Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What attack involves an insider entering a restricted area by following an authorized person?

  1. Impersonation

  2. Tailgating

  3. Physical Breach

  4. Access Control Breach

The correct answer is: Tailgating

The correct answer is tailgating. This type of attack occurs when an unauthorized individual gains access to a restricted area by closely following an authorized person, taking advantage of the legitimate entry granted to the authorized individual. Tailgating exploits social engineering techniques, where the unauthorized person relies on the trust or unawareness of the authorized individual to gain entry without proper credentials. In scenarios like this, the unauthorized person typically maintains proximity to the authorized user, entering through secure doors and access points without using their own access credentials. This method can be particularly effective in organizations where physical security measures do not prevent someone from following another person closely, thus highlighting the importance of awareness and vigilance in security protocols. The other options highlight different aspects of security and attack methods but do not directly describe the specific action of following someone to gain unauthorized access to a restricted area. Impersonation involves pretending to be someone else to gain access, while a physical breach refers to a more direct unauthorized entry. An access control breach can encompass a variety of unauthorized access methods but does not specifically capture the scenario of following an authorized individual.

More Questions Like This