An employee from the fire Marshall’s office arrives to inspect the data center. The operator allows
him to bypass the multi-factor authentication to enter the data center. Which of the following types
of attacks may be underway?
A.
Impersonation
B.
Hoax
C.
Tailgating
D.
Spoofing
This has to be impersonation, surely?
Surely you can’t be serious?
I am serious, and don’t call me Shurley
Bad question. This could be A or C. The question asks which one “may” be underway. If the person is not actually the fire marshall, then this would be impersonation. However, they would then be tailgating the operator when entering the door without going through the multifactor authentication themselves.
Trick question. An employee from the Fire Marshall’s office is inspecting the data center. No attacks are under way.
I think its A. The keyword for me is “may”. It says the the operator allowed him to pass the multi-factor authentication. Not he might of let him pass. Regardless if he had good or bad intent the operator let him tailgate. What we don’t know, is if he is impersonating a Fire Marshall. He “may” be, we don’t know. This is a difficult trick question.
The operator allowed him to bypass the multi-factor. It is hard question but yourself in the operator place, what do you see first? I see an employee from the fire Marshall’s office (or somebody that pretends it is an employee of the fire…), this means first is impersonation and then tailgating.