Learn why phishing is a common attack technique that can bypass firewalls and how to protect yourself and your organization from falling victim to phishing scams. Prepare for the ISACA CISA exam with expert tips and resources.
Table of Contents
Question
Which of the following attack techniques will succeed because of an inherent security weakness in an Internet firewall?
A. Flooding the site with an excessive number of packets
B. Intercepting packets and viewing passwords
C. Phishing
D. Using a dictionary attack of encrypted passwords
Answer
C. Phishing
Explanation
Phishing is a technique that exploits the human factor of security, rather than the technical aspects of a firewall. Phishing involves sending fraudulent emails or messages that appear to come from legitimate sources, such as banks, online services, or colleagues, and tricking the recipients into revealing sensitive information, such as passwords, credit card numbers, or personal details.
Phishing can bypass firewalls because it does not rely on breaking through the network perimeter, but rather on deceiving the users inside the network. Firewalls cannot prevent users from clicking on malicious links or opening malicious attachments that may compromise their systems or accounts. Therefore, phishing is an attack technique that will succeed because of an inherent security weakness in an Internet firewall.
Reference
Isaca Certified Information Systems Auditor CISA certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Isaca Certified Information Systems Auditor CISA exam and earn Isaca Certified Information Systems Auditor CISA certification.