PrepAway - Latest Free Exam Questions & Answers

Using proximity card readers instead of the traditional key punch doors would help to mitigate:

Using proximity card readers instead of the traditional key punch doors would help to mitigate:

PrepAway - Latest Free Exam Questions & Answers

A.
Impersonation

B.
Tailgating

C.
Dumpster diving

D.
Shoulder surfing

Explanation:
Using a traditional key punch door, a person enters a code into a keypad to unlock the door. Someone
could be watching the code being entered. They would then be able to open the door by entering the
code. The process of watching the key code being entered is known as shoulder surfing.
Shoulder surfing is using direct observation techniques, such as looking over someone’s shoulder, to get
information. Shoulder surfing is an effective way to get information in crowded places because it’s
relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an ATM
machine, or use a calling card at a public pay phone. Shoulder surfing can also be done long distance with
the aid of binoculars or other vision-enhancing devices. To prevent shoulder surfing, experts recommend
that you shield paperwork or your keypad from view by using your body or cupping your hand.
Incorrect Answers:
A: Impersonation is where a person, computer, software application or service pretends to be someone
or something it’s not. Impersonation is commonly non-maliciously used in client/server applications.
However, it can also be used as a security threat. Using proximity card readers instead of the traditional
key punch doors would not prevent impersonation.
B: Tailgating in IT security would be an unauthorized person following and authorized person into a
building or room such as a datacenter. If a building has a card reader where an authorized person can
hold up a card to the reader to unlock the door, someone tailgating could follow the authorized person
into the building by walking through the door before it closes and locks. Using proximity card readers
instead of the traditional key punch doors would not prevent tailgating.
C: Dumpster diving is looking for treasure in someone else’s trash. (A dumpster is a large trash container.)
In the world of information technology, dumpster diving is a technique used to retrieve information that
could be used to carry out an attack on a computer network. Dumpster diving isn’t limited to searching
through the trash for obvious treasures like access codes or passwords written down on sticky notes.
Seemingly innocent information like a phone list, calendar, or organizational chart can be used to assist
an attacker using social engineering techniques to gain access to the network. To prevent dumpster
divers from learning anything valuable from your trash, experts recommend that your company establish
a disposal policy where all paper, including print-outs, is shredded in a cross-cut shredder before beingrecycled, all storage media is erased, and all staff is educated about the danger of untracked trash. Using
proximity card readers instead of the traditional key punch doors would not prevent dumpster diving.

http://searchsecurity.techtarget.com/definition/shoulder-surfing
http://searchsecurity.techtarget.com/definition/dumpster-diving


Leave a Reply