PT0-002 · Question #197
PT0-002 Question #197: Real Exam Question with Answer & Explanation
The correct answer is D: Badge cloning. Observing employees leaving their belongings unattended during lunch provides an opportunity for a penetration tester to access and clone an unattended access badge, which would grant seemingly legitimate access to the building without raising immediate alerts.
Question
A penetration tester was hired to perform a physical security assessment of an organization's office. After monitoring the environment for a few hours, the penetration tester notices that some employees go to lunch in a restaurant nearby and leave their belongings unattended on the table while getting food. Which of the following techniques would MOST likely be used to get legitimate access into the organization's building without raising too many alerts?
Options
- ATailgating
- BDumpster diving
- CShoulder surfing
- DBadge cloning
Explanation
Observing employees leaving their belongings unattended during lunch provides an opportunity for a penetration tester to access and clone an unattended access badge, which would grant seemingly legitimate access to the building without raising immediate alerts.
Common mistakes.
- A. Tailgating involves following an authorized person through an access point, but the scenario of unattended belongings doesn't directly facilitate this technique.
- B. Dumpster diving is a technique for information gathering from discarded materials, not for directly gaining physical access into a building with a 'legitimate' appearance.
- C. Shoulder surfing is observing sensitive information like PINs or passwords, which may lead to system access but not directly to gaining 'legitimate access' through a physical entry point.
Concept tested. Physical penetration testing, social engineering
Topics
Community Discussion
No community discussion yet for this question.