Which statement correctly describes a type of physical social engineering attack?
- Tailgating and piggybacking attacks can only be defeated through the use of control vestibules in conjunction with multifactor authentication.
- Social engineering techniques, software, and hardware can perform badge cloning attacks.
- Shoulder surfing attacks are performed only by a short distance between the threat actor and the victim.
- Dumpster phishing refers to a threat actor who scavenges for victims’ private information in garbage and recycling containers.
| Explanation & Hints:
There are various types of physical attacks. Both piggybacking and tailgating can be defeated through the use of access control vestibules, and it is often used in conjunction with multifactor authentication. Turnstiles, double entry doors, and security guards can also eliminate piggybacking and tailgating. With dumpster diving, a person (threat actor) scavenges for victims’ private information in garbage and recycling containers. In badge cloning attacks, specialized software, hardware, and social engineering techniques can be used to perform such attacks. With shoulder surfing, someone obtains information such as personally identifiable information, passwords, and other confidential data by looking not only over the shoulder of the victim. It is also possible to carry out this type of attack from far away using binoculars or even a telescope.
|