Interested to Buy Any Domain ? << Click Here >> for more details...
The process of using interpersonal communication skills to
get unauthorized access to company assets is called:
A. wire tapping.
B. trap doors.
C. war dialing.
D. social engineering.
- 1 Answers
- 5888 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
Social engineering is a term that describes a nontechnical
kind of intrusion that relies heavily on human interaction
and often involves tricking other people into breaking
normal security procedures. Wire tapping is a technique used
for getting the signals transmitted over cables without
disturbing the flow between the source and destination. Trap
doors are a deliberately left break in the software source
code by programmers to enable the insertion of additional
debugging code. The trap door may be used later for some
unwanted purposes. War dialing involves trying out all the
published phone numbers of the company to find one that is
connected to a modem and subsequently using that as an entry
point into the corporate databases.
| Is This Answer Correct ? | 4 Yes | 0 No |
The technique used to ensure security in virtual private networks (VPNs) is: A. encapsulation. B. wrapping. C. transform. D. encryption.
A TCP/IP-based environment is exposed to the Internet. Which of the following BEST ensures that complete encryption and authentication protocols exist for protecting information while transmitted? A. Work is completed in tunnel mode with IP security using the nested services of authentication header (AH) and encapsulating security payload (ESP). B. A digital signature with RSA has been implemented. C. Digital certificates with RSA are being used. D. Work is being completed in.TCP services.
The PRIMARY objective of a business continuity and disaster recovery plan should be to: A. safeguard critical IS assets. B. provide for continuity of operations. C. minimize the loss to an organization. D. protect human life.
An IS auditor, in evaluating proposed biometric control devices reviews the false rejection rates (FRRs), false acceptance rates (FARs) and equal error rates (ERRs) of three different devices. The IS auditor should recommend acquiring the device having the: A. least ERR. B. most ERR. C. least FRR but most FAR. D. least FAR but most FRR.
Applying a retention date on a file will ensure that: A. data cannot be read until the date is set. B. data will not be deleted before that date. C. backup copies are not retained after that date. D. datasets having the same name are differentiated.
When auditing the requirements phase of a system development project, an IS auditor would: A. assess the adequacy of audit trails. B. identify and determine the criticality of the need. C. verify cost justifications and anticipated benefits. D. ensure that control specifications have been defined.
An IS auditor performing an audit of the company's IS strategy would be LEAST likely to: A. assess IS security procedures. B. review both short- and long-term IS strategies. C. interview appropriate corporate management personnel. D. ensure that the external environment has been considered.
When reviewing a system development project an IS auditor would be PRIMARILY concerned with whether: A. business objectives are achieved. B. security and control procedures are adequate. C. the system utilizes the strategic technical infrastructure. D. development will comply with the approved quality management processes
An IS auditor discovers that programmers have update access to the live environment. In this situation, the IS auditor is LEAST likely to be concerned that programmers can: A. authorize transactions. B. add transactions directly to the database. C. make modifications to programs directly. D. access data from live environment and provide faster maintenance.
Which of the following is the basic objective of a control self-assessment program?
During an implementation review of a multiuser distributed application, the IS auditor finds minor weaknesses in three areas-the initial setting of parameters is improperly installed, weak passwords are being used and some vital reports are not being checked properly. While preparing the audit report, the IS auditor should: A. record the observations separately with the impact of each of them marked against each respective finding. B. advise the manager of probable risks without recording the observations, as the control weaknesses are minor ones. C. record the observations and the risk arising from the collective weaknesses. D. apprise the departmental heads concerned with each observation and properly document it in the report.
Which of the following is the MOST effective means of determining which controls are functioning properly in an operating system? A. Consulting with the vendor B. Reviewing the vendor installation guide C. Consulting with the system programmer D. Reviewing the system generation parameters
Cisco Certifications 
