CISSP Question #18: Real Exam Question with Answer & Explanation

The correct answer is B: Secure card reader. ATM skimming involves attackers attaching fraudulent devices to card readers to capture card data. A secure card reader is the direct physical countermeasure that prevents unauthorized overlay devices from functioning.

Submitted by haruto_sh· Mar 5, 2026Asset Security

Question

Which of the following is a physical security control that protects Automated Teller Machines (ATM) from skimming?

Options

AAnti-tampering
BSecure card reader
CRadio Frequency (RF) scanner
DIntrusion Prevention System (IPS)

Explanation

ATM skimming involves attackers attaching fraudulent devices to card readers to capture card data. A secure card reader is the direct physical countermeasure that prevents unauthorized overlay devices from functioning.

Common mistakes.

A. Anti-tampering controls detect or respond to physical interference with a device but do not specifically prevent the card data capture mechanism inherent in skimming attacks.
C. An RF scanner detects radio frequency signals and is used for identifying wireless threats or RFID-based attacks, not for preventing magnetic stripe or chip skimming devices placed on ATM card slots.
D. An Intrusion Prevention System (IPS) is a network-based security control that monitors and blocks malicious network traffic, making it irrelevant to the physical skimming of card data at an ATM terminal.

Concept tested. Physical ATM security controls against skimming

Reference. https://docs.pcisecuritystandards.org/documents/skimming_prevention_best_practices_for_merchants.pdf

Topics

#ATM security#physical security controls#skimming prevention

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions