Free CompTIA PenTest+ PT0-002 Practice Question
During a penetration testing exercise, you decide to perform social engineering attacks based on the principle of influence. Which of the following actions would be BEST to establish a sense of authority to convince an employee to provide confidential information?
Pose as a high-level executive of the company and request the information through a direct phone call, referencing a critical and confidential business decision.
Pose as a third-party contractor and request sensitive information through a phone call, claiming it's required for an urgent system update.
Send a phishing email requesting a prompt reply with the information needed, without any specific context or established authority.
Impersonate an IT support staff member via email, stating that there is an issue with their account that needs immediate resolution involving sensitive information.
