A penetration tester needs to obtain sensitive data from several executives who regularly work while commuting by train. Which of the following methods should the tester use for this task?
Shoulder surfing es el método más efectivo en este contexto. Cuando los ejecutivos trabajan en lugares públicos como trenes, un atacante puede visualizar sus pantallas sin ser detectado para recopilar datos confidenciales.
Credential harvesting requiere phishing o explotación directa. Bluetooth spamming y MFA fatigue no aplican directamente en un entorno de observación física.
Referencia: PT0-003 Objective 2.1 – Social engineering and physical observation methods.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit