Home CASP+ CAS-003 Question 28

Question 28

0
39

A Chief Information Officer (CIO) publicly announces the implementation of a new financial system. As part of a security assessment that includes a social engineering task, which of the following tasks should be conducted to demonstrate the BEST means to gain information to use for a report on social vulnerability details about the financial system?

A. Call the CIO and ask for an interview, posing as a job seeker interested in an open position

B. Compromise the email server to obtain a list of attendees who responded to the invitation who is on the IT staff

C. Notify the CIO that, through observation at events, malicious actors can identify individuals to befriend

D. Understand the CIO is a social drinker, and find the means to befriend the CIO at establishments the CIO frequents

Correct Answer: D

NO COMMENTS