CompTIA CASP+ (CAS-003) — Question 383

A security tester is performing a black-box assessment of an RFID access control system. The tester has a handful of RFID tags and is able to access the reader.
However, the tester cannot disassemble the reader because it is in use by the company. Which of the following shows the steps the tester should take to assess the RFID access control system in the correct order?

Answer options

• A. 1. Attempt to eavesdrop and replay RFID communications. 2. Determine the protocols being used between the tag and the reader. 3. Retrieve the RFID tag identifier and manufacturer details. 4. Take apart an RFID tag and analyze the chip.
• B. 1. Determine the protocols being used between the tag and the reader. 2. Take apart an RFID tag and analyze the chip. 3. Retrieve the RFID tag identifier and manufacturer details. 4. Attempt to eavesdrop and replay RFID communications.
• C. 1. Retrieve the RFID tag identifier and manufacturer details. 2. Determine the protocols is being used between the tag and the reader. 3. Attempt to eavesdrop and replay RFID communications. 4. Take apart an RFID tag and analyze the chip.
• D. 1. Take apart an RFID tag and analyze the chip. 2. Retrieve the RFID tag identifier and manufacturer details. 3. Determine the protocols being used between the tag and the reader. 4. Attempt to eavesdrop and replay RFID communications.

Correct answer: B

Explanation

The correct answer is B because it starts with determining the protocols, which is essential for understanding how the system communicates. Next, analyzing the tag's chip provides necessary details about its functionality. Retrieving the identifier and then attempting to eavesdrop allows for a comprehensive assessment of the system's security. The other options either misplace these steps or include disassembly, which is not possible in this scenario.