Which of the following is most likely the attack Sam used?

Brandy could not figure out how Sam gained unauthorized access to her system, since he has little computer experience. Which of the following is most likely the attack Sam used?

A.
Dictionary attack

B.
Shoulder surfing attack

C.
Covert channel attack

D.
Timing attack

Explanation:
B: Shoulder surfing is a type of browsing attack in which an attacker looks over another’s shoulder to see items on that person’s monitor or what is being typed
in at the keyboard. Sam probably viewed Brandy’s password as she typed it. Of the attacks listed, this is the easiest to execute in that it does not require any real
knowledge of computer systems.
+ A is incorrect because a dictionary attack is an automated attack involving the use of tools like Crack or L0phtcrack. Sam would need to be aware of these tools
and know how to find and use them. A dictionary attack requires more knowledge of how computer systems work compared to shoulder surfing.
+ C is incorrect because a covert channel attack requires computer expertise. A covert channel is a communications path that enables a process to transmit
information in a way that violates the system’s security policy. Identifying and using a covert channel requires a lot more computer expertise compared to a
shoulder surfing attack.
+ D is incorrect because a timing attack requires intimate knowledge of how software executes its instruction sets so that they can be manipulated. Commonly a
person who could successfully carry out this attack requires programming experience.