CompTIA Security Plus Mock Test Q369

Datacenter access is controlled with proximity badges that record all entries and exits from the datacenter. The access records are used to identify which staff members accessed the data center in the event of equipment theft. Which of the following MUST be prevented in order for this policy to be effective?

A. Password reuse
B. Phishing
C. Social engineering
D. Tailgating

Correct Answer: D
Section: Compliance and Operational Security

Explanation:
Tailgating is the term used for someone being so close to you when you enter a building that they are able to come in right behind you without needing to use a key, a card, or any other security device. This should be prevented in this case.

Incorrect Answers:
A: Password reuse will not impact on the effectiveness of proximity badges.
B: Phishing is a form of social engineering in which you simply ask someone for a piece of information that you want by making it look like a legitimate request. This is not addressed in
this question.
C: Social engineering is the process by which intruders gain access to any facility by exploiting the generally trusting nature of people. It is a very broad term and includes attacks such
as shoulder surfing, passwords entered on Apple products, dumpster diving, tailgating, impersonation, hoaxes, etc. these are not impacting on the effectiveness of proximity badges.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 405