CompTIA Exam PT0-003 Topic 4 Question 17 Discussion

Actual exam question for CompTIA's PT0-003 exam

Question #: 17
Topic #: 4

During a red-team exercise, a penetration tester obtains an employee's access badge. The tester uses the badge's information to create a duplicate for unauthorized entry. Which of the following best describes this action?

ASmurfing

BCredential stuffing

CRFID cloning

DCard skimming

Show Suggested Answer

Suggested Answer: C

RFID Cloning:

RFID (Radio-Frequency Identification) cloning involves copying the data from an access badge and creating a duplicate that can be used for unauthorized entry.

Tools like Proxmark or RFID duplicators are commonly used for this purpose.

Why Not Other Options?

A (Smurfing): A network-based denial-of-service attack, unrelated to physical access.

B (Credential stuffing): Involves using stolen credentials in bulk for authentication attempts, unrelated to badge cloning.

D (Card skimming): Relates to stealing credit card information, not access badges.

CompTIA Pentest+ Reference:

Domain 3.0 (Attacks and Exploits)

by Theresia at Jan 09, 2025, 11:43 PM

Limited Time Offer

25%

Off

Get Premium PT0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Raylene

5 months ago

I'm not sure, but I think D) Card skimming could also be a possibility since it involves obtaining card information without authorization.

upvoted 0 times

...

Venita

5 months ago

B) Credential stuffing? Nah, this is straight-up RFID cloning. The tester's got skills, that's for sure.

upvoted 0 times

...

Ilda

5 months ago

A) Smurfing? Sounds like a job for the Smurf squad! But in this case, it's all about that badge cloning.

upvoted 0 times

...

Wenona

5 months ago

I agree with Lavonne, because the penetration tester is creating a duplicate access badge using RFID information.

upvoted 0 times

...

Laine

5 months ago

D) Card skimming? More like card swiping, am I right? This tester is really going places, literally and figuratively.

upvoted 0 times

Curt

4 months ago

A) Smurfing doesn't seem right. The tester is definitely going for unauthorized access.

upvoted 0 times

...

Dottie

4 months ago

A) Smurfing? That doesn't sound right. The tester definitely crossed a line with this stunt.

upvoted 0 times

...

Melissia

4 months ago

C) RFID cloning seems like the best fit here. The tester is definitely taking advantage of the situation.

upvoted 0 times

...

Amie

4 months ago

C) RFID cloning is a serious security breach. The company needs to tighten their access control measures.

upvoted 0 times

...

Dell

4 months ago

D) Card swiping sounds more accurate. This tester is definitely bold.

upvoted 0 times

...

Benedict

4 months ago

D) Card skimming

upvoted 0 times

...

Barrett

4 months ago

D) Card swiping sounds more accurate. This tester is definitely bold.

upvoted 0 times

...

Erick

4 months ago

D) Card skimming

upvoted 0 times

...

Donette

4 months ago

C) RFID cloning

upvoted 0 times

...

Carlota

4 months ago

B) Credential stuffing

upvoted 0 times

...

Edward

4 months ago

C) RFID cloning

upvoted 0 times

...

Cherrie

4 months ago

B) Credential stuffing

upvoted 0 times

...

Lashandra

4 months ago

A) Smurfing

upvoted 0 times

...

Jimmie

5 months ago

A) Smurfing

upvoted 0 times

...

Lavonne

5 months ago

I think the answer is C) RFID cloning.

upvoted 0 times

...

Dean

5 months ago

C) RFID cloning - that's the one! Gotta love that fancy technology, even if it's used for nefarious purposes.

upvoted 0 times

Cecilia

4 months ago

D) Card skimming

upvoted 0 times

...

Maricela

4 months ago

C) RFID cloning

upvoted 0 times

...

Bronwyn

4 months ago

B) Credential stuffing

upvoted 0 times

...

Cary

5 months ago

A) Smurfing

upvoted 0 times

...