CompTIA Security+ Question C-3

All executive officers have changed their monitor location so it cannot be easily viewed when passing by their offices. Which of the following attacks does this action remediate?

A. Dumpster Diving
B. Impersonation
C. Shoulder Surfing
D. Whaling

Answer: C

Viewing confidential information on someone’s monitor is known as shoulder surfing. By moving their monitors so they cannot be seen, the executives are preventing users passing by ‘shoulder surfing’.

Shoulder surfing is using direct observation techniques, such as looking over someone’s shoulder, to get information. Shoulder surfing is an effective way to get information in crowded places because it’s relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an ATM machine, or use a calling card at a public pay phone. Shoulder surfing can also be done long distance with the aid of binoculars or other vision-enhancing devices. To prevent shoulder surfing, experts recommend that you shield paperwork or your keypad from view by using your body or cupping your hand.