During a recent audit, you learn that several employees were duped by attackers who telephoned the help-desk posing as corporate IT staff and obtained temporary VPN passwords. Because many users legitimately request assistance after hours, eliminating phone support is not an option. Which single measure would best reduce the effectiveness of this vishing attack without disrupting normal help-desk operations?
Enable sticky MAC port security on all access switches to block unregistered devices from connecting.
Institute a mandatory call-back procedure that uses the phone number stored in the HR directory before processing any credential-related request.
Prohibit password resets outside of normal business hours to limit help-desk exploitation windows.
Upgrade the corporate wireless network to WPA3-Enterprise with 802.1X authentication.
A mandatory call-back policy forces the help-desk to terminate the inbound call, look up the employee's pre-registered contact number in the HR directory, and place an outbound call to continue the request. Attackers who spoof the internal IT number cannot answer a call made to the employee's real phone, so the social-engineering chain breaks. Port security and WPA3 harden network access but have no impact on voice-based credential harvesting. Time-based restrictions on resets inconvenience legitimate remote staff yet still allow an attacker to succeed during permitted hours.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is vishing and how does it differ from phishing?
Open an interactive chat with Bash
Why is a mandatory call-back method effective against vishing?
Open an interactive chat with Bash
What is the role of HR directories in combating vishing attacks?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Network and Perimeter Hacking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .