Question

A security professional conducts internal training to teach coworkers how to identify a social engineering attack. What types of security issues are they trying to avoid? Select all that apply.

a-Overtaxing systems with too many internal emails.
b-Malicious software being deployed.
c-Phishing attacks.
d-Employees inadvertently revealing sensitive data.

Answer 1

A security professional conducting internal training is trying to avoid malicious software being deployed, phishing attacks, and employees inadvertently revealing sensitive data.

Step-by-step explanation:

The security professional conducting the internal training is trying to avoid several types of security issues, including:

1. Malicious software being deployed: Social engineering attacks can involve tricking employees into downloading and installing malware on their systems, which can lead to unauthorized access and potential data breaches.
2. Phishing attacks: Social engineering attacks often involve phishing, where attackers send deceptive emails or messages to trick employees into disclosing sensitive information, such as usernames, passwords, or financial details.
3. Employees inadvertently revealing sensitive data: Social engineering attacks rely on manipulating employees into sharing confidential information or granting unauthorized access to systems.