PT0-002 · Question #54
PT0-002 Question #54: Real Exam Question with Answer & Explanation
The correct answer is B: Dumpster diving. Without shredders in an office building, dumpster diving is the best physical penetration testing technique to gain confidential information by retrieving discarded documents.
Question
A penetration tester who is performing a physical assessment of a company's security practices notices the company does not have any shredders inside the office building. Which of the following techniques would be BEST to use to gain confidential information?
Options
- ABadge cloning
- BDumpster diving
- CTailgating
- DShoulder surfing
Explanation
Without shredders in an office building, dumpster diving is the best physical penetration testing technique to gain confidential information by retrieving discarded documents.
Common mistakes.
- A. Badge cloning requires physical access to an existing badge and specialized equipment, and while effective for access, it doesn't directly yield confidential information from discarded materials.
- C. Tailgating involves following an authorized person into a restricted area, providing physical access but not directly acquiring documents or data as efficiently as dumpster diving in this specific scenario.
- D. Shoulder surfing involves observing someone entering credentials or sensitive data, which is effective but relies on direct observation of an active user, not on the absence of shredders.
Concept tested. Physical penetration testing techniques
Topics
Community Discussion
No community discussion yet for this question.