SóProvas


ID
1495198
Banca
VUNESP
Órgão
TCE-SP
Ano
2015
Provas
Disciplina
Inglês
Assuntos

Leia o texto para responder a questão.

                                      E-mail Spoofing

           E-mail spoofing is the forgery of an e-mail header so that  the message appears to have originated from someone or  somewhere other than the actual source. Distributors of spam  often use spoofing in an attempt to get recipients to open,  and possibly even respond to, their solicitations. Spoofing can  be used legitimately. However, spoofing anyone other than  yourself is illegal in some jurisdictions.
           E-mail spoofing is possible because Simple Mail Transfer  Protocol (SMTP), the main protocol used in sending e-mail,  does not include an authentication mechanism. Although  an SMTP service extension (specified in IETF RFC 2554)  allows an SMTP client to negotiate a security level with a mail
server, this precaution is not often taken. If the precaution is  not taken, anyone with the requisite knowledge can connect  to the server and use it to send messages. To send spoofed  e-mail, senders insert commands in headers that will alter  message information. It is possible to send a message that
appears to be from anyone, anywhere, saying whatever the  sender wants it to say. Thus, someone could send spoofed  e-mail that appears to be from you with a message that you  didn't write.
          Although most spoofed e-mail falls into the “nuisance" category and requires little action other than deletion, the  more malicious varieties can cause serious problems and  security risks. For example, spoofed e-mail may purport  to be from someone in a position of authority, asking for  sensitive data, such as passwords, credit card numbers, or  other personal information – any of which can be used for a  variety of criminal purposes. One type of e-mail spoofing, self- sending spam, involves messages that appear to be both to  and from the recipient.

                                                               (http://searchsecurity.techtarget.com/definition/em.... Adaptado)

An example of sensitive data mentioned in the last paragraph is

Alternativas
Comentários
  • Personal info is an example.

  • Sensitive data = Dados pessoais!

     

  • GABARITO E

    Sensitive data significa dados confidenciais, portanto, um exemplo disso é personal information, ou seja, dados pessoais.

  • e-

    Personal info as well as credit cards details fall under this category. According to the text, while most spoof attacks are no more than a nuisance, real risk lies in complying to divulge personal data that may be used to harm or compromise someone

  • Um exemplo de dados confidenciais mencionados no último parágrafo é

    (A) criminal purposes.

    fins criminosos.

    (B) self-sending spam.

    spam automático.

    (C) malicious varieties.

    variedades maliciosas.

    (D) security risks.

    riscos de segurança.

    (E) personal information.

    informações pessoais.

    Comentários: O texto enumera alguns dados confidenciais (sensitive data) solicitados via e-mails falsos

    (spoofed e-mail) com fins criminosos (criminal purposes). São eles: senhas (passwords), números de

    cartões de crédito (credit card numbers) ou outras informações pessoais (other personal information)

    – letra E.

    Although most spoofed e-mail falls into the “nuisance” category and requires little action other than

    deletion, the more malicious varieties can cause serious problems and security risks. For example, spoofed email

    may purport to be from someone in a position of authority, asking for sensitive data, such as passwords,

    credit card numbers, or other personal information – any of which can be used for a variety of criminal

    purposes. One type of e-mail spoofing, selfsending spam, involves messages that appear to be both to and

    from the recipient.

    Embora a maioria dos e-mails falsos se enquadrem na categoria "incômodo" e necessitem de uma

    pequena ação além da exclusão, as variedades mais maliciosas podem causar sérios problemas e riscos de

    segurança. Por exemplo, um e-mail falso pode significar ter vindo de alguém em posição de autoridade,

    solicitando dados confidenciais, como senhas, números de cartões de crédito ou outras informações

    pessoais - qualquer um pode ser usado para uma variedade de fins criminosos. Um tipo de falsificação de

    e-mail, o spam automático, envolve mensagens que parecem ambas serem para e do destinatário.

    Gabarito: E