Question

The penetration tester captures the RFID signature from a legitimate RFID device and then copies it to a fake device. This is commonly done to copy an RFID access badge.

a) Spoofing attack
b) Denial-of-Service (DoS) attack
c) Man-in-the-Middle (MitM) attack
d) Brute force attack

Answer 1

A penetration tester cloning an RFID signature onto a fake device is engaging in a spoofing attack, impersonating a legitimate RFID device to gain unauthorized access.

Step-by-step explanation:

When a penetration tester captures the RFID signature from a legitimate RFID device and then clones it onto a fake device to gain unauthorized access, this type of security breach is known as a spoofing attack. The tester is essentially impersonating the legitimate RFID device by copying its unique signature. This kind of attack is common in situations where access control systems rely on RFID technology, such as entry to secure buildings or areas. The primary purpose of this attack is to deceive the system into believing that the fake device is, in fact, the genuine one, thereby granting access or privileges that should not be available to the attacker.