CISA Certified Information Systems Auditor – Question1622

A perpetrator looking to gain access to and gather information about encrypted data being transmitted over the network would use:

A.
eavesdropping
B. spoofing.
C. traffic analysis.
D. masquerading.

Correct Answer: C

Explanation:

Explanation:
In traffic analysis, which is a passive attack, an intruder determines the nature of the traffic flow between defined hosts and through an analysis of session length, frequency and message length, and the intruder is able to guess the type of communication taking place. This typically is used when messages are encrypted and eavesdropping would not yield any meaningful results, in eavesdropping, which also is a passive attack, the intruder gathers the information flowing through the network with the intent of acquiring and releasing message contents for personal analysis or for third parties. Spoofing and masquerading are active attacks, in spoofing, a user receives an e-mail that appears to have originated from one source when it actually was sent from another source. In masquerading, the intruder presents an identity other than the original identity.