PrepAway - Latest Free Exam Questions & Answers

The IS auditor should be MOST concerned if a hacker:

An IS auditor is performing a network security review of a telecom company that provides Internet
connection services to shopping malls for their wireless customers. The company uses Wireless
Transport Layer Security (WTLS) and Secure Sockets Layer (SSL) technology for protecting their
customer’s payment information. The IS auditor should be MOST concerned if a hacker:

PrepAway - Latest Free Exam Questions & Answers

A.
compromises the Wireless Application Protocol (WAP) gateway.

B.
installs a sniffing program in front of the server.

C.
steals a customer’s PDA.

D.
listens to the wireless transmission.

Explanation:

In a WAP gateway, the encrypted messages from customers must be decrypted to transmit over
the Internet and vice versA. Therefore, if the gateway is compromised, all of the messages would
be exposed. SSL protects the messages from sniffing on the Internet, limiting disclosure of the
customer’s information. WTLS provides authentication, privacy and integrity and prevents
messages from eavesdropping.


Leave a Reply