ISC Exam Questions

The art of influencing people to divulge sensitive information about themselves or their organizatio

The art of influencing people to divulge sensitive information about themselves or their organization by either coercion or masquerading as a valid entity is known as

A.
Dumpster diving

B.
Shoulder surfing

C.
Phishing

D.
Social engineering

Explanation:
D: Social engineering is the art of getting people to divulge sensitive information to others either in a friendly manner, as an attempt to be helpful, or through intimidation. Phishing is the form of social engineering using electronic means such as e-mail. Shoulder surfing is a disclosure attack wherein, you stand over the shoulders of someone and read the sensitive information they are viewing. Masking of information (asterisking password) can mitigate shoulder surfing. Dumpster diving is another disclosure attack in which dumpsters are searched to glean sensitive information. Page 178.