Question 6 of 60Why are OAuth consent phishing attacks difficult to detect post-compromise?Question 7 of 60Bob receives a call from someone claiming to be from Microsoft IT Security. The caller accurately identifies Bob's role and references a blocked sign-in attempt from overseas. The caller then requests that Bob provide the verification code from his Microsoft Authenticator app to avoid account suspension. What type of attack is being described?Question 8 of 60Which user behaviors increase susceptibility to domain impersonation attacks? Statement A: Failing to verify the full domain spelling carefully Statement B: Clicking links immediately undertime pressure Statement C: Checking the padlock icon only Statement D: Comparing the branding layoutQuestion 9 of 60What does smishing refer to?Question 10 of 60Which combined factors pose the HIGHEST risk during multi-step social engineering campaigns?