During a red-team exercise, a penetration tester obtains an employee ' s access badge. The tester uses the badge’s information to create a duplicate for unauthorized entry.
Which of the following best describes this action?
RFID cloning involves copying data from an existing access card to create a duplicate badge. Attackers use tools like Proxmark3 or Flipper Zero to capture and replicate RFID signals.
Option A (Smurfing) ❌: A DDoS attack technique, unrelated to physical security.
Option B (Credential stuffing) ❌: Uses compromised usernames/passwords, not RFID badges.
Option C (RFID cloning) ✅: Correct. Creates a duplicate access badge using RFID technology.
Option D (Card skimming) ❌: Steals credit card data, but does not duplicate RFID badges.
???? Reference: CompTIA PenTest+ PT0-003 Official Guide – Physical Security Testing & RFID Cloning
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit