nerdexam
Exams220-1002Questions#137
CompTIA

220-1002 · Question #137

220-1002 Question #137: Real Exam Question with Answer & Explanation

The correct answer is D: Shoulder surfing. Shoulder surfing is the practice of physically observing someone's screen, keyboard, or input device to capture sensitive information such as passwords or PINs. It is a low-tech, insider threat commonly associated with malicious employees or nearby individuals in shared spaces. M

Question

Which of the following technologies is used by malicious employees to obtain user passwords?

Options

  • AMain-in-the-middle
  • BPhishing
  • CTailgating
  • DShoulder surfing

Explanation

Shoulder surfing is the practice of physically observing someone's screen, keyboard, or input device to capture sensitive information such as passwords or PINs. It is a low-tech, insider threat commonly associated with malicious employees or nearby individuals in shared spaces. Man-in-the-middle (A) intercepts network communications between two parties-it is a network-layer attack, not a physical observation technique. Phishing (B) is a social-engineering email attack targeting users broadly, not specific to employee observation. Tailgating (C) is physically following an authorized person through a secured door without credentials-it is an access control bypass, not a credential theft method.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 220-1002 Practice