[CCCure CISSP] Qs1 Law: cccure QuizEngn doubts

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

[CCCure CISSP] Qs1 Law: cccure QuizEngn doubts

Amlan Deb
Hello everyone,
I have some doubts regarding some cccure Quiz questions and concepts mentioned below. Would really appreciate it if you could take out some time and help me with them. Request you to please provide a quick reply as I need to appear for the exam in the month of July.



1.     Question: 2000 | Difficulty: 3/5 | Relevancy: 3/3

An attack that involves an fraudster tricking a user into making inappropriate security decisions is known as:

o      Spoofing

o      Surveillance

o     Social Engineering



You did not provide any answer to this question. Please review details below.

The correct answer is:  Social Engineering is the act of tricking another person into providing information that they otherwise would not. Social Engineering may also incorporate spoofing to trick someone in to believing the fraudster is someone else.

The following answers are incorrect:

Spoofing is incorrect because it is presenting a false context to get someone to make a bad decsion and trickery alone.

Surveillance and Man in the middle are detractors

The following reference(s) were/was used to create this question:  Shon Harris, CISSP All-in-One Exam Guide, 3rd Edition, pg 762.


My doubt:  Option ‘A’ and ‘D’ also qualify to be correct answers as they can also involve a fraudster tricking a user into making inappropriate security decisions? Moreover, Social Engineering doesn’t include spoofing and Man-in-the-middle attack and cannot be chosen as the broader category of answer.


You can find the list archive at:

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below: