Tailgating

5 minutes 5 Questions

Tailgating, also known as piggybacking, is a physical social engineering attack that involves an unauthorized person following an authorized individual into a restricted or secure area. The attacker often relies on the target's politeness, or lack of attention, to gain access without proper identification or authentication. Attackers can then access sensitive areas or information, plant monitoring devices, or conduct further attacks from within the secured area. To mitigate tailgating risks, organizations should enforce strict security policies, such as requiring identification at all access points, implementing multi-factor authentication, and educating employees about the risk of tailgating and the importance of maintaining a security-conscious mindset.

Guide: Tailgating in CompTIA Security Plus

Importance:
Tailgating, also known as 'piggybacking', is a critical security concern in both physical and cyber security environments. Understanding this concept is crucial as it exposes the susceptibility of organizations to simple yet effective unauthorized entry tactics, both physically and electronically.

Definition:
Tailgating involves an unauthorized individual following an authorized individual into a restricted area or system. In the context of cyber security, it could also refer to an unapproved entity gaining access to restricted network zones by following an approved entity.

Working:
Tailgating works on the premise of exploiting the human element of security. It involves techniques like social manipulation, deceit or simply waiting for an opportunity to follow someone into a secure area or system. In the cyber context, tailgating could involve strategies like email phishing where the attacker tricks a user into revealing their login credentials.

Exam Tips: Answering Questions on Tailgating:
When addressing exam questions on tailgating:

Understand the definition and working of tailgating in both physical and cyber contexts.
Recognize its implications on overall system security.
Understand preventive measures like enforcing strict entry protocols, periodic security training and sensitive information handling policies.

Test mode:

Exam (Timed)

Practice (With explanations)

Start practice test

Question 1

Scenario: You are a consultant for a company with a history of tailgating incidents. What is the first step you should take in addressing this security risk?

Replace all doors with security gates. Perform a risk assessment to identify the most vulnerable areas. Immediately deploy additional security personnel. Suspend access privileges for all employees.

Correct Answer: Perform a risk assessment to identify the most vulnerable areas.

Performing a risk assessment as the first step will help you identify the most vulnerable areas and prioritize security measures. The other actions could be helpful, but without proper identification of the main risks, these resources might not be optimally allocated.

Question 2

Scenario: You are the security manager at your company. Recently you observed an employee holding the door open for a delivery person, allowing them to enter a restricted area without proper identification. What action should you take?

Ignore the situation, as it likely won't happen again. Initiate mandatory security awareness training for all employees. Report the delivery person to their employer. Punish the employee with a pay cut.

Correct Answer: Initiate mandatory security awareness training for all employees.

The best solution is to initiate mandatory security awareness training for all employees. This will create awareness of tailgating as a security risk and ensure employees understand proper security protocols. The other options are not ideal, as they fail to address the root cause of the issue or might not be effective in preventing future incidents.

Question 3

Scenario: You have implemented a new access control system that requires swiping an ID badge to gain entry to secure areas. You've noticed a group of employees entering together after one swipes their badge. What would be the best solution to mitigate this tailgating risk?

Deploy additional security personnel to monitor the area 24/7. Install a mantrap or turnstile to prevent multiple users from entering with a single ID scan. Revoke access privileges of the employees involved. Equip every employee with personal biometric scanners.

Correct Answer: Install a mantrap or turnstile to prevent multiple users from entering with a single ID scan.

A mantrap or turnstile is the best solution since it physically prevents multiple people from entering with a single ID scan. Additional personnel monitoring or biometric scanners would increase costs without a guarantee of preventing tailgating. The other options either do not address the issue or can create other security risks.

Go Premium