Ethical Hacking Essentials Practice Test

The primary tactic employed by an attacker contacting IT support while posing as a distressed employee falls under deception. This approach involves manipulating the perceptions of the IT support personnel to gain unauthorized access or information. By fabricating a narrative of urgency, the attacker aims to instill a sense of trust and urgency, prompting IT support to act quickly without verifying the true identity of the requester.

In this scenario, the attacker might leverage emotional cues and create a story that evokes sympathy, creating a deceptive context that makes it more likely for IT staff to comply with their requests. This tactic exploits human psychology rather than relying solely on technical vulnerabilities, highlighting the importance of awareness and verification in security protocols.

The other options, while potentially relevant in different contexts, do not accurately encapsulate the core tactic being used here. Authority involves leveraging positional power, which is not applicable in this case since the attacker is impersonating someone else. Intimidation might involve threatening behavior, which is not the case if the attacker is posing as a distressed employee. Compromise generally refers to a situation where access is gained through previous breaches, which also does not apply in this scenario of impersonation.