Two-factor authentication can be circumvented through which of the following attacks?
Two-factor authentication can be circumvented through which of the following attacks?
An organization can ensure that the recipients of e-mails from its employees can authenticate the identity of
An organization can ensure that the recipients of e-mails from its employees can authenticate the identity of the sender by:
Sending a message and a message hash encrypted by the senders private key will ensure:
Sending a message and a message hash encrypted by the senders private key will ensure:
Which of the following is a passive attack to a network?
Which of the following is a passive attack to a network?
An organization has a mix of access points that cannot be upgraded to stronger security and newer access point
An organization has a mix of access points that cannot be upgraded to stronger security and newer access points having advanced wireless security. An IS auditor recommends replacing the non-upgradeable access points. Which of the following would BEST justify the IS auditors recommendation?
An investment advisor e-mails periodic newsletters to clients and wants reasonable assurance that no one has m
An investment advisor e-mails periodic newsletters to clients and wants reasonable assurance that no one has modified the newsletter. This objective can be achieved by:
An IS auditor reviewing wireless network security determines that the Dynamic Host Configuration Protocol is d
An IS auditor reviewing wireless network security determines that the Dynamic Host Configuration Protocol is disabled at all wireless access points. This practice:
A virtual private network (VPN) provides data confidentiality by using:
A virtual private network (VPN) provides data confidentiality by using:
In auditing a web server, an IS auditor should be concerned about the risk of individuals gaining unauthorized
In auditing a web server, an IS auditor should be concerned about the risk of individuals gaining unauthorized access to confidential information through:
An IS auditor reviewing access controls for a client-server environment should FIRST:
An IS auditor reviewing access controls for a client-server environment should FIRST: