New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GSLC Exam - Topic 2 Question 47 Discussion

Actual exam question for GIAC's GSLC exam
Question #: 47
Topic #: 2
[All GSLC Questions]

John works as an IT Technician for PassGuide Inc. One morning, John receives an e-mail from the company's Manager asking him to provide his logon ID and password, but the company policy restricts users from disclosing their logon IDs and passwords. Which type of possible attack is this?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Deeanna at May 20, 2024, 11:18 AM

Limited Time Offer

25%

Off

Get Premium GSLC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Leah
3 months ago
Really? I thought it could be a phishing attempt too.
upvoted 0 times
...
Cyndy
3 months ago
Seems obvious, but some might fall for it.
upvoted 0 times
...
Bernadine
3 months ago
Wait, are we sure it's not a Trojan horse?
upvoted 0 times
...
Miriam
4 months ago
I agree, that's a classic tactic.
upvoted 0 times
...
Frederic
4 months ago
Definitely social engineering!
upvoted 0 times
...
Ben
4 months ago
I feel like I've seen something similar in a study guide, but I can't recall if it was specifically about social engineering or another type of attack.
upvoted 0 times
...
Anisha
4 months ago
This reminds me of a practice question we did about phishing, which is a type of social engineering. So I guess A is the right answer?
upvoted 0 times
...
Yuette
4 months ago
I'm not entirely sure, but I remember something about replay attacks being related to capturing credentials. Is that relevant here?
upvoted 0 times
...
Elliot
5 months ago
I think this is definitely a case of social engineering since the email is trying to trick John into giving away his credentials.
upvoted 0 times
...
Samuel
5 months ago
Okay, let me break this down step-by-step. The email is asking for sensitive login information, which goes against company policy. That points to a social engineering attack, so I'll go with option A. Gotta stay focused and not overthink these questions.
upvoted 0 times
...
Ivette
5 months ago
Wait, I'm a bit confused. Couldn't this also be a replay attack, where the attacker is trying to reuse the login information? I'll have to review the differences between these attack types to make sure I choose the right one.
upvoted 0 times
...
Crissy
5 months ago
Easy peasy! The email is clearly trying to trick the user into revealing their login credentials, so social engineering is the right answer here. I'm confident I've got this one nailed down.
upvoted 0 times
...
Erick
5 months ago
Hmm, I'm a little unsure about this one. Could it also be a Trojan horse attack since the email is trying to get the user to disclose sensitive information? I'll have to think this through carefully.
upvoted 0 times
...
Burma
5 months ago
This one seems pretty straightforward. The email asking for the login ID and password is a classic social engineering attack, so I'll go with option A.
upvoted 0 times
...
Jose
5 months ago
Okay, let's see here. Connecting to the same network hub or switch as the AP doesn't sound right, that's more for wired networks. Configuring a certificate authority also doesn't seem relevant for a basic wireless setup. I'm pretty confident the answer is B, but I'll double-check my notes just to be sure.
upvoted 0 times
...
Noelia
5 months ago
My notes mention that reading the requirements is important too, but it might not provide direct evidence of reliability. I'm torn between that and comparing to an emulator.
upvoted 0 times
...
Garry
5 months ago
Okay, first I'll calculate the net time per record by adjusting for the fatigue factor. 2.50 * 1.15 = 2.875 minutes per record.
upvoted 0 times
...
Lashandra
5 months ago
This seems like a straightforward question about the key elements of a security policy. I'm pretty confident I can identify the correct answers.
upvoted 0 times
...
Dorinda
5 months ago
Hmm, I'm a bit confused by this question. I'm not sure if the Identity Governance blade or the Set-AzureAdUser cmdlet would be the right approach here. I'll need to review the details more carefully.
upvoted 0 times
...
Roosevelt
5 months ago
Okay, let me review the key characteristics of each type of verbal response. That should help me determine the right answer.
upvoted 0 times
...
Basilia
10 months ago
Definitely a social engineering attack. The manager should know better than to ask for login credentials via email. Maybe they need a refresher on security best practices.
upvoted 0 times
Kanisha
8 months ago
B) DoS
upvoted 0 times
...
Julio
9 months ago
I agree, that's definitely a social engineering attack.
upvoted 0 times
...
Wai
9 months ago
A) Social engineering
upvoted 0 times
...
...
Herminia
10 months ago
Haha, the manager must have lost his login info and is trying to get John's. Nice try, but John is too smart for that!
upvoted 0 times
Rosio
9 months ago
C) Trojan horse
upvoted 0 times
...
Nobuko
9 months ago
B) DoS
upvoted 0 times
...
Mee
10 months ago
A) Social engineering
upvoted 0 times
...
...
Talia
10 months ago
I'm not sure. It could also be a Trojan horse attack if the manager's email is compromised. Better to be safe and not click any links or attachments in the email.
upvoted 0 times
...
Lisbeth
10 months ago
I agree, this is a social engineering attack. John is right to follow the company policy and not disclose his login information.
upvoted 0 times
Lavonda
8 months ago
It's always best to be cautious when it comes to sharing login information, you never know who might be trying to access it.
upvoted 0 times
...
Meaghan
9 months ago
Social engineering attacks can be very deceptive, it's good that John is aware of the risks.
upvoted 0 times
...
Carlota
9 months ago
Exactly, following company policy is important to prevent security breaches.
upvoted 0 times
...
Lavonna
9 months ago
John should not provide his login information, it could be a social engineering attack.
upvoted 0 times
...
...
Joana
10 months ago
It's important for John to follow company policy and not disclose his logon ID and password.
upvoted 0 times
...
Sage
11 months ago
I agree, the Manager is trying to trick John into giving away sensitive information.
upvoted 0 times
...
Adelina
11 months ago
This is clearly a social engineering attack. The manager is trying to trick John into revealing his login credentials, which is a classic social engineering tactic.
upvoted 0 times
Shelton
9 months ago
It's not a replay attack, it's social engineering.
upvoted 0 times
...
Dorian
9 months ago
D) Replay attack
upvoted 0 times
...
Ellsworth
9 months ago
Not a Trojan horse, but a social engineering attack.
upvoted 0 times
...
Eladia
9 months ago
C) Trojan horse
upvoted 0 times
...
Shaun
9 months ago
No, it's not a denial of service attack.
upvoted 0 times
...
Nieves
9 months ago
B) DoS
upvoted 0 times
...
Johnson
10 months ago
That's right, the manager is trying to trick John into revealing his login credentials.
upvoted 0 times
...
Devorah
10 months ago
A) Social engineering
upvoted 0 times
...
...
Werner
11 months ago
That's definitely social engineering.
upvoted 0 times
...

Save Cancel