CompTIA A+ Core 2 · 220-1102
Objective 2.4: Explain common social engineering attacks, threats, and vulnerabilities
Practice questions for A+ Core 2 objective 2.4, “Explain common social engineering attacks, threats, and vulnerabilities.” Every question is original, written to the 220-1102 exam objectives, and comes with a full explanation — answer them below to see instant grading.
This objective sits in Domain 2.0: Security, which is about 25% of the exam — so mastering it moves your readiness score meaningfully.
1.An attacker poses as a vendor technician and convinces a receptionist to let them into the server room to "service the equipment." Which social engineering technique is primarily being used?
2.An attacker sends a fraudulent email appearing to come from a bank, asking the recipient to click a link and verify their account credentials. Which attack type is this?
3.An attacker positions themselves between two communicating parties, intercepting and potentially altering communications without either party's knowledge. Which attack type is this?
4.An attacker searches through a company's discarded documents in trash bins outside the building to find useful information such as org charts, account numbers, or internal memos. Which attack type is this?
5.An attacker sends a series of login attempts against a user account using previously leaked username/password combinations from other breached websites. Which attack type is this?
Practice every objective, adaptively
CertBench tracks your score on 2.4 and every other objective, then builds a daily plan that targets your weakest spots. Start with the free diagnostic.
Take the free diagnostic