Domain 2 - Telecommunications and Network Security Flashcards Preview

CISSP Exam Questions - 250q > Domain 2 - Telecommunications and Network Security > Flashcards

Flashcards in Domain 2 - Telecommunications and Network Security Deck (25):

26. ARP is an acronym for:

a. Address Resolution Protocol
b. Advanced Research Project
c. Anti-virus Resolution Protocol
d. Address Research Project

Explanation: Answer a is correct answer. ARP provides a dynamic mapping of a 32 bit-bit IP address to a 48-bit physical hardware address.


30. The lower layers of the OSI model (layers 1,2, and 3) deal with the following:

a. Defining the characteristics of the systems at the two ends of the communication
b. Deals with end-user interface
c. Deals with the application
d. Defining the network facilities necessary to transfer a message

Explanation: Answer d is correct answer. The lower layers are the Physical, Data Link, and Network; they define the interfaces necessary for transfer. Answer a is incorrect because it defines how the user accesses the network. Answer b is incorrect because the middle layers (presentation, session, and transport) are responsible for networking management, establishes communications session between the two sides and prepares information for the application.


31. One method often used to reduce the risk to a local area network that has external connections is by using:

a. Passwords
b. Dial-back
c. Firewall
d. A token ring

Explanation: Answer c is correct answer. Firewall will best protect the LAN if properly set up and maintained.


41. The use of VLAN (Virtual Local Area Networks), IP Subnets, NAT (Network Address Translation) and Routing provide security through which of the following?

a. The separation of network resources to prevent systems from directly interacting with each other.
b. The hiding of network resources from the boundary protection devices that protect them from attack.
c. Improving the flow of traffic throughout the network to make detection and response to an attack more efficient and effective.
d. These methods can not be used to improve the security of a network.

Explanation: Answer a is correct answer. Separation of resources will provide security when using the weakest link theory. If one resource is compromised the attacker is not able to jump to other resources. Answer b is incorrect; if the network resources hide from the boundary protection devices, they won’t know what to protect. Answer c is incorrect; improving flow of traffic does not make it more secure. Answer d is incorrect since answer a is correct.


53. Zones of control (sometimes referred to as enclaves) do NOT require different levels of security than the corporate network at the following:

a. Intranet
b. Extranet
c. Internet
d. Remote Access

Explanation: Answer a is correct answer. Typically companies do not add additional security to access their Intranet. Answers b, c, and d are incorrect; all require additional security than that required by the corporate network


54. Which of the following is NOT a Passive telecommunications attack (by definition is restricted to observation or other methods that do not alter the data within a system)?

a. Eavesdropping
b. Traffic analysis
c. Disclosure by observation of a screen
d. Computer Virus

Explanation: Answer d is correct answer. The objective of a computer virus is to replicate and will cause harm. Answer a is incorrect; eavesdropping is the unauthorized interception of information-bearing emanations through the use of methods other than wiretapping. Answer b is incorrect; traffic analysis is the inference of information from observation of traffic flows (presence, absence, amount, direction, and frequency). Answer c is incorrect; monitors emit a frequency that can be eavesdropped.


57. Which item is NOT a VPN component?

a. Tunneling
b. Encryption
c. Availability
d. Authentication

Explanation: Answer c is correct answer. VPN’s do not guarantee availability. Answers a, b, and d are all components of a VPN.


58. Which of the following is NOT and example of an Intrusion Detection System?
a. An outsourced monitoring service
b. Anti-virus software
c. Automated review of logs searching for anomalous behavior
d. An incident response team on immediate standby

Explanation: Answer d is correct answer. An incident response teams goes into action when an incident occurs, it does not detect the incident.


60. VPN’s (Virtual Private Networks) do NOT provide the following:

a. Secure Internet-based remote access via a peer to peer VPN
b. Secure dedicated private network connections
c. Secure Extranet access
d. Secure end to end data flow via a gateway to gateway VPN

Explanation: Answer d is correct answer. VPN’s cannot secure the dataflow past the gateway, this leaves the connection between the gateway and the host insecure. Answer a is incorrect; Peer to peer VPN’s provides security from Host to Host. Answer b is incorrect; A VPN may provide secure dedicated private network connections. Answer c is incorrect; A VPN may provide secure Extranet access.


62. Which layer of the OSI model is responsible for security?

a. Application
b. Transport
c. Session
d. Physical

Explanation: Answer c is correct answer. The Session layer typically deals with starting up new tasks, if necessary, and with security (for example, authentication of nodes). Answer a; the Application layer is incorrect because it defines how the user accesses the network. Answer b; the Transport layer in incorrect because this layer is responsible for general network management functions and resource optimization. Answer d is incorrect because the physical layer establishes the physical, mechanical and electrical connection and transmits the actual bits.


67. How many layers in the TCP/IP protocol stack?

a. 1
b. 7
c. 5
d. 4

Explanation: Answer c is correct answer. The TCP/IP protocol stack has five layers, the Physical, Data-Link, Network, Transport, and Application


74. Which of the following is NOT an Active telecommunications attack (by definition attack on the data in the network is altered)?

a. Playback
b. Denial of Service
c. Sniffing
d. Spoofing

Explanation: Answer c is correct answer. Sniffers collect the data going across the network but do not alter it. Answer a is incorrect; Playback occurs when something is recorded and then played back into the process for which it was intended. Answer b is incorrect; denial of service could be software or physical problems). Answer d is incorrect; spoofing is taking over someone’s id.


75. Digital Signatures used in combination with e-mail does NOT provide the following:

a. Integrity
b. Confidentiality
c. Authentication
d. Non-Repudiation

Explanation: Answer b is correct answer. Digital Signatures do not provide confidentiality; the sender may send the document to many people. Answer a is incorrect; a digital signature allows the recipient of a given file or message to detect whether that file or message has been modified. Answer c is incorrect; a digital signature makes it possible to verify cryptographically the identity of the person who signed the message. Answer d is incorrect; a digital signature prevents the sender of a message from later claiming that they never sent it.


76. When using e-mail, which of the following is the BEST way to secure a message?

a. Send message only to the person you want to see it
b. Write the message assuming that someone is listening in
c. Encrypt the message before sending
d. Sign the message using a digital signature

Explanation: Answer c is correct answer. Encrypting on your side will require the receiver to decrypt the message with your public key or a private key given to them. Answer a is incorrect; the message may be intercepted and read. Answer b is incorrect; no protection is assumed and may be read by anyone. Answer d is incorrect; sender is verified, but data is not necessarily secure.


80. Which best describes the definition of Protocol?

a. Multiple communications networks
b. A set of rules for how information is exchanged over a communications network
c. Layering of networks
d. Layering of Suites

Explanation: Answer b is correct answer. Answer b dictates the formats and the sequences of the messages passed between the sender and the receiver. Answers a, c, and d do not define how the communications take place and are therefore wrong.


143. In distributed systems, the basic security problem is knowing:

a. Who to trust
b. When to reconnect
c. How to name resources
d. The order of transactions

Explanation: Answer a is correct answer. Who to trust is the basic problem, the wrong answer can wreck havoc on your systems. Typically you do not have physical access to all the systems so the authentication of each is essential for trust. Answers b, c, and d are not security problems in distributed systems.


164. Which of the following are NOT used for sending information securely over the Internet:

a. SSL
d. SET

Explanation: Answer c is correct answer. HTML stands for Hyper Text Markup Language and controls how Web pages are formatted and displayed. Answer a is incorrect; SSL or Secure Socket Layer is a protocol developed by Netscape for transmitting private documents via the Internet. Answer b is incorrect; S-HTTP or Secure Hyper Text Transfer protocol creates a secure connection between a client and a server. Answer d is incorrect; Secure Electronic Transaction was designed to provide a complete system for electronic transactions securely


166. Which of the following is NOT a communication threat?

a. Masquerade
b. Playback
c. Repudiation
d. Proxies

Explanation: Answer d is the correct answer; Proxies are a type of firewall and help provide secure communications. Answer a is incorrect and occurs when an imposter pretends to be an authorized user. Answer b is incorrect and occurs when someone records a legitimate message and later sends it again (a funds transfer). Answer c is incorrect; someone may deny that they ever received a message, even though they received it.


171. What is the most commonly employed network protocol for remote access systems?

a. DECNet
b. SNA

Explanation: Answer d is correct answer. Most corporations either use TCP/IP as their networks protocol or allow their traffic to be encapsulated over TCP/IP networks. Answers A, B, and C are older protocols that are not widely supported.


176. Which is the most secure type of Modem?

a. Dial-back modems
b. Password modems
c. Encryption modems
d. Silent modems

Explanation: Answer c is correct answer. All information sent via the modem is encrypted when sent and decrypted at reception, they protect against wire tapping and unauthorized users. Answer a is incorrect; dial-back modems can be defeated by call forwarding. Answer b is incorrect; Password modems rely on the strength of the password, which is often weak. Answer c is incorrect; Silent modems won’t signal that the connection has been made until you begin the logon session, but do not secure the data.


182. Which of the following telecommunications media is MOST resistant to tapping?

a. Microwave
b. Twisted pair
c. Fibre optic
d. Coaxial cable

Explanation: Answer c is correct answer. Since signals in fibre optic cabling are in the form of laser light pulses, electromagnetic emissions that might be used to tap the line are essentially nonexistent. Answer a is incorrect; you only have to have access to the path of the microwave to intercept it. Answer b is incorrect; you only have to lop a wire around the twisted pair to pick up emissions. Answer d is incorrect, more secure than either a or b, but can be tapped with inexpensive equipment.


189. Layer 4 of the OSI (Open System Integration) stack is known as?

a. The data link layer
b. The transport layer
c. The network layer
d. The presentation layer

Explanation: Answer b is correct answer per OSI model


190. The most widely used standard for digital certificates is:

a. X.17799
b. X.509
c. POP3
d. X.25

Explanation: Answer b is correct answer. X.509 is an ITU recommendation which means it has not yet been defined or approved and may be implemented in different ways. Answer a is incorrect; there is no standard X.17799. Answer c is incorrect; POP3 stands for Post Office Protocol version 3. Answer d is incorrect; X.25 is CCITT’s (Comite´ Consultatif Internationale Telegraphique et Telephonique protocol for packet-switching networks.


200. To update anti-virus software the quickest, which location is best to update first?

a. Mail server (Notes, Exchange)
b. Network server
c. PC
d. Internet Gateway virus server

Explanation: Answer d is correct answer. With most viruses being spread via the Internet or in e-mail the best location to update anti-virus software first is at the Internet gateway virus server. One update will stop any new viruses from entering the network. Answers a, b, and c, all may/will require multiple updates which will allow the virus to spread while the machines are being updated.


217. To best protect the network from viruses where should anti-virus software be placed?

a. On the firewall
b. On the PC
c. On the router
d. On the server

Explanation: Answer d is correct answer. Server anti-virus software will detect and eradicate viruses at the network level. Answer a is incorrect; anti-virus software should never be placed on the firewall, it slows down the firewall. Answer b is incorrect; anti-virus software on the PC will detect and eradicate viruses on the PC, but not the network. Answer c is incorrect, as there is no anti-virus software developed for routers.