CompTIA PenTest+ (PT0-003) — Question 159

During a red-team exercise, a penetration tester obtains an employee's access badge. The tester uses the badge's information to create a duplicate for unauthorized entry. Which of the following best describes this action?

Answer options

• A. Smurfing
• B. Credential stuffing
• C. RFID cloning
• D. Card skimming

Correct answer: C

Explanation

The correct answer is C, RFID cloning, as it specifically refers to the process of duplicating RFID badges to gain unauthorized access. The other options do not accurately describe this action: Smurfing involves distributing a denial-of-service attack, credential stuffing refers to using stolen credentials across multiple accounts, and card skimming pertains to capturing card information through a device.