Eavesdropping involves secretly listening to or monitoring private conversations or communications without permission. This can be done through electronic means, such as tapping into phone lines or intercepting wireless transmissions. Eavesdropping accurately describes the act described in the question, making it the correct answer. Wiretapping is the act of intercepting and listening to telephonic or digital communications, typically by tapping into the wire or cable carrying the communication. Although wiretapping involves intercepting communication, it is a more specific term that focuses on telephonic or wired communication. It may not encompass other forms of communication, such as wireless or digital transmissions. Snooping refers to the unauthorized act of observing or accessing someone else's private information or activities. While snooping can involve digital means, it can also extend to physical intrusion. However, it does not specifically imply intercepting communication or data. Social engineering refers to manipulating people to gain unauthorized access to information or systems. It involves tricking individuals into divulging sensitive information or performing actions that compromise security. While social engineering is a significant security concern, it does not specifically pertain to intercepting or monitoring communication or data.

Mark should be particularly vigilant against the threat of a man-in-the-middle attack. In this type of attack, an unauthorized individual intercepts the communication between two parties, allowing them to potentially eavesdrop on or manipulate the sensitive data being transmitted. Implementing secure communication protocols, such as encryption and digital certificates, helps protect against this threat and ensures the confidentiality of the transmitted data. A replay attack involves capturing and retransmitting legitimate data to deceive a system. While it is a security concern, it does not directly relate to ensuring the confidentiality of sensitive data being transmitted between employees. Unauthorized information alteration refers to the unauthorized modification or tampering of data. While it is a security concern, it does not specifically pertain to ensuring the confidentiality of sensitive data during transmission. Impersonation refers to someone pretending to be another person or entity. While impersonation can be a security concern, it is not specifically related to ensuring the confidentiality of sensitive data during transmission.

Avoiding the reuse of passwords across sites helps ensure that if one account's password is compromised, it doesn't lead to the compromise of other accounts. The length of a password doesn't prevent the password from being reused across accounts. Password complexity refers to the variety of characters used in a password, not the reuse of the password across multiple accounts. Changing a password periodically doesn't prevent the password from being reused across multiple accounts.

Wiretapping is indeed a confidentiality concern. It involves the unauthorized interception and monitoring of communication, which can lead to the exposure of sensitive or confidential information. Wiretapping compromises the confidentiality of communication data by allowing unauthorized individuals to access and gather sensitive information. A power outage is not directly related to confidentiality concerns. A power outage refers to a loss of electrical power supply, which can impact the availability or accessibility of systems and data. However, it does not directly involve the unauthorized disclosure or exposure of confidential information. Impersonation is not primarily associated with confidentiality concerns. Impersonation involves pretending to be someone else or assuming another person's identity, which can lead to various security risks. However, it is more closely associated with integrity concerns (unauthorized modifications or alterations) rather than confidentiality (unauthorized disclosure). Similar to a power outage, a service outage does not directly relate to confidentiality concerns. A service outage refers to the unavailability or disruption of a particular service or system. While it may impact the availability of data, it does not specifically involve the unauthorized disclosure of confidential information.

Obtaining a signed document serves as evidence and proof of a transaction. It provides non-repudiation by ensuring that the sender cannot deny their involvement since their signature confirms their consent or agreement. Video surveillance is a form of monitoring and may provide evidence of activities, but it may not be directly applicable to non-repudiation scenarios. Biometric authentication verifies the identity of individuals based on unique biological traits, such as fingerprints or facial features. While it strengthens authentication, it does not directly address non-repudiation. Storing web browser history is not directly related to non-repudiation. It may be used for auditing purposes but does not provide concrete evidence to prevent the sender from denying their actions.

File level encryption refers to the encryption of individual files and folders on a computer. It provides protection by encrypting the contents of specific files or directories, making them unreadable without the proper decryption key. Network level encryption refers to the encryption of data transmitted over a network, such as through secure protocols like HTTPS or VPN. It is not directly related to protecting files and folders on a computer. Disk level encryption refers to the encryption of an entire disk or storage device, rather than individual files or folders. It provides protection for all data stored on the disk, including the operating system and all files. Mobile device encryption refers to the encryption of data on mobile devices such as smartphones or tablets. It is not specifically related to protecting files and folders on a computer.

Cryptographic hashes are used to verify the integrity of data or a document. By comparing the hash of the received data with the hash of the original data, it can be confirmed whether the data was altered during transmission. PKI is a method of securely exchanging data over networks, it doesn't directly confirm that a digital message or document has not been altered. Symmetric encryption is primarily used to protect confidentiality of the data, not to confirm that the data has not been altered. Asymmetric encryption is mainly used to secure data in transit and for digital signatures, it's not specifically used to confirm that a digital message or document has not been altered.