Security Plus Practice Test 2026 - Free Security+ Certification Practice Questions and Study Guide

The correct choice involves social engineering, which is a manipulation technique that exploits human psychology to persuade individuals into divulging confidential information or performing actions that compromise their security. In this context, using authority means that an attacker may impersonate someone in a position of power, such as a supervisor or an IT personnel, to convince victims that their request is legitimate. This tactic plays on the trust and respect individuals often have for authority figures, lowering their defenses and making them more vulnerable to manipulation.

Social engineering can take various forms, including phishing, pretexting, or other deceptive tactics where trust is directed to achieve specific goals, such as accessing sensitive information or compromising system security. This highlights the importance of security awareness training among employees to recognize and appropriately respond to potential social engineering attacks.

In contrast, the other attack methods, such as tailgating, hoaxes, and vishing, involve different approaches that do not primarily focus on manipulating users through appeals to authority. Tailgating refers to a physical security breach where an unauthorized person follows an authorized person into a secure area. Hoaxes typically involve false information intended to create panic or confusion rather than exploiting trust. Vishing (voice phishing) involves phone calls that deceive individuals into revealing personal information but may not