Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Social Engineering Attacks practice sets

220-1102 Social Engineering Attacks • Complete Question Bank

220-1102 Social Engineering Attacks — All Questions With Answers

Complete 220-1102 Social Engineering Attacks question bank — all 0 questions with answers and detailed explanations.

30
Questions
Free
No signup
Certifications/220-1102/Practice Test/Social Engineering Attacks/All Questions
Question 1easymultiple choice
Read the full Social Engineering Attacks explanation →

An employee finds a USB drive labeled 'Employee Salary Info Q4' in the parking lot. Out of curiosity, they plug it into their work computer to see the contents. What type of social engineering attack is this an example of?

Question 2mediummultiple choice
Read the full Social Engineering Attacks explanation →

A new employee receives an email that appears to be from the company's HR department, asking them to click a link to verify their direct deposit information for payroll. The email contains the company logo and looks professional. What is the most likely social engineering attack?

Question 3easymultiple choice
Read the full Social Engineering Attacks explanation →

A user calls the help desk, frantic because their banking app shows an unauthorized transfer of $500. They say they received a call earlier from 'bank security' asking them to install a remote access tool to 'verify their account'. What type of social engineering attack did the user fall victim to?

Question 4hardmultiple choice
Read the full Social Engineering Attacks explanation →

A technician is troubleshooting a user's slow computer. The user mentions they received a call from 'Windows Support' saying their computer had a virus. The user gave the caller remote access to 'fix' it. Now, the computer is running slower and has strange pop-ups. What is the most likely consequence of this social engineering attack?

Question 5easymultiple choice
Read the full Social Engineering Attacks explanation →

A user reports receiving an email that appears to be from their CEO, urgently requesting that they purchase $500 in gift cards and reply with the codes. The email address looks slightly off (e.g., ceo@cornpany.com instead of ceo@company.com). What type of social engineering attack is this?

Question 6hardmultiple choice
Read the full Social Engineering Attacks explanation →

A technician receives an email from what appears to be the company's CEO, asking for a list of all employee passwords for a 'security audit'. The email address is correct, but the tone and request are unusual. The technician suspects a social engineering attack. What is the best course of action?

Question 7easymultiple choice
Read the full Social Engineering Attacks explanation →

A receptionist at a company receives a call from someone claiming to be from the IT department. The caller says they need her password to perform an urgent server update. The receptionist provides the password. What type of social engineering attack is this?

Question 8mediummultiple choice
Read the full Social Engineering Attacks explanation →

During a security audit, a technician notices that an unauthorized person is standing just behind an employee at the secure door, waiting for the employee to badge in so they can enter without badging themselves. What type of social engineering attack is being attempted?

Question 9mediummultiple choice
Read the full Social Engineering Attacks explanation →

A user calls the help desk because they received a pop-up on their screen claiming their computer is infected with a virus and to call a toll-free number for immediate support. The user did not call the number. What should the technician advise the user to do?

Question 10mediummultiple choice
Read the full Social Engineering Attacks explanation →

A technician is configuring a new employee's workstation. The employee mentions that a 'friendly IT guy' from the help desk called earlier and asked for their username and temporary password to 'pre-setup the account'. The employee provided the information. What should the technician do first?

Question 11hardmultiple choice
Read the full Social Engineering Attacks explanation →

An employee finds a USB drive labeled 'Employee Bonuses Q4' in the parking lot and plugs it into their work computer to see the contents. The computer immediately begins exhibiting erratic behavior. Which social engineering attack was executed?

Question 12mediummultiple choice
Read the full Social Engineering Attacks explanation →

A user reports receiving a phone call from someone claiming to be from 'Microsoft Support' saying their computer has a virus and asking for remote access to fix it. The user did not grant access. What type of attack was attempted?

Question 13hardmultiple choice
Read the full Social Engineering Attacks explanation →

A technician receives an email that appears to be from the company's HR department asking them to click a link to update their direct deposit information. The email contains several grammatical errors and the sender's domain is 'company-hr.com' instead of the official 'company.com'. What is the most effective way to confirm this is a phishing attempt?

Question 14easymultiple choice
Read the full Social Engineering Attacks explanation →

A receptionist holds the door for a person carrying a large box, assuming they work in the building. Later, that person is seen plugging a USB drive into a workstation in the finance department. Which social engineering technique was most likely used to gain initial access?

Question 15mediummultiple choice
Read the full Social Engineering Attacks explanation →

A technician is troubleshooting a printer issue and finds a sticky note under the keyboard with the domain admin password written on it. The user says they kept it there 'for convenience.' Which social engineering attack does this practice most enable?

Question 16hardmultiple choice
Read the full Social Engineering Attacks explanation →

During a security audit, a technician discovers that an unauthorized person accessed a restricted server room by pretending to be a fire inspector. The person had a fake ID and clipboard. Which social engineering technique was used, and what is the best mitigation?

Question 17mediummultiple choice
Read the full Social Engineering Attacks explanation →

A customer complains that their computer is running slowly and they keep seeing pop-ups offering free antivirus software. They admit they clicked 'OK' on one pop-up. Which type of social engineering attack has likely occurred?

Question 18easymultiple choice
Read the full Social Engineering Attacks explanation →

A technician receives a call from someone claiming to be from the company's IT security team, asking for the administrator password to 'run a critical update.' The caller's voice sounds stressed and they mention a data breach. What should the technician do?

Question 19mediummultiple choice
Read the full Social Engineering Attacks explanation →

During a software deployment, a user reports that a stranger in a delivery uniform asked to use their computer to 'check a shipment status' and then quickly left. Later, the user notices unusual network activity. What should the technician investigate first?

Question 20easymultiple choice
Read the full Social Engineering Attacks explanation →

A user calls the help desk claiming they received an urgent email from the CEO asking them to purchase gift cards for a client and reply with the codes. The user is suspicious because the email address looks slightly off. What type of social engineering attack is this?

Question 21easymultiple choice
Read the full Social Engineering Attacks explanation →

A new employee is setting up their workstation and receives a phone call from someone claiming to be from the IT department. The caller says there is a critical security update and needs the employee's login credentials to install it remotely. What social engineering principle is the attacker primarily exploiting?

Question 22hardmultiple choice
Read the full Social Engineering Attacks explanation →

A technician is investigating a data breach and discovers that an attacker obtained sensitive files by searching through the company's recycling bins. The bins contained printed reports with customer names and account numbers. What social engineering attack was used?

Question 23mediummultiple choice
Read the full Social Engineering Attacks explanation →

A technician is helping a customer configure a new laptop. The customer mentions they received a pop-up on their old computer warning of a virus and a phone number to call for support. The customer called the number and gave remote access to a 'technician' who then installed several programs. What social engineering attack occurred?

Question 24mediummultiple choice
Read the full Social Engineering Attacks explanation →

During a routine security audit, a technician discovers that an unknown person has been using a badge to enter the building after hours. The badge belongs to a former employee who left the company six months ago. Which type of social engineering attack likely enabled this unauthorized access?

Question 25hardmultiple choice
Read the full Social Engineering Attacks explanation →

During a security audit, a technician finds that a user's workstation was infected with malware after the user inserted a USB drive found in the parking lot. The drive was labeled 'Employee Salary Info Q4'. What social engineering principle did the attacker exploit?

Question 26mediummultiple choice
Read the full Social Engineering Attacks explanation →

A user reports that they received a voicemail from the company's HR director asking them to call back a number to verify their account details for payroll. The user is suspicious because the HR director is on vacation. What type of social engineering attack is this?

Question 27mediummultiple choice
Read the full Social Engineering Attacks explanation →

During a security incident investigation, a technician finds that an attacker called the help desk, pretended to be a new employee who forgot their password, and successfully reset it. The attacker knew the employee's name and department. Which social engineering technique was used?

Question 28mediummultiple choice
Read the full Social Engineering Attacks explanation →

A user reports that they clicked a link in a text message that appeared to be from their bank, warning of suspicious activity. The link led to a realistic-looking login page, but the user realized it was fake after entering their credentials. What type of social engineering attack is this?

Question 29hardmultiple choice
Read the full Social Engineering Attacks explanation →

A security analyst notices that an attacker has been sending emails that appear to come from the company's internal email system, asking employees to click a link to update their shared drive password. The link leads to a fake login page. The attacker is using a spoofed internal domain. What specific type of phishing is this?

Question 30easymultiple choice
Read the full NAT/PAT explanation →

A user calls the help desk, frantic because they received an email from what appears to be the CEO asking them to urgently purchase $500 in gift cards for a client and reply with the codes. The email address looks slightly off, and the signature is missing the usual legal disclaimer. What type of social engineering attack is this most likely an example of?

Practice tests

Scored 10-question sessions with instant feedback and explanations.

220-1102 Practice Test 1 — 10 Questions→220-1102 Practice Test 2 — 10 Questions→220-1102 Practice Test 3 — 10 Questions→220-1102 Practice Test 4 — 10 Questions→220-1102 Practice Test 5 — 10 Questions→220-1102 Practice Exam 1 — 20 Questions→220-1102 Practice Exam 2 — 20 Questions→220-1102 Practice Exam 3 — 20 Questions→220-1102 Practice Exam 4 — 20 Questions→Free 220-1102 Practice Test 1 — 30 Questions→Free 220-1102 Practice Test 2 — 30 Questions→Free 220-1102 Practice Test 3 — 30 Questions→220-1102 Practice Questions 1 — 50 Questions→220-1102 Practice Questions 2 — 50 Questions→220-1102 Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Windows OS Features and ToolsWindows Settings and Control PanelWindows Command-Line ToolsWindows Administrative ToolsmacOS Features and ToolsLinux Commands and File PermissionsMobile OS Features and ToolsVirtualization and Cloud TechnologiesPhysical Security ControlsLogical Security ConceptsWireless Security ProtocolsMalware Types and RemovalSocial Engineering AttacksWindows Security SettingsBrowser and Application SecurityData Destruction and DisposalWindows OS TroubleshootingPC Security Issue RemediationMobile OS and App TroubleshootingSafety Procedures and ComplianceEnvironmental Awareness and ImpactDocumentation and Change ManagementRemote Access TechnologiesScripting BasicsCommunication and ProfessionalismOperating SystemsSecuritySoftware TroubleshootingOperational Procedures

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Social Engineering Attacks setsAll Social Engineering Attacks questions220-1102 Practice Hub