An Internet-based attack using password sniffing can:
A. enable one party to act as if they are another party.
B. cause modification to the contents of certain transactions.
C. be used to gain access to systems containing proprietary
information.
D. result in major problems with billing systems and
transaction processing agreements.
- 1 Answers
- 8488 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
Password sniffing attacks can be used to gain access to
systems on which proprietary information is stored. Spoofing
attacks can be used to enable one party to act as if they
are another party. Data modification attacks can be used to
modify the contents of certain transactions. Repudiation of
transactions can cause major problems with billing systems
and transaction processing agreements.
| Is This Answer Correct ? | 8 Yes | 1 No |
Change control procedures to prevent scope creep during an application development project should be defined during: A. design. B. feasibility. C. implementation. D. requirements definition.
Which of the following is widely accepted as one of the critical components in networking management? A. Configuration management B. Topological mappings C. Application of monitoring tools D. Proxy server trouble shooting
The purpose for requiring source code escrow in a contractual agreement is to: A. ensure the source code is available if the vendor ceases to exist. B. permit customization of the software to meet specified business requirements. C. review the source code for adequacy of controls. D. ensure the vendor has complied with legal requirements.
Which of the following types of data validation editing checks is used to determine if a field contains data, and not zeros or blanks? A. Check digit B. Existence check C. Completeness check D. Reasonableness check
Which of the following integrity tests examines the accuracy, completeness, consistency and authorization of data? A. Data B. Relational C. Domain D. Referential
Which of the following findings would an IS auditor be MOST concerned about when performing an audit of backup and recovery and the offsite storage vault? A. There are three individuals with a key to enter the area. B. Paper documents also are stored in the offsite vault. C. Data files, which are stored in the vault, are synchronized. D. The offsite vault is located in a separate facility.
An IS auditor involved as a team member in the detailed system design phase of a system under development would be MOST concerned with: A. internal control procedures. B. user acceptance test schedules. C. adequacy of the user training program. D. clerical processes for resubmission of rejected items.
The corporate office of a company having branches worldwide, developed a control self-assessment program (CSA) for all its offices. Which of the following is the MOST important requirement for a successful CSA? A. Skills of the workshop facilitator B. Simplicity of the questionnaire C. Support from the audit department D. Involvement of line managers
The impact of EDI on internal controls will be: A. that fewer opportunities for review and authorization will exist. B. an inherent authentication. C. a proper distribution of EDI transactions while in the possession of third parties. D. that IPF management will have increased responsibilities over data center controls.
Which of the following would BEST provide assurance of the integrity of new staff? A) Background screening B)References C) Bonding D)Qualifications listed on resume
Which of the following would an IS auditor consider to be the MOST important when evaluating an organization's IS strategy? That it: A. has been approved by line management. B. does not vary from the IS department's preliminary budget. C. complies with procurement procedures. D. supports the business objectives of the organization.
Which of the following fire suppressant systems would an IS auditor expect to find when conducting an audit of an unmanned computer center? A. Carbon dioxide B. Halon C. Dry-pipe sprinkler D. Wet-pipe sprinkler
Cisco Certifications 
