Domain 4 - CISSP

Question 1

What are the container names for network units at each level of the OSI model?

Answer 1

P - Bits
D - Frame
N - Packet
T - Segment (TCP)/Datagram (UDP)
S - PDU (protocol data unit)
P - PDU (protocol data unit)
A - PDU (protocol data unit)

Question 2

What is the mnemonic for the OSI model?

Answer 2

Please (physical)
Do (data link)
Not (network)
Teach (transport)
Surly (session)
People (presentation)
Acronyms (application)

Question 3

At what level of the OSI model does the TLS protocol operate?

Answer 3

Transport layer

Question 4

Which OSI model layer is responsible for guaranteeing delivery?

Answer 4

Transport layer (TCP)

Question 5

What do the first 3 bytes/24 bits of a MAC address signify?

Answer 5

The hardware manufacturer

Question 6

What layer does ARP occur at?

Answer 6

Data link

Question 7

What port is Telnet?

Answer 7

TCP 23. Unecrypted. Don’t use.

Question 8

What port does FTP use?

Answer 8

TCP 20 and 21. Should use SFTP or FTPS instead.

Question 9

What port does TFTP use?

Answer 9

UDP 69

Question 10

What port does POP3 use?

Answer 10

TCP 110

Question 11

What is POP3 used for?

Answer 11

Post Office Protocol (tcp port 110) pulls email messages from email servers down to email clients

Question 12

What port does IMAP4 use?

Answer 12

TCP 143

Question 13

What is IMAP4 used for?

Answer 13

Internet Message Access Protocol (IMAP4, TCP port 143) pulls email messages from an email server down to an email client. Can also be used to delete messages directly off the email server.

Question 14

What port does DHCP use?

Answer 14

UDP 67 and 68. Dynamic Host Configuration Protocol

Question 15

What is a socket?

Answer 15

And IP address and a port number (e.g. 10.100.10.15:8443)

Question 16

How is a TCP connection established?

Answer 16

TCP three-way handshake
Client > SYN > Server
Server responds > SYN/ACK > Client
Client > ACK > Server

Question 17

What are the two ways of a TCP connection?

Answer 17

FIN - finish flag, gracefully shutdown connection
RST - reset flag, immediate and abrupt session termination

Question 18

What is ARP and what does it do?

Answer 18

Address resolution protocol. Resolves an IP address to a MAC address

Question 19

What is a top-level domain?

Answer 19

TLD. the .com of a web address.

Question 20

What port does DNS use?

Answer 20

TCP 53 for zone transfers and UDP 53 for DNS queries.

Question 21

What is DNSSEC?

Answer 21

DNS Security Extensions - improved security for DNS, providing mutual certificate authentication and encrypted sessions (does it?) between devices during DNS operations. Not used by clients.

Question 22

What is DoH?

Answer 22

DNS over HTTPS - provides encrypted DNS queries for clients, since DNSSEC is typically only for DNS servers.

Question 23

What is DNS poisoning?

Answer 23

The act of falsifying the DNS information used by a client to reach a desired system.

Question 24

What is a rogue DNS server?

Answer 24

A malicious server that listens to network traffic and responds to DNS queries with false IP information.

Question 25

How does a WAN differ from a LAN?

Answer 25

WAN's are not limited by geographic boundaries. They can span a region or the entire globe. WANs typically use leased or external connections and links.

Question 26

What is a dual-stack IP setup?

Answer 26

Both IPv4 and IPv6 run and devices can communicate on either, but adds overhead to network infrastructure.

Question 27

What is IP tunneling?

Answer 27

Where two IPv6 hosts can create a tunnel for traffic over an IPv4 network.

Question 28

What is IP translation?

Answer 28

Enables an IPv4 host to talk to an IPv6 host.

Question 29

What is a boundary network?

Answer 29

a subnet positioned on the edge of a LAN to isolate certain activities, for instance a DMZ where external users can access resources.

Question 30

What is an extranet?

Answer 30

a subnet with resources that are accessible by authorized external users (e.g. business partners), usually through a VPN.

Question 31

What is a 3-homed firewall setup?

Answer 31

The firewall is connected to the Internet, the DMZ, and the private LAN on separate interfaces, and all traffic must go through the firewall.

Question 32

What is a N-Tier network setup?

Answer 32

Where there is a firewall on either side of the DMZ/extranet.