What is the primary tactic used in social engineering attacks?

Study for the EC-Council Certified Ethical Hacker Exam v13. Use flashcards and multiple choice questions with hints and explanations. Prepare for your certification exam today!

Multiple Choice

What is the primary tactic used in social engineering attacks?

Explanation:
Social engineering attacks rely on manipulating human behavior rather than exploiting technical flaws. The attacker aims to trigger trust, fear, urgency, or curiosity so the target reveals credentials, grants access, or performs actions that bypass security controls. This makes psychological manipulation the primary tactic, because people are the weak link that tech alone can’t fully secure. By contrast, brute force tries many guesses against a system, password cracking breaks passwords with computational methods, and technical vulnerability exploitation targets flaws in software. Defense hinges on awareness, identity verification, least-privilege access, multi-factor authentication, and clear incident response to stop people from acting on manipulated cues.

Social engineering attacks rely on manipulating human behavior rather than exploiting technical flaws. The attacker aims to trigger trust, fear, urgency, or curiosity so the target reveals credentials, grants access, or performs actions that bypass security controls. This makes psychological manipulation the primary tactic, because people are the weak link that tech alone can’t fully secure. By contrast, brute force tries many guesses against a system, password cracking breaks passwords with computational methods, and technical vulnerability exploitation targets flaws in software. Defense hinges on awareness, identity verification, least-privilege access, multi-factor authentication, and clear incident response to stop people from acting on manipulated cues.

Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy