Which of the following is being tested?

In an effort to test the effectiveness of an organization’s security awareness training, a penetrator
tester crafted an email and sent it to all of the employees to see how many of them clicked on the
enclosed links. Which of the following is being tested?

In an effort to test the effectiveness of an organization’s security awareness training, a penetrator
tester crafted an email and sent it to all of the employees to see how many of them clicked on the
enclosed links. Which of the following is being tested?

A.
How many employees are susceptible to a SPAM attack

B.
How many employees are susceptible to a cross-site scripting attack

C.
How many employees are susceptible to a phishing attack

D.
How many employees are susceptible to a vishing attack

Show Hint

Leave a Reply 3

Your email address will not be published. Required fields are marked *

10 + 12 =

Just some IT guy

Just some IT guy

C.

Reply

Paul S

Paul S

the fact that you receive spam means that a spam attack has been successful. Now, if you click on the link inside of a spammed email, that is a phishing attack and you are on the hook. XSS attacks are usually attached to web applications or web servers. Vishing is (VOIP) phone phishing.

Reply

Will

Will

I think C as well, it is by definition a phishing attack if they are trying to get you to click on a link.

Reply