220-1102 Practice Question: Phishing uses email to trick victims.

Answer choices

Why each option matters

Good practice is not just finding the correct option. The wrong answers often show the exact trap the exam wants you to fall into.

Answer analysis

Why the other options are wrong

Understanding why incorrect options are tempting is as important as knowing the correct answer.

• ✗

  Vishing

  Vishing (voice phishing) uses telephone calls or voicemail messages to trick victims into revealing sensitive information. This attack used email, not a phone call.

• ✗

  Smishing

  Smishing (SMS phishing) uses text messages to deliver the deceptive link or request. This attack was delivered via email, not SMS.

• ✗

  Tailgating

  Tailgating (or piggybacking) is a physical security attack where an unauthorized person follows an authorized individual into a restricted area. This attack was performed via email, not in person.

Technical deep dive

How to think about this question

Phishing is a social engineering technique where attackers attempt to trick individuals into revealing sensitive information, such as usernames, passwords, or credit card details, by masquerading as a trustworthy entity. In this scenario, the attacker leveraged email as the delivery mechanism, impersonating the company's Human Resources department, which is a common and effective tactic as users often trust communications from internal departments. The email contained a malicious link designed to direct the user to a fraudulent website that mimicked the legitimate company portal. The critical element here is the deceptive nature of the email and the fake website, both designed to harvest credentials under false pretenses. This method exploits human trust and a lack of vigilance, rather than technical vulnerabilities. The defining characteristic that makes phishing the correct answer is the use of email to initiate the deception and direct the victim to a malicious website for credential capture. This clearly distinguishes it from vishing, which relies on voice communication (phone calls), and smishing, which uses SMS text messages. While all three aim to trick users into divulging information, their delivery channels are distinct. Tailgating, on the other hand, is a physical security breach, completely unrelated to digital communication or credential harvesting via deceptive links. The scenario explicitly states the attack originated via email and involved a fake website, perfectly aligning with the definition and common execution of a phishing attack.

More questions from this exam

Keep practising from the same exam bank, or move into a focused topic page if this question exposed a weak area.

FAQ

Questions learners often ask

Keep practising

More 220-1102 practice questions

• →A change advisory board (CAB) approved a standard change to update antivirus definitions on all servers. The technician…
• →A company's change management policy requires all server changes to be approved by the Change Advisory Board (CAB). A te…
• →A company is implementing a bring-your-own-device (BYOD) policy and needs to ensure that corporate data on employee mobi…
• →A company requires employees to present both a smart card and a PIN to log into their workstations. Which authentication…
• →A company requires all Windows 10 workstations to be able to join an Active Directory domain. Which edition of Windows 1…
• →A company wants to allow employees to securely access internal resources from home via the internet. Which method provid…