Security Awareness Training
Unlock the complete study guide + 1,040 practice questions across 16 full exams.
Bundled into the existing Certified in Cybersecurity premium course — no separate purchase.
Included in this chapter:
- The human is the most-targeted layer
- The social-engineering attack catalog
- Awareness vs training vs education, and password hygiene
- Exam-pattern recognition: naming the attack and the term
Social-engineering attack types
| Attack | Channel | Target | How it works |
|---|---|---|---|
| Phishing | Email (mass) | Anyone | Fraudulent message lures a click, attachment, or credential entry |
| Spear phishing | Email (targeted) | A specific person/group | Personalized phishing using researched details to seem legitimate |
| Whaling | Email (targeted) | Senior executives | Spear phishing aimed at high-value 'big fish' like a CEO or CFO |
| Vishing | Voice call | Anyone | Phone-based pretext to extract info or credentials ('voice phishing') |
| Smishing | SMS / text | Anyone | Phishing via text message with a malicious link or callback number |
| Pretexting | Any channel | Anyone | Inventing a believable false scenario/role to justify the request |
| Baiting | Physical / online | Anyone | Dangling a lure (a 'lost' USB drive, a free download) carrying malware |
| Tailgating | Physical entry | Door access | Following an authorized person through a controlled door uninvited |
Cheat sheet
Unlock with Premium — includes all practice exams and the complete study guide.