Unauthorized Account Access Attempt

Caller Identity Verification

Prev Question Next Question

Question

A help desk technician receives a phone call from an individual claiming to be an employee of the organization and requesting assistance to access a locked account.

The help desk technician asks the individual to provide proof of identity before access can be granted.

Which of the following types of attack is the caller performing?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

C.

The caller in this scenario is performing an impersonation attack. Impersonation is a type of social engineering attack where the attacker pretends to be someone else to gain unauthorized access or information. In this case, the attacker is claiming to be an employee of the organization to gain access to a locked account.

By asking the caller to provide proof of identity, the help desk technician is attempting to verify that the caller is indeed who they claim to be. This is a best practice for preventing unauthorized access, as it can be difficult to determine an attacker's true identity over the phone or through electronic communications.

Phishing is a type of social engineering attack where an attacker uses email, text messages, or other electronic communications to trick individuals into revealing sensitive information or clicking on malicious links. Shoulder surfing is a physical attack where an attacker observes someone entering a password or other sensitive information. Dumpster diving is a physical attack where an attacker searches through an organization's trash to find sensitive information.

In conclusion, the caller in this scenario is performing an impersonation attack, and the help desk technician is taking the appropriate steps to prevent unauthorized access by asking for proof of identity.