CISSP- Telecommunications & Networking
(142).jpg "CISSP- Telecommunications & Networking - Quiz")
.
- 1.
In the OSI reference model, on which layer can Ethernet (IEEE 802.3) be described?
- A.
Layer 1—Physical layer
- B.
Layer 2—Data-link layer
- C.
Layer 3—Network Layer
- D.
Layer 4—Transport Layer
Correct Answer
B. Layer 2—Data-link layerExplanation
Layer 2, the data-link layer, describes data transfer between
machines, for instance, by an Ethernet. Page 735.Rate this question:
-
- 2.
Which of the following tactics might be considered a part of a proactive network defense?
- A.
Redundant firewalls
- B.
Business continuity planning
- C.
Disallowing P2P traffic
- D.
Perimeter surveillance and intelligence gathering
Correct Answer
D. Perimeter surveillance and intelligence gatheringExplanation
Ideally to counter an attack, network security must also be proactive,
anticipate, and oppose the attack against their infrastructure by interdicting
and disrupting an attack preemptively or in self-defense. Th is requires intelligence
on the threat, active surveillance at the perimeter and beyond, and the ability to
intercede upstream or disable a threat agent’s tools. Page 742.Rate this question:
-
- 3.
In which of the following situations is the network itself not a target of attack?
- A.
A denial-of-service attack on servers on a network
- B.
Hacking into a router
- C.
A virus outbreak saturating network capacity
- D.
A man-in-the-middle attack
Correct Answer
D. A man-in-the-middle attackExplanation
Although the modifi cation of messages will often happen at
the higher network layers, networks can be set up to provide robustness or resilience
against interception and change of a message (man-in-the-middle attack) or
replay attacks. Ways to accomplish this can be based on encryption or checksums
on messages, as well as on access control measures for clients that would prevent
an attacker from gaining the necessary access to send a modifi ed message into the
network. Page 745.Rate this question:
-
- 4.
Which of the following are eff ective protective or countermeasures against a distributed denial-of-service attack? a = Redundant network layout; b = Secret fully qualifi ed domain names (FQDNs); c = Reserved bandwidth; d = Traffic filtering; e = Network address translation (NAT).
- A.
B and e
- B.
B, d, and e
- C.
A and c
- D.
A, c, and d
Correct Answer
D. A, c, and dExplanation
Countermeasures to a denial-of-service attack include, but
are not limited to: multiple layers of fi rewalls, careful fi ltering on fi rewalls, routers
and switches, internal network access controls (NAC), redundant (diverse) network
connections, load balancing, reserved bandwidth (quality of service, which would
at least protect systems not directly targeted), and blocking traffi c from an attacker
on upstream router. Page 745.Rate this question:
-
- 5.
What is the optimal placement for network-based intrusion detection systems (NIDSs)?
- A.
On the network perimeter, to alert the network administrator of all suspicious traffic
- B.
On network segments with business-critical systems; e.g., demilitarized zones (DMZs) and on certain intranet segments
- C.
At the network operations center (NOC)
- D.
At an external service provider
Correct Answer
A. On the network perimeter, to alert the network administrator of all suspicious trafficExplanation
Intrusion detection systems (IDS) monitor activity and send
alerts when they detect suspicious traffi c. Th ere are two broad classifi cations of IDS:
host-based IDS, which monitor activity on servers and workstations, and networkbased
IDS, which monitor network activity. Page 750.Rate this question:
-
- 6.
Which of the following end-point devices might be considered part of a converged IP network?
- A.
File server
- B.
IP phone
- C.
Security camera
- D.
All of the above
Correct Answer
D. All of the aboveExplanation
Correct answer is d. See Figure 10.3, Page 740.Rate this question:
-
- 7.
Which of the following is an advantage of fiber-optic over copper cables from a security perspective?
- A.
Fiber optics provides higher bandwidth.
- B.
Fiber optics are more difficult to wiretap.
- C.
Fiber optics are immune to wiretap.
- D.
None. The two are equivalent; network security is independent from the physical layer.
Correct Answer
B. Fiber optics are more difficult to wiretap.Explanation
From a security perspective, fi ber optics’ immunity to electromagnetic
interference (EMI) and radio frequency interference (RFI) is important.
Because fi ber optics emit extremely small amounts of energy from the cable, data
cannot be as easily intercepted as information is transported through electric current
in wires. Page 762.Rate this question:
-
- 8.
Which of the following devices should not be part of a network’s perimeter defense?
- A.
A boundary router
- B.
A firewall
- C.
A proxy server
- D.
None of the above
Correct Answer
D. None of the aboveExplanation
Th e security perimeter is the fi rst line of protection between
trusted and untrusted networks. In general, it includes a fi rewall and router that
helps fi lter traffi c. Security perimeters may also include proxies and devices, such
as an intrusion detection system (IDS), to warn of suspicious traffi c. Th e defensive
perimeter extends out from these fi rst protective devices, to include proactive
defense such as boundary routers which can provide early warning of upstream
attacks and threat activities. Page 765.Rate this question:
-
- 9.
Which of the following is a principal security risk of wireless LANs?
- A.
Lack of physical access control
- B.
Demonstrably insecure standards
- C.
Implementation weaknesses
- D.
War driving
Correct Answer
A. Lack of physical access controlExplanation
Wireless networks allow users to be mobile while remaining
connected to a LAN. Unfortunately, this allows unauthorized users greater access to the LAN as well. In fact, many wireless LANs can be accessed off of the organization’s
property by anyone with a wireless card in a laptop, which eff ectively
extends the LAN where there are no physical controls. Page 777.Rate this question:
-
- 10.
Which of the following confi gurations of a WLAN’s SSID off ers adequate security protection?
- A.
Using an obscure SSID to confuse and distract an attacker
- B.
Not using any SSID at all to prevent an attacker from connecting to the network
- C.
Not broadcasting an SSID to make it harder to detect the WLAN
- D.
None of the above
Correct Answer
D. None of the aboveExplanation
Correct answer is d. SSIDs are not for authentication. Page 778.Rate this question:
-
- 11.
Which of the following are true statements about IPSec? a IPSec provides mechanisms for authentication and encryption. b = IPSec provides mechanisms for nonrepudiation. c = IPSec will only be deployed with IPv6. d = IPSec authenticates hosts against each other. e = IPSec only authenticates clients against a server. f = IPSec is implemented in SSH and TLS.
- A.
A and d
- B.
A, b, and e
- C.
A, b, c, d, and f
- D.
A, b, c, e, and f
Correct Answer
A. A and dExplanation
IP Security (IPSec) is a suite of protocols for communicating
securely with IP by providing mechanisms for authenticating and encryption.
Standard IPSec authenticates only hosts with each other. Page 804.Rate this question:
-
- 12.
A security event management (SEM) service performs the following function:
- A.
Gathers firewall logs for archiving
- B.
Aggregates logs from security devices and application servers looking for suspicious activity
- C.
Reviews access controls logs on servers and physical entry points to match user system authorization with physical access permissions
- D.
Coordination software for security conferences and seminars.
Correct Answer
B. Aggregates logs from security devices and application servers looking for suspicious activityExplanation
SEM/SEIM systems have to understand a wide variety of diff erent
applications and network element (routers/switches) logs and formats; consolidate
these logs into a single database and then correlate events looking for clues to
unauthorized behaviors that would be otherwise inconclusive if observed in a single
log fi le. Page 751.Rate this question:
-
- 13.
Which of the following is the principal weakness of DNS (Domain Name System)?
- A.
Lack of authentication of servers, and thereby authenticity of records
- B.
Its latency, which enables insertion of records between the time when a record has expired and when it is refreshed
- C.
Th e fact that it is a simple, distributed, hierarchical database instead of a singular, relational one, thereby giving rise to the possibility of inconsistencies going undetected for a certain amount of time
- D.
Th e fact that addresses in e-mail can be spoofed without checking their validity in DNS, caused by the fact that DNS addresses are not digitally signed
Correct Answer
A. Lack of authentication of servers, and thereby authenticity of recordsExplanation
Authentication has been proposed but attempts to introduce
stronger authentication into DNS have not found wider acceptance. Authentication
services have been delegated upward to higher protocol layers. Applications in need
of guaranteeing authenticity cannot rely on DNS to provide such but will have to
implement a solution themselves. Page 818.Rate this question:
-
- 14.
Which of the following statements about open e-mail relays is incorrect?
- A.
An open e-mail relay is a server that forward e-mail from domains other than the ones it serves.
- B.
Open e-mail relays are a principal tool for distribution of spam.
- C.
Using a blacklist of open e-mail relays provides a secure way for an e-mail administrator to identify open mail relays and fi lter spam.
- D.
An open e-mail relay is widely considered a sign of bad system administration.
Correct Answer
C. Using a blacklist of open e-mail relays provides a secure way for an e-mail administrator to identify open mail relays and fi lter spam.Explanation
Although using blacklists as one indicator in spam fi ltering has
its merits, it is risky to use them as an exclusive indicator. Generally, they are run by
private organizations and individuals according to their own rules, they are able to
change their policies on a whim, they can vanish overnight for any reason, and they
can rarely be held accountable for the way they operate their lists. Page 827.Rate this question:
-
- 15.
A botnet can be characterized as
- A.
A network used solely for internal communications
- B.
An automatic security alerting tool for corporate networks
- C.
A group of dispersed, compromised machines controlled remotely for illicit reasons.
- D.
A type of virus
Correct Answer
C. A group of dispersed, compromised machines controlled remotely for illicit reasons.Explanation
Bots” and “botnets” are most insidious implementations of unauthorized,
remote control of compromised systems. Such machines are essentially
zombies controlled by ethereal entities from the dark places on the Internet. Page 749.Rate this question:
-
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
Mar 21, 2023Quiz Edited by
ProProfs Editorial Team -
Dec 22, 2012Quiz Created by
Cindymurray
- ACA Quizzes
- ACCA Quizzes
- ACE Quizzes
- BCBA Quizzes
- CCP Quizzes
- CDC Quizzes
- CDCs Quizzes
- CEH Quizzes
- CISA Quizzes
- CISCO Quizzes
- CPT Quizzes
- CSA Quizzes
- CSET Quizzes
- CST Quizzes
- CSWIP Quizzes
- FTCE Quizzes
- HIPAA Quizzes
- IAHCSMM Quizzes
- ISTQB Quizzes
- LEED Ga Quizzes
- MBLEx Quizzes
- NCIDQ Quizzes
- PMP Quizzes
- PRAXIS Quizzes
- PTCB Quizzes
- Six Sigma Quizzes
- TEAS Quizzes
Back to top