Exam ISO-IEC-27001-Lead-Auditor Topic 3 Question 315 Discussion

Actual exam question for PECB's ISO-IEC-27001-Lead-Auditor exam
Question #: 315
Topic #: 3
You work in the office of a large company. You receive a call from a person claiming to be from the Helpdesk. He asks you for your password.
What kind of threat is this?

Suggested Answer: C Vote an answer

Explanation
This is an example of a social engineering threat, which is a type of human threat that involves manipulating or deceiving people into revealing confidential information, performing unauthorized actions, or compromising the security of information assets. Social engineering techniques can exploit the psychological, emotional, or behavioral vulnerabilities of people, such as trust, curiosity, fear, or greed. A person claiming to be from the Helpdesk and asking for your password is trying to trick you into giving away your credentials, which can be used to access your account or system without your authorization. Therefore, the correct answer is C. References: ISO/IEC 27000:2022, clause 3.25; What is Social Engineering? | Definition and Examples.

by Judith at Apr 25, 2026, 08:38 AM

Limited Time Offer

15%

Off

Get Premium ISO-IEC-27001-Lead-Auditor Questions as Interactive Self Test Engine or PDF

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
0
0
0
10