Which of the following attacks can be best prevented by limiting the amount of electrical signals emitted from a computer system?

A.
Salami attack

B.
Emanations capturing

C.
Password sniffing

D.
IP spoofing

Explanation:
B: Every electrical device emits electrical radiation into the surrounding environment. These waves contain information, comparable to how wireless
technologies work. This radiation can be carried over a distance, depending on the strength of the signals and the material and objects in the surrounding
area. Attackers have used devices to capture this radiation and port them to their own computer systems so that they can access information not intended
for them. Companies that have information of such sensitive nature that attackers would go through this much trouble usually have special computer
systems with shielding that permit only a small amount of electrical signals to be emitted. The companies can also use material within the walls of the
building to stop these types of electrical waves from passing through them.
A is incorrect because a salami attack is one in which the attacker commits several small crimes with the hope that the overall larger crime will go
unnoticed. It has nothing necessarily to do with electrical signals. Salami attacks usually take place in the accounting departments of companies, and the
most common example of a salami attack involves subtracting a small amount of funds from many accounts with the hope that such an insignificant
amount would be overlooked. For example, a bank employee may alter a banking software program to subtract 5 cents from each of the bank’s customers’
accounts once a month and move this amount to the employee’s bank account. If this happened to all of the bank’s 50,000 customer accounts, the intruder
could make up to $30,000 a year.
C is incorrect because password sniffing involves sniffing network traffic with the hope of capturing passwords being sent between computers or
devices. It has nothing necessarily to do with capturing electrical signals. Capturing a password is tricky, because it is a piece of data that is usually only
used when a user wants to authenticate into a domain or access a resource. Some systems and applications do send passwords over the network in clear
text, but a majority of them do not anymore. Instead, the user’s workstation performs a one-way hashing function on the password and sends only the
resulting value to the authenticating system or service. The authenticating system has a file containing all users’ password hash values, not the passwords
themselves, and when the authenticating system is asked to verify a user’s password, it compares the hashing value sent to what it has in its file.
D is incorrect because IP spoofing does not involve the capturing of electrical signals. IP spoofing involves either manually changing the IP address
within a packet to show a different address or, more commonly, using a tool that is programmed to provide this functionality for the attacker. Several
attacks that take place use spoofed IP addresses, which give the victim little hope of finding the real system and individual who initiated the attack.