CompTIA Security+ Question G-63

A security administrator forgets their card to access the server room. The administrator asks a coworker if they could use their card for the day. Which of the following is the administrator using to gain access to the server room?

A. Man-in-the-middle
B. Tailgating
C. Impersonation
D. Spoofing

Answer: C

Impersonation is where a person, computer, software application or service pretends to be someone or something it’s not. Impersonation is commonly non-maliciously used in client/server applications. However, it can also be used as a security threat.

In this question, by using the coworker’s card, the security administrator is ‘impersonating’ the coworker. The server room locking system and any logging systems will ‘think’ that the coworker has entered the server room.