nerdexam
ExamsCISSP-ISSMPQuestions#144
(ISC)2(ISC)2

CISSP-ISSMP · Question #144

CISSP-ISSMP Question #144: Real Exam Question with Answer & Explanation

The correct answer is B: Wiretapping. Wiretapping is an act of monitoring telephone and Internet conversations by a third party. It is only legal with prior consent. Legalized wiretapping is generally practiced by the police or any other recognized governmental authority. Answer option C is incorrect. Server Message

Security Leadership and Management

Question

Which of the following is generally practiced by the police or any other recognized governmental authority?

Options

  • APhishing
  • BWiretapping
  • CSMB signing
  • DSpoofing

Explanation

Wiretapping is an act of monitoring telephone and Internet conversations by a third party. It is only legal with prior consent. Legalized wiretapping is generally practiced by the police or any other recognized governmental authority. Answer option C is incorrect. Server Message Block (SMB) signing is a security feature of Windows operating systems. SMB signing ensures that the transmission and reception of files across a network are not altered in any way. As the traditional SMB authentication is vulnerable to man-in- the-middle (MITM) attacks, the secure transmission of SMB traffic is required. Implementing mutual authentication SMB signing protects a network from these attacks. The SMB signing feature adds digital signatures into SMB packets to strengthen SMB authentication. Note. Enabling SMB signing on the network reduces the performance of the network because of the increased processing and network traffic required to digitally sign each SMB packet. Answer option D is incorrect. Spoofing is a technique that makes a transmission appear to have come from an authentic source by forging the IP address, email address, caller ID, etc. In IP spoofing, a hacker modifies packet headers by using someone else's IP address to hide his identity. However, spoofing cannot be used while surfing the Internet, chatting on-line, etc. because forging the source IP address causes the responses to be misdirected. Answer option A is incorrect. Phishing is a type of scam that entice a user to disclose personal information such as social security number, bank account details, or credit card number. An example of phishing attack is a fraudulent e-mail that appears to come from a user's bank asking to change his online banking password. When the user clicks the link available on the e-mail, it directs him to a phishing site which replicates the original bank site. The phishing site lures the user to provide his personal information.

Topics

#Wiretapping#Legal interception#Law enforcement#Investigative techniques

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CISSP-ISSMP PracticeBrowse All CISSP-ISSMP Questions