CISA Certified Information Systems Auditor – Question1507

Which of the following is a technique that could be used to capture network user passwords?

A.
Encryption
B. Sniffing
C. Spoofing
D. Data destruction

Correct Answer: B

Explanation:

Explanation: Sniffing is an attack that can be used to capture sensitive pieces of information (e.g., a password) passing through the network. Encryption is a method of scrambling information to prevent unauthorized individuals from understanding the transmission. Spoofing is forging an address and inserting it into a packet to disguise the origin of the communication. Data destruction is erasing information or removing it from its original location.