I have some doubts regarding some cccure Quiz questions and concepts mentioned below. Would really appreciate it if you could take out some time and help me with them. Request you to please provide a quick reply as I need to appear for the exam in the month of July.
The correct answer is: Social Engineering is the act of tricking another person into providing information that they otherwise would not. Social Engineering may also incorporate spoofing to trick someone in to believing the fraudster is someone else.
The following answers are incorrect:
Spoofing is incorrect because it is presenting a false context to get someone to make a bad decsion and trickery alone.
Surveillance and Man in the middle are detractors
The following reference(s) were/was used to create this question: Shon Harris, CISSP All-in-One Exam Guide, 3rd Edition, pg 762.
My doubt:Option ‘A’ and ‘D’ also qualify to be correct answers as they can also involve a fraudster tricking a user into making inappropriate security decisions? Moreover, Social Engineering doesn’t include spoofing and Man-in-the-middle attack and cannot be chosen as the broader category of answer.