Which insider attack involves surreptitiously overhearing confidential conversations?

Eavesdropping is the correct term for the insider attack that involves secretly overhearing confidential conversations. This can occur in various contexts, whether in person or through intercepted communications, such as phone calls or digital communications. Eavesdropping aims to gather sensitive information without the knowledge or consent of those engaged in the discussion, making it a critical concern for information security and privacy.

The other options, while related to security breaches, refer to different types of insider threats. Shoulder surfing, for example, involves observing someone’s screen or keyboard input from a nearby position to gain access to confidential information. Impersonation entails pretending to be someone else to access information or systems illegally, often through deceitful means. Pod slurping refers to extracting data from a device, usually via a USB or similar connection, to secure sensitive information stored on it. Each of these practices has distinct methods and implications in the context of security breaches.