CompTIA Security Plus Mock Test Q910

Use of a smart card to authenticate remote servers remains MOST susceptible to which of the following attacks?

A. Malicious code on the local system
B. Shoulder surfing
C. Brute force certificate cracking
D. Distributed dictionary attacks


Correct Answer: A
Section: Access Control and Identity Management

Explanation:
Once a user authenticates to a remote server, malicious code on the user’s workstation could then infect the server.

Incorrect Answers:
B: Shoulder surfing is when a malicious user can watch your keyboard or view your display to figure out your password. This would not work as you are using a smart card.
C: Brute force attacks are designed to try every possible valid combination of characters to construct possible passwords in the attempt to discover the specific passwords used by
user accounts. This would not work as you are using a smart card.
D: Dictionary attacks create hashes to compare via prebuilt lists of potential passwords. This would not work as you are using a smart card.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 278-282