Questões de Concurso Público TCE-SP 2015 para Agente da Fiscalização Financeira - Infraestrutura de TI e Segurança da Informação

Foram encontradas 4 questões

Q498394 Inglês
Leia o texto para responder a questão.

                                      E-mail Spoofing

           E-mail spoofing is the forgery of an e-mail header so that  the message appears to have originated from someone or  somewhere other than the actual source. Distributors of spam  often use spoofing in an attempt to get recipients to open,  and possibly even respond to, their solicitations. Spoofing can  be used legitimately. However, spoofing anyone other than  yourself is illegal in some jurisdictions.
           E-mail spoofing is possible because Simple Mail Transfer  Protocol (SMTP), the main protocol used in sending e-mail,  does not include an authentication mechanism. Although  an SMTP service extension (specified in IETF RFC 2554)  allows an SMTP client to negotiate a security level with a mail
server, this precaution is not often taken. If the precaution is  not taken, anyone with the requisite knowledge can connect  to the server and use it to send messages. To send spoofed  e-mail, senders insert commands in headers that will alter  message information. It is possible to send a message that
appears to be from anyone, anywhere, saying whatever the  sender wants it to say. Thus, someone could send spoofed  e-mail that appears to be from you with a message that you  didn't write.
          Although most spoofed e-mail falls into the “nuisance" category and requires little action other than deletion, the  more malicious varieties can cause serious problems and  security risks. For example, spoofed e-mail may purport  to be from someone in a position of authority, asking for  sensitive data, such as passwords, credit card numbers, or  other personal information – any of which can be used for a  variety of criminal purposes. One type of e-mail spoofing, self- sending spam, involves messages that appear to be both to  and from the recipient.

                                                               (http://searchsecurity.techtarget.com/definition/em.... Adaptado)
E-mail spoofing is frequently used by
Alternativas
Q498395 Inglês
Leia o texto para responder a questão.

                                      E-mail Spoofing

           E-mail spoofing is the forgery of an e-mail header so that  the message appears to have originated from someone or  somewhere other than the actual source. Distributors of spam  often use spoofing in an attempt to get recipients to open,  and possibly even respond to, their solicitations. Spoofing can  be used legitimately. However, spoofing anyone other than  yourself is illegal in some jurisdictions.
           E-mail spoofing is possible because Simple Mail Transfer  Protocol (SMTP), the main protocol used in sending e-mail,  does not include an authentication mechanism. Although  an SMTP service extension (specified in IETF RFC 2554)  allows an SMTP client to negotiate a security level with a mail
server, this precaution is not often taken. If the precaution is  not taken, anyone with the requisite knowledge can connect  to the server and use it to send messages. To send spoofed  e-mail, senders insert commands in headers that will alter  message information. It is possible to send a message that
appears to be from anyone, anywhere, saying whatever the  sender wants it to say. Thus, someone could send spoofed  e-mail that appears to be from you with a message that you  didn't write.
          Although most spoofed e-mail falls into the “nuisance" category and requires little action other than deletion, the  more malicious varieties can cause serious problems and  security risks. For example, spoofed e-mail may purport  to be from someone in a position of authority, asking for  sensitive data, such as passwords, credit card numbers, or  other personal information – any of which can be used for a  variety of criminal purposes. One type of e-mail spoofing, self- sending spam, involves messages that appear to be both to  and from the recipient.

                                                               (http://searchsecurity.techtarget.com/definition/em.... Adaptado)
According to the text, in order to avoid spoofing, one should
Alternativas
Q498396 Inglês
Leia o texto para responder a questão.

                                      E-mail Spoofing

           E-mail spoofing is the forgery of an e-mail header so that  the message appears to have originated from someone or  somewhere other than the actual source. Distributors of spam  often use spoofing in an attempt to get recipients to open,  and possibly even respond to, their solicitations. Spoofing can  be used legitimately. However, spoofing anyone other than  yourself is illegal in some jurisdictions.
           E-mail spoofing is possible because Simple Mail Transfer  Protocol (SMTP), the main protocol used in sending e-mail,  does not include an authentication mechanism. Although  an SMTP service extension (specified in IETF RFC 2554)  allows an SMTP client to negotiate a security level with a mail
server, this precaution is not often taken. If the precaution is  not taken, anyone with the requisite knowledge can connect  to the server and use it to send messages. To send spoofed  e-mail, senders insert commands in headers that will alter  message information. It is possible to send a message that
appears to be from anyone, anywhere, saying whatever the  sender wants it to say. Thus, someone could send spoofed  e-mail that appears to be from you with a message that you  didn't write.
          Although most spoofed e-mail falls into the “nuisance" category and requires little action other than deletion, the  more malicious varieties can cause serious problems and  security risks. For example, spoofed e-mail may purport  to be from someone in a position of authority, asking for  sensitive data, such as passwords, credit card numbers, or  other personal information – any of which can be used for a  variety of criminal purposes. One type of e-mail spoofing, self- sending spam, involves messages that appear to be both to  and from the recipient.

                                                               (http://searchsecurity.techtarget.com/definition/em.... Adaptado)
In the last sentence of the second paragraph – Thus, someone could send spoofed e-mail that appears to be from you with a message that you didn’t write. – the word “thus” introduces a
Alternativas
Q498397 Inglês
Leia o texto para responder a questão.

                                      E-mail Spoofing

           E-mail spoofing is the forgery of an e-mail header so that  the message appears to have originated from someone or  somewhere other than the actual source. Distributors of spam  often use spoofing in an attempt to get recipients to open,  and possibly even respond to, their solicitations. Spoofing can  be used legitimately. However, spoofing anyone other than  yourself is illegal in some jurisdictions.
           E-mail spoofing is possible because Simple Mail Transfer  Protocol (SMTP), the main protocol used in sending e-mail,  does not include an authentication mechanism. Although  an SMTP service extension (specified in IETF RFC 2554)  allows an SMTP client to negotiate a security level with a mail
server, this precaution is not often taken. If the precaution is  not taken, anyone with the requisite knowledge can connect  to the server and use it to send messages. To send spoofed  e-mail, senders insert commands in headers that will alter  message information. It is possible to send a message that
appears to be from anyone, anywhere, saying whatever the  sender wants it to say. Thus, someone could send spoofed  e-mail that appears to be from you with a message that you  didn't write.
          Although most spoofed e-mail falls into the “nuisance" category and requires little action other than deletion, the  more malicious varieties can cause serious problems and  security risks. For example, spoofed e-mail may purport  to be from someone in a position of authority, asking for  sensitive data, such as passwords, credit card numbers, or  other personal information – any of which can be used for a  variety of criminal purposes. One type of e-mail spoofing, self- sending spam, involves messages that appear to be both to  and from the recipient.

                                                               (http://searchsecurity.techtarget.com/definition/em.... Adaptado)
An example of sensitive data mentioned in the last paragraph is
Alternativas
Respostas
1: D
2: B
3: A
4: E