ExpertEasy1 markMultiple Choice
CPA · Question 39 · Area II: Security
An employee receives an email appearing to be from the CEO asking for an urgent wire transfer. The email address is slightly misspelled. This is an example of:
An employee receives an email appearing to be from the CEO asking for an urgent wire transfer. The email address is slightly misspelled. This is an example of:
Answer options:
A.
SQL Injection
B.
Man-in-the-Middle
C.
Social Engineering (Phishing/BEC)
D.
Ransomware
How to approach this question
Identify the attack vector: Deception of a human.
Full Answer
C.Social Engineering (Phishing/BEC)✓ Correct
This is a classic Business Email Compromise (BEC) or spear-phishing attack, which relies on social engineering to trick the victim.
Common mistakes
Confusing it with technical hacks.
Practice the full CPA ISC Practice Exam 5
82 questions · hints · full answers · grading
More questions from this exam
Q01A service organization provides a cloud-based payroll processing application to its user entities...MediumQ02An auditor is reviewing the shared responsibility model for a client using an Infrastructure as a...HardQ03A financial institution requires a cloud deployment model that offers the highest level of contro...MediumQ04During an IT audit, you observe that a company uses a 'Hybrid Cloud' architecture. Which scenario...MediumQ05Which component of IT architecture is primarily responsible for translating domain names (like ww...Easy