Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following is a technique that could be used to
capture network user passwords?
A. Encryption
B. Sniffing
C. Spoofing
D. A signed document cannot be altered.
- 1 Answers
- 5090 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
Sniffing is an attack that can be used to capture sensitive
pieces of information (password), passing through the
network. Encryption is a method of scrambling information to
prevent unauthorized individuals from understanding the
transmission. Spoofing is forging an address and inserting
it into a packet to disguise the origin of the
communication. Data destruction is erasing information or
removing it from its original location.
| Is This Answer Correct ? | 4 Yes | 0 No |
Receiving an EDI transaction and passing it through the communications interface stage usually requires: A. translating and unbundling transactions. B. routing verification procedures. C. passing data to the appropriate application system. D. creating a point of receipt audit log.
The extent to which data will be collected during an IS audit should be determined, based on the: A. availability of critical and required information. B. auditor's familiarity with the circumstances. C. auditee's ability to find relevant evidence. D. purpose and scope of the audit being done.
An IS auditor should use statistical sampling and not judgmental (nonstatistical) sampling, when: A. the probability of error must be objectively quantified. B. the auditor wants to avoid sampling risk. C. generalized audit software is unavailable. D. the tolerable error rate cannot be determined.
Which of the following disaster recovery/continuity plan components provides the GREATEST assurance of recovery after a disaster? A. The alternate facility will be available until the original information processing facility is restored. B. User management was involved in the identification of critical systems and their associated critical recovery times. C. Copies of the plan are kept at the homes of key decision making personnel. D. Feedback to management assuring them that the business continuity plans are indeed workable and that the procedures are current.
The PRIMARY objective of a business continuity and disaster recovery plan should be to: A. safeguard critical IS assets. B. provide for continuity of operations. C. minimize the loss to an organization. D. protect human life.
Which of the following is LEAST likely to be contained in a digital certificate for the purposes of verification by a trusted third party (TTP)/certification authority (CA)? A. Name of the TTP/CA B. Public key of the sender C. Name of the public key holder D. Time period for which the key is valid
Which of the following would BEST support 24/7 availability? A. Daily backup B. Offsite storage C. Mirroring D. Periodic testing
Which of the following security techniques is the BEST method for authenticating a user's identity? A. Smart card B. Biometrics C. Challenge-response token D. User ID and password
Which of the following processes describes risk assessment? Risk assessment is: A. subjective. B. objective. C. mathematical. D. statistical.
Which of the following encrypt/decrypt steps provides the GREATEST assurance in achieving confidentiality, message integrity and nonrepudiation by either sender or recipient? A. The recipient uses his/her private key to decrypt the secret key. B. The encrypted pre-hash code and the message are encrypted using a secret key. C. The encrypted pre-hash code is derived mathematically from the message to be sent. D. The recipient uses the sender's public key, verified with a certificate authority, to decrypt the pre-hash code.
In planning an audit, the MOST critical step is the identification of the:
A control that detects transmission errors by appending calculated bits onto the end of each segment of data is known as a: A. reasonableness check. B. parity check. C. redundancy check. D. check digits.
Cisco Certifications 
