312-50v12 Exam QuestionsBrowse all questions from this exam
Go to Exam

312-50v12 Exam - Question 165

An experienced cyber attacker has created a fake LinkedIn profile, successfully impersonating a high-ranking official from a well-established company, to execute a social engineering attack. The attacker then connected with other employees within the organization, receiving invitations to exclusive corporate events and gaining access to proprietary project details shared within the network. What advanced social engineering technique has the attacker primarily used to exploit the system and what is the most likely immediate threat to the organization?

Show Answer
Correct Answer: B

The attacker created a fake LinkedIn profile and pretended to be a high-ranking official, which matches the definition of pretexting. Pretexting involves constructing a fabricated scenario to obtain information from targets. The attacker gained the trust of employees and accessed sensitive information. The advanced social engineering technique used here is pretexting. The most likely immediate threat to the organization is network vulnerability, as the attacker could exploit connections to compromise network security.

Discussion

13 comments
Sign in to comment
przemyslaw1Option: B
Feb 15, 2024

Pretexting: Fraudsters may impersonate executives from financial institutions, telephone companies, and other businesses. They rely on “smooth-talking” and win the trust of an individual to reveal sensitive information. CEH Module 09 - Social Engineering

misolchang
Feb 22, 2024

I think this is right.

qtygbapjpesdayazko
Mar 24, 2024

This is the way

insaniuntOption: A
Feb 11, 2024

A. Whaling and Targeted Attacks Whaling = An attacker targets high profile executives like CEOs, CFOs, politicians, and celebrities who have complete access to confidential and highly valuable information.The attacker tricks the victim into revealing critical corporate and personal information through email or website spoofing

JustAName
Feb 12, 2024

Here's is my thought. The attacker impersonate as High-level executives, not targeting high-level executives. The attacker then target the rest of the employees, so i think whaling might not be the right answer.

JustAName
Feb 12, 2024

actually, whaling and targeted attacks might be the closest answer here. Attacker impersonate as high-level execs and get access to only exclusive corporate events.

brrbrrOption: A
Feb 21, 2024

Key words is "high-ranking official". then the most likely immediate threat to the organization is targeted attacks.

kennelsOption: B
Feb 25, 2024

I think this comment is right. > Pretexting: Fraudsters may~(przemyslaw1)

Spam_ProtectionOption: B
Mar 10, 2024

Pretexting Fraudsters may impersonate executives from financial institutions, telephone companies, and other businesses. They rely on “smooth-talking” and win the trust of an individual to reveal sensitive information.

qtygbapjpesdayazkoOption: A
Mar 15, 2024

A - Whaling - Key word "high-ranking official"

qtygbapjpesdayazko
Mar 24, 2024

Is not A is Pretexting.

qtygbapjpesdayazkoOption: B
Mar 24, 2024

Keyword "impersonating a high-ranking official" (Pretexting) not targeting CEOs (Whaling). From the book "Pretexting Fraudsters may impersonate executives from financial institutions"

multivolt
Feb 11, 2024

Im unsure about the accuracy of this statement

JustANameOption: C
Feb 12, 2024

I would choose C, should not be A because the person impersonate high-ranking official, not targeting high-ranking official.

dobarbOption: B
Mar 9, 2024

B. CEH 1386 key word is impresonate

LordXanderOption: A
Mar 24, 2024

So, in this context, A & B are strong contenders. A - seems more precies B - has that pretexting definition by the book However, Pretexting is part of Whaling and in the question be have nothing about Network Vulnerability but be have about a targeted Attack. So the final answer, and correct one, is A

rawal_Option: A
Jun 17, 2024

Why Option A (Whaling and Targeted Attacks) is Correct: Impersonation of a high-ranking official: The attacker posed as a senior executive on LinkedIn, which is a typical tactic in whaling attacks where high-profile individuals are impersonated to gain credibility and manipulate targets. Access to proprietary project details: By connecting with employees and gaining access to exclusive corporate events, the attacker successfully obtained sensitive information, demonstrating a targeted attack focused on acquiring valuable corporate data. Therefore, option A (Whaling and Targeted Attacks) best describes the advanced social engineering technique used by the attacker and identifies the most likely immediate threat to the organization

ametahOption: A
Jun 21, 2024

Pretexting Fraudsters may impersonate executives from financial institutions, telephone companies, and other businesses. They rely on “smooth-talking” and win the trust of an individual to reveal sensitive information. CEHv12 Module 09 Page 1386

ametah
Jun 21, 2024

Moderator please correct the vote to B.