The stealing of confidential information of a company comes under the scope of:
A.
Reconnaissance
B.
Spoofing attack
C.
Social Engineering
D.
Denial of Service
Explanation:
BD
Social engineering
This is a tough one because it leverages our weakest (very likely) vulnerability in a secure system (data,
applications, devices, networks): the user. If the attacker can get the user to reveal information, it is much
easier for the attacker than using some other method of reconnaissance. This could be done through e-mail or
misdirection of web pages, which results in the user clicking something that leads to the attacker gaining
information. Social engineering can also be done in person or over the phone.
Source: Cisco Official Certification Guide, Table 1-5 Attack Methods, p.13