Which of the following are effective countermeasures against passive network-layer attacks?
A. Federated security and authenticated access controls
B. Trusted software development and run time integrity controls
C. Encryption and security enabled applications
D. Enclave boundary protection and computing environment defense
|
Download Printable PDF. VALID exam to help you PASS. |
 |
Probably it refers to passive sniffing.
Passive sniffing is an attack on hub devices.
Network traffic passing through the hub device is sent to all ports so that an attacker can easily capture network traffic.
Given that network traffic is being captured, an effective security measure is communication encryption.
I found this on google:
Passive attacks means that the information is monitored but not altered; others are active, meaning the information is altered with intent to corrupt or destroy the data or the network itself.
Eavesdropping ( A passive attack)
In general, the majority of network communications occur in an unsecured or “cleartext” format, which allows an attacker who has gained access to data paths in your network to “listen in” or interpret (read) the traffic. This is referred to as sniffing or snooping. The ability of an eavesdropper to monitor the network is generally the biggest security problem that administrators face in an enterprise. Without strong encryption services that are based on cryptography, your data can be read by others as it traverses the network.