Penetration Test - Select Your Attacks(18)

Physical Security

PHYICAL SECURITY RELATED TO FACILITIES

• Piggybacking/tailgating - unauthorized person following an authorized person through a physical control.
• Fence jumping - physically bypassing a control
• Dumpster diving - looking through trash for useful information
• Lock picking - opening a lock without a proper key
• Lock bypass - Defeating a lock mechanism without picking(i.e. bolt cutter, remove hinges)
• Egress sensor
  • Senses a person approaching a door to leave a facility
  • Opposite of piggybacking
• Badge cloning
  • Copying an RFID badge

QUICK REVIEW

• Piggybacking is often easy - most people want to be courteous
• Trash can contain lots of valuable information
• If you can't open a lock, see if you can get around it easier