CISA Certified Information Systems Auditor – Question2216

Which of the following attack occurs when a malicious action is performed by invoking the operating system to execute a particular system call?

A.
Eavesdropping
B. Traffic analysis
C. Masquerading
D. Interrupt attack

Correct Answer: D

Explanation:

Explanation:
An Interrupt attack occurs when a malicious action is performed by invoking the operating system to execute a particular system call.
Example: A boot sector virus typically issues an interrupt to execute a write to the boot sector.
The following answers are incorrect:
Eavesdropping – is the act of secretly listening to the private conversation of others without their consent, as defined by Black’s Law Dictionary. This is commonly thought to be unethical and there is an old adage that “eavesdroppers seldom hear anything good of themselves…eavesdroppers always try to listen to matters that concern them.”
Traffic analysis – is the process of intercepting and examining messages in order to deduce information from patterns in communication. It can be performed even when the messages are encrypted and cannot be decrypted. In general, the greater the number of messages observed, or even intercepted and stored, the more can be inferred from the traffic. Traffic analysis can be performed in the context of military intelligence, counter-intelligence, or pattern-of-life analysis, and is a concern in computer security.
Masquerading – A masquerade attack is an attack that uses a fake identity, such as a network identity, to gain unauthorized access to personal computer information through legitimate access identification. If an authorization process is not fully protected, it can become extremely vulnerable to a masquerade attack. Masquerade attacks can be perpetrated using stolen passwords and logons, by locating gaps in programs, or by finding a way around the authentication process. The attack can be triggered either by someone within the organization or by an outsider if the organization is connected to a public network. The amount of access masquerade attackers get depends on the level of authorization they’ve managed to attain. As such, masquerade attackers can have a full smorgasbord of cyber crime opportunities if they’ve gained the highest access authority to a business organization. Personal attacks, although less common, can also be harmful.
Reference:
CISA review manual 2014 Page number 322