A penetration tester must gain entry to a client's office building without raising attention. Which of the following should be the tester's first step?
A.
Interacting with security employees to clone a badge
B.
Trying to enter the back door after hours on a weekend
C.
Collecting building blueprints to run a site survey
D.
Conducting surveillance of the office to understand foot traffic
The appropriate first step for a low-profile physical access attempt is conducting surveillance to gather information such as entry points, peak/low occupancy times, security guard patterns, camera placement, and typical foot traffic. Surveillance (visual observation, external photography, publicly available schedules) informs a safe, low-risk entry plan and helps the tester choose tactics that minimize attention.
Why not the others first:
A. Interacting with security employees to clone a badge — directly engaging security staff to manipulate them is an escalation and could alert personnel; it’s also ethically/contractually risky if done without prior scoped approval and planning.
B. Trying to enter the back door after hours on a weekend — acting without reconnaissance increases likelihood of detection or legal exposure.
C. Collecting building blueprints to run a site survey — blueprints are useful but often hard to obtain and not the initial low-effort step; surveillance provides immediate, actionable behavioral intelligence.
CompTIA PT0-003 Mapping: Physical security assessments — perform reconnaissance and site survey activities first to develop low-visibility access strategies that adhere to the engagement rules of engagement and legal constraints.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit