While conducting an assessment, a penetration tester identifies the details for several unreleased products announced at a company-wide meeting. Which of the following attacks did the tester most likely use to discover this information?
Eavesdropping involves intercepting communications between parties without their consent. If the details were obtained from a meeting, it likely involved intercepting audio or network communications, such as unsecured VoIP calls, radio signals, or in-room microphones.
Why Not Other Options?
B (Bluesnarfing): Targets Bluetooth-enabled devices, which is unlikely to apply to general meeting communications.
C (Credential harvesting): Focuses on collecting user credentials and does not explain the discovery of product details from a meeting.
D (SQL injection): Exploits databases and is unrelated to capturing meeting communication.
CompTIA Pentest+ References:
Domain 3.0 (Attacks and Exploits)
Techniques for Intercepting Communication
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit