everywhere I found information, including the courseware, it refers to interception of comunication between 2 devices.
P. 1232:
"Eavesdropping refers to an unauthorized person listening to a conversation or reading others’ messages. It includes the interception of any form of communication, including audio, video, or written, using channels such as telephone lines, email, and instant messaging. An attacker can obtain sensitive information such as passwords, business plans, phone numbers, and addresses."
https://www.fortinet.com/resources/cyberglossary/eavesdropping
https://www.investopedia.com/terms/e/eavesdropping-attack.asp
https://www.sangfor.com/glossary/cybersecurity/what-is-eavesdropping-attack-and-how-does-it-work
Voted B. Most of social engineering techniques need mid/high skills to GAIN ACCESS. For me the key is here. Eavesdropping is considered as a low-tech skill.
Social engineering is the art of manipulating people to divulge sensitive information to use it to perform some malicious action. (p. 1201)
Eavesdropping refers to an unauthorized person listening to a conversation or reading others’ messages. It includes the interception of any form of communication, including audio, video, or written, using channels such as telephone lines, email, and instant messaging. (p. 1216)
both are correct in my opinion. Eavesdropping can be non-technical. The question is not specific enough. If my students would get a question like this, they would sew me :-)
Eavesdropping is not MITM...That is sniffing.
Eavesdropping is to listen someone conversation in real life - peoples conversations.
I has nothing to do with network it any IT related.
It has to be B
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
kidneysmasher
Highly Voted 2 years, 11 months agoostorgaf
Most Recent 7 months, 1 week agoawesomeduck
11 months, 4 weeks agonoblethic
1 year, 2 months agojosevirtual
1 year, 3 months agoOyorQSEC
1 year, 3 months agoFamous_Guy
1 year, 4 months agoDaniel8660
1 year, 5 months agoIsharafaz
1 year, 6 months agoastaroth
1 year, 7 months agouday1985
1 year, 9 months agoronxz
1 year, 9 months agomdmdmd
1 year, 10 months agoForrest43
8 months, 2 weeks agoRottenCow21
1 year, 11 months agocazzobsb
1 year, 11 months agopawel_ceh
2 years agospydog
2 years, 1 month ago