CISSP- Telecommunications & Networking

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Cindymurray
C
Cindymurray
Community Contributor
Quizzes Created: 8 | Total Attempts: 15,173
| Attempts: 726
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/15 Questions

    A botnet can be characterized as

    • A network used solely for internal communications
    • An automatic security alerting tool for corporate networks
    • A group of dispersed, compromised machines controlled remotely for illicit reasons.
    • A type of virus
Please wait...
About This Quiz

This CISSP Telecommunications & Networking quiz assesses knowledge on network defense, Ethernet layers, and intrusion detection placement. It's designed to enhance understanding of network security principles and proactive defense tactics, essential for security professionals.

CISSP- Telecommunications & Networking - Quiz

Quiz Preview

  • 2. 

    A security event management (SEM) service performs the following function:

    • Gathers firewall logs for archiving

    • Aggregates logs from security devices and application servers looking for suspicious activity

    • Reviews access controls logs on servers and physical entry points to match user system authorization with physical access permissions

    • Coordination software for security conferences and seminars.

    Correct Answer
    A. Aggregates logs from security devices and application servers looking for suspicious activity
    Explanation
    SEM/SEIM systems have to understand a wide variety of diff erent
    applications and network element (routers/switches) logs and formats; consolidate
    these logs into a single database and then correlate events looking for clues to
    unauthorized behaviors that would be otherwise inconclusive if observed in a single
    log fi le. Page 751.

    Rate this question:

  • 3. 

    Which of the following end-point devices might be considered part of a converged IP network?

    • File server

    • IP phone

    • Security camera

    • All of the above

    Correct Answer
    A. All of the above
    Explanation
    Correct answer is d. See Figure 10.3, Page 740.

    Rate this question:

  • 4. 

    In which of the following situations is the network itself not a target of attack?

    • A denial-of-service attack on servers on a network

    • Hacking into a router

    • A virus outbreak saturating network capacity

    • A man-in-the-middle attack

    Correct Answer
    A. A man-in-the-middle attack
    Explanation
    Although the modifi cation of messages will often happen at
    the higher network layers, networks can be set up to provide robustness or resilience
    against interception and change of a message (man-in-the-middle attack) or
    replay attacks. Ways to accomplish this can be based on encryption or checksums
    on messages, as well as on access control measures for clients that would prevent
    an attacker from gaining the necessary access to send a modifi ed message into the
    network. Page 745.

    Rate this question:

  • 5. 

    In the OSI reference model, on which layer can Ethernet (IEEE 802.3) be described?

    • Layer 1—Physical layer

    • Layer 2—Data-link layer

    • Layer 3—Network Layer

    • Layer 4—Transport Layer

    Correct Answer
    A. Layer 2—Data-link layer
    Explanation
    Layer 2, the data-link layer, describes data transfer between
    machines, for instance, by an Ethernet. Page 735.

    Rate this question:

  • 6. 

    What is the optimal placement for network-based intrusion detection systems (NIDSs)?

    • On the network perimeter, to alert the network administrator of all suspicious traffic

    • On network segments with business-critical systems; e.g., demilitarized zones (DMZs) and on certain intranet segments

    • At the network operations center (NOC)

    • At an external service provider

    Correct Answer
    A. On the network perimeter, to alert the network administrator of all suspicious traffic
    Explanation
    Intrusion detection systems (IDS) monitor activity and send
    alerts when they detect suspicious traffi c. Th ere are two broad classifi cations of IDS:
    host-based IDS, which monitor activity on servers and workstations, and networkbased
    IDS, which monitor network activity. Page 750.

    Rate this question:

  • 7. 

    Which of the following devices should not be part of a network’s perimeter defense?

    • A boundary router

    • A firewall

    • A proxy server

    • None of the above

    Correct Answer
    A. None of the above
    Explanation
    Th e security perimeter is the fi rst line of protection between
    trusted and untrusted networks. In general, it includes a fi rewall and router that
    helps fi lter traffi c. Security perimeters may also include proxies and devices, such
    as an intrusion detection system (IDS), to warn of suspicious traffi c. Th e defensive
    perimeter extends out from these fi rst protective devices, to include proactive
    defense such as boundary routers which can provide early warning of upstream
    attacks and threat activities. Page 765.

    Rate this question:

  • 8. 

    Which of the following is an advantage of fiber-optic over copper cables from a security perspective?

    • Fiber optics provides higher bandwidth.

    • Fiber optics are more difficult to wiretap.

    • Fiber optics are immune to wiretap.

    • None. The two are equivalent; network security is independent from the physical layer.

    Correct Answer
    A. Fiber optics are more difficult to wiretap.
    Explanation
    From a security perspective, fi ber optics’ immunity to electromagnetic
    interference (EMI) and radio frequency interference (RFI) is important.
    Because fi ber optics emit extremely small amounts of energy from the cable, data
    cannot be as easily intercepted as information is transported through electric current
    in wires. Page 762.

    Rate this question:

  • 9. 

    Which of the following is a principal security risk of wireless LANs?

    • Lack of physical access control

    • Demonstrably insecure standards

    • Implementation weaknesses

    • War driving

    Correct Answer
    A. Lack of physical access control
    Explanation
    Wireless networks allow users to be mobile while remaining
    connected to a LAN. Unfortunately, this allows unauthorized users greater access to the LAN as well. In fact, many wireless LANs can be accessed off of the organization’s
    property by anyone with a wireless card in a laptop, which eff ectively
    extends the LAN where there are no physical controls. Page 777.

    Rate this question:

  • 10. 

    Which of the following is the principal weakness of DNS (Domain Name System)?

    • Lack of authentication of servers, and thereby authenticity of records

    • Its latency, which enables insertion of records between the time when a record has expired and when it is refreshed

    • Th e fact that it is a simple, distributed, hierarchical database instead of a singular, relational one, thereby giving rise to the possibility of inconsistencies going undetected for a certain amount of time

    • Th e fact that addresses in e-mail can be spoofed without checking their validity in DNS, caused by the fact that DNS addresses are not digitally signed

    Correct Answer
    A. Lack of authentication of servers, and thereby authenticity of records
    Explanation
    Authentication has been proposed but attempts to introduce
    stronger authentication into DNS have not found wider acceptance. Authentication
    services have been delegated upward to higher protocol layers. Applications in need
    of guaranteeing authenticity cannot rely on DNS to provide such but will have to
    implement a solution themselves. Page 818.

    Rate this question:

  • 11. 

    Which of the following are eff ective protective or countermeasures against a distributed denial-of-service attack? a = Redundant network layout; b = Secret fully qualifi ed domain names (FQDNs); c = Reserved bandwidth; d = Traffic filtering; e = Network address translation (NAT).

    • B and e

    • B, d, and e

    • A and c

    • A, c, and d

    Correct Answer
    A. A, c, and d
    Explanation
    Countermeasures to a denial-of-service attack include, but
    are not limited to: multiple layers of fi rewalls, careful fi ltering on fi rewalls, routers
    and switches, internal network access controls (NAC), redundant (diverse) network
    connections, load balancing, reserved bandwidth (quality of service, which would
    at least protect systems not directly targeted), and blocking traffi c from an attacker
    on upstream router. Page 745.

    Rate this question:

  • 12. 

    Which of the following are true statements about IPSec? a IPSec provides mechanisms for authentication and encryption. b = IPSec provides mechanisms for nonrepudiation. c = IPSec will only be deployed with IPv6. d = IPSec authenticates hosts against each other. e = IPSec only authenticates clients against a server. f = IPSec is implemented in SSH and TLS.

    • A and d

    • A, b, and e

    • A, b, c, d, and f

    • A, b, c, e, and f

    Correct Answer
    A. A and d
    Explanation
    IP Security (IPSec) is a suite of protocols for communicating
    securely with IP by providing mechanisms for authenticating and encryption.
    Standard IPSec authenticates only hosts with each other. Page 804.

    Rate this question:

  • 13. 

    Which of the following tactics might be considered a part of a proactive network defense?

    • Redundant firewalls

    • Business continuity planning

    • Disallowing P2P traffic

    • Perimeter surveillance and intelligence gathering

    Correct Answer
    A. Perimeter surveillance and intelligence gathering
    Explanation
    Ideally to counter an attack, network security must also be proactive,
    anticipate, and oppose the attack against their infrastructure by interdicting
    and disrupting an attack preemptively or in self-defense. Th is requires intelligence
    on the threat, active surveillance at the perimeter and beyond, and the ability to
    intercede upstream or disable a threat agent’s tools. Page 742.

    Rate this question:

  • 14. 

    Which of the following statements about open e-mail relays is incorrect?

    • An open e-mail relay is a server that forward e-mail from domains other than the ones it serves.

    • Open e-mail relays are a principal tool for distribution of spam.

    • Using a blacklist of open e-mail relays provides a secure way for an e-mail administrator to identify open mail relays and fi lter spam.

    • An open e-mail relay is widely considered a sign of bad system administration.

    Correct Answer
    A. Using a blacklist of open e-mail relays provides a secure way for an e-mail administrator to identify open mail relays and fi lter spam.
    Explanation
    Although using blacklists as one indicator in spam fi ltering has
    its merits, it is risky to use them as an exclusive indicator. Generally, they are run by
    private organizations and individuals according to their own rules, they are able to
    change their policies on a whim, they can vanish overnight for any reason, and they
    can rarely be held accountable for the way they operate their lists. Page 827.

    Rate this question:

  • 15. 

    Which of the following confi gurations of a WLAN’s SSID off ers adequate security protection?

    • Using an obscure SSID to confuse and distract an attacker

    • Not using any SSID at all to prevent an attacker from connecting to the network

    • Not broadcasting an SSID to make it harder to detect the WLAN

    • None of the above

    Correct Answer
    A. None of the above
    Explanation
    Correct answer is d. SSIDs are not for authentication. Page 778.

    Rate this question:

Quiz Review Timeline (Updated): Mar 21, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Dec 22, 2012
    Quiz Created by
    Cindymurray
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.