312-49 · Question #360
312-49 Question #360: Real Exam Question with Answer & Explanation
The correct answer is B: Tailgating. Tailgating (also called piggybacking) is a physical social engineering attack where an unauthorized person follows an authorized employee through a secured door or access point without using their own credentials. In this scenario, the technician disguised as an electrician waite
Question
Paul's company is in the process of undergoing a complete security audit including logical and physical security testing. After all logical tests were performed; it is now time for the physical round to begin. None of the employees are made aware of this round of testing. The security- auditing firm sends in a technician dressed as an electrician. He waits outside in the lobby for some employees to get to work and follows behind them when they access the restricted areas. After entering the main office, he is able to get into the server room telling the IT manager that there is a problem with the outlets in that room. What type of attack has the technician performed?
Options
- AFuzzing
- BTailgating
- CBacktrapping
- DMan trap attack
Explanation
Tailgating (also called piggybacking) is a physical social engineering attack where an unauthorized person follows an authorized employee through a secured door or access point without using their own credentials. In this scenario, the technician disguised as an electrician waited in the lobby and physically followed employees into restricted areas, exploiting the common social courtesy of holding doors open. This bypasses electronic access controls entirely and is a classic physical security vulnerability.
Topics
Community Discussion
No community discussion yet for this question.