Use of a smart card to authenticate remote servers remains MOST susceptible to which of the following
attacks?

A.
Malicious code on the local system

B.
Shoulder surfing

C.
Brute force certificate cracking

D.
Distributed dictionary attacks

Explanation:
Once a user authenticates to a remote server, malicious code on the user’s workstation could then infect
the server.
Incorrect Answers:
B: Shoulder surfing is when a malicious user can watch your keyboard or view your display to figure out
your password. This would not work as you are using a smart card.
C: Brute force attacks are designed to try every possible valid combination of characters to construct
possible passwords in the attempt to discover the specific passwords used by user accounts. This would
not work as you are using a smart card.
D: Dictionary attacks create hashes to compare via prebuilt lists of potential passwords. This would not
work as you are using a smart card.

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 278-282