CISSP- Telecommunications & Networking

15 Questions | By Cindymurray | Last updated: Oct 22, 2020 | Total Attempts: 556

Questions

Settings

or Create Online Exam

More Cissp Quizzes

Trivia Quiz: Can You Pass This CISSP Certification Exam? Trivia Quiz: Can You Pass This CISSP Certification Exam?

CISSP Study Quiz CISSP Study Quiz

CISSP Prep Quiz: Short 1 CISSP Prep Quiz: Short 1

Featured Quizzes

Are You Really Best Friends? Are You Really Best Friends?

Quiz: Are You A True Star Wars Series Fan? Quiz: Are You A True Star Wars Series Fan?

The Ultimate Logical Fallacies Quiz! The Ultimate Logical Fallacies Quiz!

Related Topics

Questions and Answers

1.

In the OSI reference model, on which layer can Ethernet (IEEE 802.3) be described?
- A.
  
  Layer 1—Physical layer
- B.
  
  Layer 2—Data-link layer
- C.
  
  Layer 3—Network Layer
- D.
  
  Layer 4—Transport Layer
2.

Which of the following tactics might be considered a part of a proactive network defense?
- A.
  
  Redundant firewalls
- B.
  
  Business continuity planning
- C.
  
  Disallowing P2P traffic
- D.
  
  Perimeter surveillance and intelligence gathering
3.

In which of the following situations is the network itself not a target of attack?
- A.
  
  A denial-of-service attack on servers on a network
- B.
  
  Hacking into a router
- C.
  
  A virus outbreak saturating network capacity
- D.
  
  A man-in-the-middle attack
4.

Which of the following are eff ective protective or countermeasures against a distributed denial-of-service attack? a = Redundant network layout; b = Secret fully qualifi ed domain names (FQDNs); c = Reserved bandwidth; d = Traffic filtering; e = Network address translation (NAT).
- A.
  
  B and e
- B.
  
  B, d, and e
- C.
  
  A and c
- D.
  
  A, c, and d
5.

What is the optimal placement for network-based intrusion detection systems (NIDSs)?
- A.
  
  On the network perimeter, to alert the network administrator of all suspicious traffic
- B.
  
  On network segments with business-critical systems; e.g., demilitarized zones (DMZs) and on certain intranet segments
- C.
  
  At the network operations center (NOC)
- D.
  
  At an external service provider
6.

Which of the following end-point devices might be considered part of a converged IP network?
- A.
  
  File server
- B.
  
  IP phone
- C.
  
  Security camera
- D.
  
  All of the above
7.

Which of the following is an advantage of fiber-optic over copper cables from a security perspective?
- A.
  
  Fiber optics provides higher bandwidth.
- B.
  
  Fiber optics are more difficult to wiretap.
- C.
  
  Fiber optics are immune to wiretap.
- D.
  
  None. The two are equivalent; network security is independent from the physical layer.
8.

Which of the following devices should not be part of a network’s perimeter defense?

Discuss
- A.
  
  A boundary router
- B.
  
  A firewall
- C.
  
  A proxy server
- D.
  
  None of the above
9.

Which of the following is a principal security risk of wireless LANs?
- A.
  
  Lack of physical access control
- B.
  
  Demonstrably insecure standards
- C.
  
  Implementation weaknesses
- D.
  
  War driving
10.

Which of the following confi gurations of a WLAN’s SSID off ers adequate security protection?
- A.
  
  Using an obscure SSID to confuse and distract an attacker
- B.
  
  Not using any SSID at all to prevent an attacker from connecting to the network
- C.
  
  Not broadcasting an SSID to make it harder to detect the WLAN
- D.
  
  None of the above
11.

Which of the following are true statements about IPSec? a IPSec provides mechanisms for authentication and encryption. b = IPSec provides mechanisms for nonrepudiation. c = IPSec will only be deployed with IPv6. d = IPSec authenticates hosts against each other. e = IPSec only authenticates clients against a server. f = IPSec is implemented in SSH and TLS.
- A.
  
  A and d
- B.
  
  A, b, and e
- C.
  
  A, b, c, d, and f
- D.
  
  A, b, c, e, and f
12.

A security event management (SEM) service performs the following function:
- A.
  
  Gathers firewall logs for archiving
- B.
  
  Aggregates logs from security devices and application servers looking for suspicious activity
- C.
  
  Reviews access controls logs on servers and physical entry points to match user system authorization with physical access permissions
- D.
  
  Coordination software for security conferences and seminars.
13.

Which of the following is the principal weakness of DNS (Domain Name System)?
- A.
  
  Lack of authentication of servers, and thereby authenticity of records
- B.
  
  Its latency, which enables insertion of records between the time when a record has expired and when it is refreshed
- C.
  
  Th e fact that it is a simple, distributed, hierarchical database instead of a singular, relational one, thereby giving rise to the possibility of inconsistencies going undetected for a certain amount of time
- D.
  
  Th e fact that addresses in e-mail can be spoofed without checking their validity in DNS, caused by the fact that DNS addresses are not digitally signed
14.

Which of the following statements about open e-mail relays is incorrect?
- A.
  
  An open e-mail relay is a server that forward e-mail from domains other than the ones it serves.
- B.
  
  Open e-mail relays are a principal tool for distribution of spam.
- C.
  
  Using a blacklist of open e-mail relays provides a secure way for an e-mail administrator to identify open mail relays and fi lter spam.
- D.
  
  An open e-mail relay is widely considered a sign of bad system administration.
15.

A botnet can be characterized as
- A.
  
  A network used solely for internal communications
- B.
  
  An automatic security alerting tool for corporate networks
- C.
  
  A group of dispersed, compromised machines controlled remotely for illicit reasons.
- D.
  
  A type of virus

Back to top