CISSP PRACTICE TESTS Chapter 4 ▪Communication and Network Security (Domain 4)
20. A remote access tool that copies what is displayed on a desktop PC to a remote computer is an example of what type of technology? A. Remote node operation B. Screen scraping C. Remote control D. RDP
B. Screen scraping
9. FHSS, DSSS, and OFDM all use what wireless communication methods that occurs over multiple frequencies simultaneously? A. Wi-Fi B. Spread Spectrum C. Multiplexing D. Orthogonal modulation
B. Spread Spectrum
87. A denial of service (DoS) attack that sends fragmented TCP packets is known as what kind of attack? A. Christmas tree B. Teardrop C. Stack killer D. Frag grenade
B. Teardrop
55. The Windows ipconfig command displays the following information: BC-5F-F4-7B-4B-7D What term describes this, and what information can be gathered from it? A. The IP address, the network location of the system B. The MAC address, the network interface card's manufacturer C. The MAC address, the media type in use D. The IPv6 client ID, the network interface card's manufacturer
B. The MAC address, the network interface card's manufacturer
80. What challenge is most common for endpoint security system deployments? A. Compromises B. The volume of data C. Monitoring encrypted traffic on the network D. Handling non-TCP protocols
B. The volume of data
50. What network technology is best decribed as a toke -passing network that uses a pair of rings with traffic flowing in opposite directions? A. A ring topology B. Token Ring C. FDDI D. SONET
C. FDDI
92. Jim is building a reseach computing system that benefits from being part of a full mesh topology between systems. In a five-node full mesh topology design, how many connections will an individual node have? A. Two B. Three C. Four D. Five
C. Four
30. What security concern does sending internal communications from A to B cause? A. The firewall does not protect system B. B. System C can see the broadcast traffic from system A to B. C. It is traveling via an unencrypted protocol. D. IM does not provide nonrepudation.
C. It is traveling via an unencypted protocol.
47. Which of the following options includes standards or protocols that exists in layer 6 of the OSI model ? A. NFS, SQL, and RPC B. TCP, UDP ,and TLS C. JPEG, ASCII, and MIDI D. HTTP, FTP, SMTP
C. JPEG, ASCII, and MIDI
71. ICMP, RIP, and network address translation all occur at what layer of the OSI model? A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4
C. Layer 3
77. IPX, AppleTalk, and NetBEUI are all examples of what? A. Routing protocols B. UDP protocols C. Non-IP protocols D. TCP protocols
C. Non-IP protocols
63. A phreaking tool used to manipulate line voltages to steal long-distance service is known as what type of box? A. A black box B. A red box C. A blue box D. A white box
A. A black box
12. What network topology is shown in the image below? Refer to page 74 in book. A. A ring B. A bus C. A star D. A mesh
A. A ring
35. In her role as an information security professional, Susan has been asked to identify areas where her organization's wireless network may be accessible even though it isn't intended to be. What should Susan do to determine where her organization's wireless network is accessible? A. A site survey B. Warwalking C. Wardriving D. A design map
A. A site survey
62. Which type of firewall can be describd as " a device that filters traffic based on its source, destination and the port it is sent from or is going to" ? A. A static packet filtering firewall B. An Application layer gateway firewall C. A dynamic packet filtering firewall D. A stateful inspection firewall
A. A static packet filtering firewall
64. Data streams occur at what three layers of theOSL model? A. Application, Presentation, and Session B. Presentation, Session, and Transport C. Physical, Data Link, and Network D. Data Link, Network, and Transport
A. Application, Presentation, and Session
1 What important factor listed below differentiates Frame Relay from X.25? A. Frame Relay supports multiple PVCs over a single WAN carrier connection. B. Frame Relay is a cell-switching technology instead of a packet-switching technology like X.25. C. Frame Relay does not provide a Committed Information Rate (CIR). D. Frame Relay only requires a DTE on the provider side.
A. Frame Rely supports multiple PVCs over a single WAN carrier connection.
28. Chris is building an Ethernet network and knows that he needs to span a distance of over 150 meters with his 1000Base- T network. What network technology should he use to help with this? A. Install a repeater or a concentrator. before 100 meters. B. Use Category 7 cable, which has better shielding for higher speeds. C. Install a gate to handle the distance. D. Use STP cable to handle the longer distance at high speeds.
A. Install a repeater or a concentrator before 100 meters.
91. Lauren has been asked to replace her organization's PPTP implementation with an L2TP implementation for security reasons. What is the primary security reason that L2TP would replace PPTP? A. L2TP can use IP sec. B. L2TP creates a point-to-point tunnel, avoiding multipoint issues. C. PPTP doesn't support EAP. D. PPTP doesn't properly encapsulate PPP packets.
A. L2TP can use IPsec.
21. Which email security solution provides two major usage modes: (1) signed messages that provide integrity, sender authentication, and nonrepudiation; and (2) an enveloped message mode that provides integrity, sender authentication, and confidentiality? A. S/MIME B. MOSS C. PEM D. DKIM
A. S/MIME
22. During a security assessment, Jim discovers that the organization he is working with uses a multilayer protocol to handle SCADA systems and recently connected the SCADA network to the rest of the organization's production network. What concern should he raise about serial data transfers carried via TCP/IP? A. SCADA devices that are now connected to the network can now be attacked over the network. B. Serial data over TCP/IP cannot be encrypted. C. Serial data cannot be carried in TCP packets. D. TCP/IP's throughput can allow for easy denial of service attacks against serial devices.
A. SCADA devices that are now connected to the network can now be attacked over the network.
74. Ben is concerned about exploits that allow VM escape. What option should Ben suggest to help limit the impact of VM escape exploits? A. Separate virtual machines onto separate physical hardware based on task or data types. B. Use VM escape detection tools on the underlying hypervisor. C. Restore machines to their orginal snapshots on a regular basis. D. Use a utility like Tripwire to look for changes in the virtual machines.
A. Separate virtual machines onto separate physical hardware based on task or data types.
69. What type of firewall design is shown in the image below? Refer to page86 in book. •••••••••••••••••••••••••••••••Firewall••••••Private Network (Internet)_____●__________■_____ I____I ___I_____I____ •••••••••••••••••Router. I I I I A. Single tier B. Two tier C. Three tier D. Next veneration
A. Single tier
8. Chris is configuring an IDS to monitor for unencypted FTP traffic. What ports should Chris use in his configuration? A. TCP 20 and 21 B. TCP 21 only C. UDP port 69 D. TCP port 21 and UDP port 21
A. TCP 20 and 21
54. Segmentation, sequencing, and error checking all occur at what layer of the OSI model that is associated with SSL, TLS, and UDP? A. The Transport layer B. The Network layer C. The Session layer D. The Presentation layer
A. The Transport layer
60. What common security issue is often overlooked with cordless phones? A. Their signal is rarely encrypted and thus can be easily monitored. B. They use unlicensed frequencies. C. They can allow attackers access to wireless networks. D. They are rarely patched and are vulnerable to malware.
A. Their signal is rarely encrypted and thus can be easily monitored.
53. If your organization needs to allow attachments in email to support critical business processes, what are the two best option for helping to avoid security problems caused by attachments? A.Train your users and use anti-malware tools. B. Encrypt your email and use anti- malware tools. C. Train your users and require S/MIME for all email. D. Use S/MIME by default and remove all ZIP (.zip) file attachments.
A. Train your users and use anti-malware tools.
61. Lauren's organization has deployed VoIP phones on the same switches that the desktop PCs are on. What se urity issue could this create, and what solution would help. A. VLAN hopping, use physical separate switches. B. VLAN hopping, use encryption. C. Caller ID spoofing, MAC filtering D.Denial of service attacks,use a firewall between networks.
A. VLAN hopping, use physically separate switches.
52. Ben is designing a Wi-Fi network and has been asked to choose the most secure option for the network. Which wireless security standard should he choose? A. WPA2 B. WPA C.WEP D. AES
A. WPA2
95. What speed is Category 3 UTP cable rate for? A. 5 Mbps B. 10 Mbps C. 100 Mbps D. 1000 Mbps
B. 10 Mbps
58. What is the default subnet mask for a Class B netwoork? A. 255.0.0.0 B. 255.255.0.0 C. 255.254.0.0 D. 255.255.255.0
B. 255.255.0.0
24. An attack that causes a service to fail by exhausting all of a system's resources is what type of attack? A. A worm B. A denial of service attack C. A virus D. A Smurf attack
B. A denial of sevice attack
18. What network tool can be used to protect the identity of clients while providing Internet access by accepting client requests, altering the source addresses of the requests, mapping requests to clients, and sending the modified requests out to their destination? A. A gateway B. A proxy C. A router D. A firewall
B. A proxy
79. What type of firewall design does the image below show? Refer to page 88 in book. •••••••••••••••••••••••••••••••••••Firewall•••Private Network (Internet)_____________●______■_______|_____|_____|___|____ ••••••••••••••••••••••••••Router | | | | ••••••••••••••••••••••••••••••••••••••••••\DMZ A. A single-tier firewall B. A two-tier firewall C. A three-tier firewall D. A fully protected DMZ firewall
B. A two-tier firewall
Chris is designing layered network security for his organization. Using the diagram below, answer questions 13 through 15. Refer to page 74 in book. (Internet)•••••••••••• A Firewall □___________B__________Web server Router ○____________C__________VPN Concentrator Switch ■ _______________________________________________________________ Computers ■ ■ ■ ■ ■ 13. What type of firewall design is shown in the diagram? A. A single-tier firewall B. A two-tier firewall C. A three-tier firewall D. A four-tier firewall
B. A two-tier firewall
37. One of Susan's attacks during a penetraion test involves inserting false ARP data into a system's ARP cache. When the system attempts to send traffic to the address it believes belongs to a legitmate system, it will instead send that traffic to a system she controls. What is this attack called? A. RARP Flooding B. ARP cache poisoning C. A denial of ARP attack D. ARP buffer blasting
B. ARP cache poisoning
76. When a host on an Ethernet network detects a collision and transmits a jam signal, what happens next? A. The host that transmitted the jam signal is allowed to retransmit while all others host pause until that transmission is recieved successfully. B. All host stop transmitting and each host waits a random period of time before attempting to transmitagain. C. All hosts stop transmitting and each host waits a period of time based on how recently it successfully transmitted. D. Hosts wait for the token to be paased and then resume transmitting data as they pass the token.
B. All host stop transmitting and each host waits a random period of time before attempting to transmit again.
83. What type of firewall is know as a second-generation firewall? A. Static packet filtering firewalls B. Application-level gateway firewalls C. Stateful inspection firewalls D. Unified Threat Management
B. Application-level gateway firewalls
68. Cable modems, ISDN, and DSL are all examples of what type of technology? A. Baseband B. Broadband C. Digital D. Broadcast
B. Broadband
10. Which authentication protocol commonly used for PPP links encrypts both the username and password and uses a challenge/response dialog that cannot be replayed and periodically reauthenticates remote systems throughtout its use in a session? A. PAP B. CHAP C. EAP D. LEAP
B. CHAP
32. Which of the following drawbacks is a concern when multilayer protocols are allowed? A. A range of protocols may be used at higher layers. B. Covert channels are allowed. C. Filters cannot be bypassed. D. Encryption can't be incorporated at multiple layers.
B. Covert channels are allowed.
96. What issues occurs when data transmitted over one set of wires is picked up by another set of wires? A. Magnetic interference B. Crosstalk C. Transmission absorption D. Amplitude modulation
B. Crosstalk
19.During troubleshooting, Chris uses the ns lookup command to check the IP address of a host he is attempting to connect to. The IP that should resolve when the lookup is done. What type of attack has likely been conducted? A. DNS spoofing B. DNS poisoning C. ARP spoofing D. A Cain attack
B. DNS poisoning
67. Jim's organization uses fax machines to receive sensitive data. Since the fax machine is located in a public area, what actions should Jim take to deal with issues related to faxes his organization receives? A. Encrypt the faxes and purge local memory. B. Disable automatic printing and purge local memory. C. Encrypt faxes and disable automatic printing. D. Use link encryption and enable automatic printing.
B. Disable automatic printing and purge local memory.
17. Ben has configured his network to not broadcast a SSID. Why might Ben disable SSID broadcast, and how could his SSID be discovered? A. Disabling SSID broadcast prevents attackers from discovering the encryption key. The SSID can be recovered from decrypted packets. B. Disabling SSID broadcast hides networks from unauthorized personnel. The SSID can be discovered using wireless sniffer. C. Disabling SSID broadcast prevents issues with beacon frames. The SSID can be recovered by reconstructing the BSSID. D. Disabling SSID broadcast helps avoid SSID conflicts. The SSID can be discovered by attempting to connect to the network.
B. Disabling SSID broadcast hides networks from unauthorized personnel. The SSID can be discovered using a wireless sniffer.
84. Steve has been tasked with implementing a network storage protocol over an IP network. What storage-centric converged protocol is he likely to use in his implementation? A. MPLS B. FCoE C. SDN D. VoIP
B. FCoE
Lauren's organization has used a popular instant messaging service for a number of years. Recently, concerns have been raised about the use of instant messaging. Using the diagram below, answer questions 29 through 31 about instant messaging. Refer to page 78 in book. (Internet)__________IM Traffic via TCP 80______[B] ••••A Firewall ■ Router ● Switch □ ••••••••••••••MI Traffic via TCP 80 ••••••••••••[A] [B] 29. What protocol is the instant messaging traffic most likely to used based on the diagram? A. AOL B. HTTP C. SMTP D. HTTPS
B. HTTP
34. Chris uses a cellular hot spot ( modem) to provide Internet acess when he is traveling. If he leaves the hot spot connected to his PC while his PC is on his organization's corporate network, what security issue might he cause? A. Traffic may not be routed properly, exposing sensitive data. B. His system may act as a bridge from the Internet to the local network. C. His system may be a portal for a reflected DDoS attack. D. Security administrators may not be able to determine his IP address if a security issue occurs.
B. His system may act as a bridge from the Internet to the local network.
31. How could Lauren's copany best address a desire for secure instant messaging for users of internal systems A and C? A. Use a 3rd party instant messaging service. B. Implements and use a locally hosted IM service. C. Use HTTPS. D. Discontinue use of IM and instead use email, which is more secure.
B. Implements and use a locally hosted IM service.
73. The VM adminisitrators recommend enabling cut and paste between virtual machines. What security concern should Ben raise about this practice? A. It can cause a denial of service condition. B. It can serve as a cover channel. C. It can allow viruses to spread. D. It can bypass authentication controls.
B. It can serve as a covert channel.
97. What two key issues with the implementation of RC4 make Wired Equivalent Privacy (WEP) even weaker than it might other wise be? A. Its use of a static common key and client-set encryption algorithms B. Its use of a static common key and a limited numberof initialization vectors C. Its use of weak asymmetric keys and a limited number of initialization vectors D. Its use of a weak asymmetric key and client-set encryption algorithms
B. Its use of a static common key and a limited number of initialization vectors
26. The Address Resolution Protocol (ARP) and the Reverse Address Resolution Protocol (RARP) operate at what layer of the OSI model? A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4
B. Layer 2
89. One of the findings that Jim made when performing a security audit was the use of non-IP protocols in private network. What issue should Jim point out that may result from the use of these non-IP protocols? A. They are outdated and cannot be used on modern PCs. B. They may not be able to filtered by firewall devices. C. They may allow Christmas tree attacks. D. IPX extends on the IP protocol and may not be supported by all TCP stacks.
B. They may not be able to be filtered by firewall devices.
82. Susan is writing a best practices statement for her organizational users who need to use Bluetooth. She knows that there are many potential security issues with Bluetooth and wants to provide the best advice she can. Which of the following sets of guidance should Susan include? A. Use Bluetooth's built-in strong encryption, change the default PIN on your device, turn off discovery mode, and turn off Bluetooth when it's not in active use. B. Use Bluetooth only for those activities that are not confidential, change the default PIN on your device, turn off discovery mode, and run off Blue tooth when it's not in active use. C. Use Bluetooth's built-in strong encyrption, use extended (8 digit or longer) Bluetooth PINs, turn off discovery mode, and turn off Bluetooth when it's not in a active use. D. Use Bluetooth only for those activities that are not confidential, use extended (8 digit or longer) Bluetooth PINs, turn off discovery mode, and turn off Bluetooth when it's not in active use.
B. Use Bluetooth's only for those activities that are not confidential, change the default PIN on your device, turn off discovery mode, and turn off Bluetooth when it's not in active use.
2. During a security assessment of a wireless network, Jim discovers that LEAP is in use on a network using WPA. What recommendation should Jim make? A. Continue to use LEAP. It provides. better security than TKIP for WPA networks. B. Use an alternate protocol like PEAP or EAP-TLS and implement WPA2 if supported. C. Contiune to use LEAP to avoid authentication issues, but move to WPA2. D. Use an alternate protocol like PEAP or EAP-TLS, and implement Wired Equivalent Privcy to avoid wireless security issues.
B. Use an alternate protocol like PEAP or EAP-TLS and implement WPA2 if supported.
98. Chris is setting up a hotel network, and needs to insure that systems in each room or suit can connect each other, but systems in other suites or rooms cannot. At the same time, he needs to ensure that all systems in the hotel can reach the Internet. What solution should he recommend as the most effective business solution? A. Per- room VPNs B. VLANs C. Port security D. Firewalls
B. VLANs
25. What speed and frequency range is used by 802.11n? A. 54 Mbps, 5 GHz B. 200+ Mbps, 5 GHz C. 200+ Mbps, 2.4 and 5 GHz D. 1 Gbps, 5 GHz
C. 200+ Mbps, 2.4 and 5 GHz
78. What is the speed of a T3 line? A. 128 kbps B. 1,544 Mbps C. 44.756 Mbps D. 155 Mbps
C. 44.736 Mbps
6. Gary is developing a wireless network and wants to deploy the fastest possible wireless technology. Of the 802.11 standards list below, which is the fastest 2.4 GHz option he has? A. 802.11a B. 802.11g C. 802.11n D. 802.11ac
C. 802.11n
33.What network topology is shown in the image below? Refer to page 79 in book. A. A ring B. A star C. A bus D. A. mesh
C. A bus
4. Lauren's and Nick's PCs simltaneously send traffic by transmitting at the same time. What network term describes the rangeof systems on a network that could be affected by this same issue? A. The subnet B. The supernet C. A collision domain D. A broadcast domain
C. A collision domain
23. What type of key does WEP use to encrypt wireless communications? A. An asymmetric key B. Unique key sets for each host C. A predenfined shared static key D. Unique asymmetric keys for each host
C. A predefined shared static key
66. Lauren's networking team has been asked to identify a technology that will alllow them to dynamically change the organization's network by treating the network like code. What type of architecture should she recommend? A. A network that follows the 5-4-3 rule B. A converged network C. A solfware-defined network D. A hypervisor-based network
C. A softeware-defined network
65. Chris needs to design a firewall architecture that can support separately a DMZ, a database, and a private internal network. What type of design should he use, and how many firewalls does he need? A. A four-tier firewall design with two firewalls B. A two-tier firewall design with three firewalls C. A three-tier firewall design with at least one firewall D. A single-tier firewall design with three firewalls
C. A three-tier firewall design with at least one firewall
75. WPA2's Counter Mode Ciper Block Chaining Message Authentication Mode Protocol (CCMP) is based on which common encryption scheme? A. DES B.3DES C. AES D. TLS
C. AES
3. Ben has connected his laptop to his tablet PC using an 802.11g connection. What wireless network mode has he usedto connect these devices? A. Infrastructure mode B. Wired extension mode C. Ad hoe mode D. Stand-alone mode
C. Ad hoe mode
15. If Chris wants to stop cross-site scripting attacks against the web server, what is the best device for this purpose, and where should he put it? A. A firewall, location A B. An IDS, location A C. An IPS, location B D. A WAF, location C
C. An IPS, location B
36. The DARPA TCP/IP model's Application layer matches up to what three OSI model layers? A. Application, Presentation,and Transport B. Presentation, Session, and Transport C. Application, Presentation, and Session D. There is not a direct match. The TCP model was created before the OSI model.
C. Application, Presentation, and Session
100. Ben knows that his organization wants to be able to validate the identity of other oranizations based on their domain name when receiving and sending email. What tool should Ben recommend? A. PEM B. S/MIME C. DKIM D. MOSS
C. DKIM
57. Ben is troubleshooting a network and discovers that the NAT router he is connected to has the 192.168.x.x subnet as its internal network and that its external IP is 192.168.1.40. What problem is he encountering? A. 192.168.x.x is a non-routable network and will not be carried to the Internet. B. 192.168.1.40 is not a valid address because it is reserved by RFC 1918. C. Double NATing is not possible using the same IP range. D. The upstream system is unable to de-encapsulate his packets and he needs to use PAT instead.
C. Double NATing is not possible using the same IP range.
59. Jim's organization uses a traditional PBX for voice communication. What is the most common security issue that its internal communications are likely to face, and what should he recommend to prevent it? A. Eavesdropping, encrption B.Man-in-the-middle attacks, end-to-end encryption C. Eavesdropping, physical security D. Wardialing, deploy an IPS
C. Eavesdropping, physcial security
11. Which of the following options is not a common best practice for securing a wireless network? A. Turn on WPA2. B. Enable MAC filtering if used for a relatively small group of clients. C. Enable SSID broadcast. D. Separate the access point from the wired network using a firewall, thus treating it as external access.
C. Enable SSID broadcast
Use the following scenario to help guide your answers in the following three questions. Ben is an information security professional at an organization that is replacing its physical servers with virtual machines. As the organization builds its virtual environment, it is decreasing the number of physical servers it uses while purchasing more powerful servers to act as the virtualization platforms. A. The same traffic he currently sees B. All inter-VM traffic C. Only traffic sent outside of the VM environment D. All intter-hypervisor traffic
C. Only traffic sent outside of the VM environment
90. Angela needs to choose between EAP, PEAP, and LEAP for secure authentication. Which authentication. Which authentication protocol should she choose and why? A. EAP, because it provides strong encryption by default B. LEAP, because it provides frequent re- authentication, and changing of WEP keys C. PEAP, because it provides encryption and doesn't suffer from the same vulnerabilities that LEAP does D. None of these options can provide secure authentication, and an alternate solution should be chosen.
C. PEAP, because it provides encryption and doesn't suffer from the same vulnerabilities that LEAP does
49. There are four common VPN protocols. Which group of four below contains all of the common VPN protocols? A. PPTP, LTP, L2TP, IPsec B. PPP, L2TP, IPsec, VNC C. PPTP, L2F, L2TP, IPsec D. PPTP, L2TP, IPsec, SPAP
C. PPTP, L2F, L2TP, IPsec
44. Jim's remote site has only ISDN as an option for connectivity. What type of ISDN should he look for to get the maximum speed possible? A. BRI B. BPRI C. PRI D. Channel
C. PRI
38. Sue modifies her MAC address to one that is allowed on a network that uses MAC filtering to provide security. What is the technique Sue used, and what non-security issue could her actions cause? A. Broadcast domain exploit, address conflict B. Spoofing, token loss C. Spoofing, address conflict D. Sham EUI creation, token loss
C. Spoofing, address conflict
7. What common applications are associated with each of the following TCP ports: 23, 25, 143, and 515? A. Telnet, SFTP, NetBIOS, and LPD B. SSH, SMTP, POP3, and ICMP C. Telnet, SMTP, IMAP, and LPD D. Telnet, SMTP, POP3, and X Windows
C. Telnet, SMTP, IMAP, and LPD
51. Which OSI layer includes electrical specitications, protocols, and interface standards? A. The Transport layer B. The Device layer C. The Physical layer D. The Data Link layer
C. The Physical layer
45. SPIT attacks target what technology? A. Virtualization platforms B. Web services C. VoIP systems D. Secure Process Internal Transfers
C. VoIP systems
43. Ben has deployed a 1000Base-T 1 gigabit network and needs to run a cable to another building. If Ben is running his link directly from a switch to another switch in that building, what is the maxiumum distance Ben can cover according to the 1000Base-T specification? A. 2 kilometers B. 500 meters C. 185 meters D. 100 meters
D. 100 meters
42. Lauren wants to provide port-based authentication on her network to ensure that clients must authenticate before using the network. What technology is an appropriate solution for this requirements? A. 802.11a B. 802.3 C. 802.15.1 D. 802.1x
D. 802.1x
16. Susan is deploying a routing protocol that maintains a list of destination networks with metrics that include the distance in hops to them and the direction traffic should be sent to them. What type of protocol is she using? A. A link-state protocol B. A link-distance protocol C. A destination metric protocol D. A distance-vector protocol
D. A distance-vector protocol
81. What type of address is 127.0.0.1? A. A public IP address B. An RFC 1918 address C. An APIPA address D. A loopback address
D. A loopback address
94. What type of attack is most likely to occur after a successful ARP spoofing attempt? A. A DoS attack B. A Trojan C. A replay attack D. A man-in-the-middle attack
D. A man-in-the-middle attack
48. What network topology is shown below? Refer to page 82 in book. A. A ring B. A bus C. A star D. A mesh
D. A mesh
85. What type of network device modulates between an analog carrier signal and digital information for computer communications? A. A bridge B. A router C. A brouter D. A modem
D. A modem
93. What topology correctly describes Ethernet? A. A ring B. A star C. A mesh D. A. bus
D. A. bus
86. Which list presents the layers of the OSI model in the correct order? A. Presentation, Application, Session, Transport, Network, Data Link, Physical B. Application, Presentation, Session, Network, Transport, Data Link, Physical C. Presentation, Application, zsession, Transport, Data Link, Nerwork, Physical D. Application, Presentation, Session, Transport, Network, Data Link, Physical
D. Application, Presentation, Session, Transport, Network, Data Link, Physical
46. What does a bluesnarfing attack target? A. Data on IBM systems B. An outbound phone call via Bluetooth C. 802.11b networks D. Data from a Bluetooth-enabled device
D. Data from a Bluetooth-enabled device
41. Lauren uses the ping utility to check whether a remote system is up as part of a penetration testing excrise. If she wants to filter ping out by protocol, What protocol should she filter out from her packet sniffer's logs? A. UDP B. TCP C. IP D. ICMP
D. ICMP
40. SMTP, HTTP, and SNMP all occur at what layer of the OSI model? A. Layer 4 B. Layer 5 C. Layer 6 D. Layer 7
D. Layer 7
39. Jim's audit of a large organization's traditional PBX showed that Direct Inward System Access (DISA) was being abused by third parties. What issue is most likely to lead to this problem? A. The PBX was not fully patched. B. The dial-in modem lines use uppublished numbers. C. DISA is set up to only allow local calls. D. One or more users' access codes have been compromised.
D. One or more users' access codes have been compromised.
56. Chris has been asked to choose between implementing PEAP and LEAP for wireless authentication. What should he choose, and why? A. LEAP, because it fixes problems with TKIP, resulting in stronger security B. PEAP, because it implements CCMP for security C. LEAP, because it implements EAP-TLS for end-to-end session encryption D. PEAP, because it can provide a TLS tunnel that encapsulates EAP methods, protecting the entire session
D. PEAP, because it can provide a TLS tunnel that encapsulates EAP methods, protecting the entire session
5. Sarah is manually reviewing a packet capture of TCP traffic and finds that a system is setting the RST flag in the TCP packets it sends repeatedly during a short peripd of time. What does this flag mean in the TCP packet header? A. RST flags mean "Rest." The server needs traffic to briefly pause. B. RST flags mean "Relay-set." The packets will be forwarded to the address set in the packet. C. RST flags mean "Resume Standard." Communications will resume in their normal format. D. RST means " Reset." The TCP session will be disconnected.
D. RST means " Reset." The TCP session will be disconnected.
70. During a review of her organization's network, Angela discovered that it was suffering from broadcast storms and that contractors, guests, and organizational administrative staff were on the same network segment. What design change should Angela recommend? A. Require encryption for all users. B. Install a firewall at the network border. C. Enable spanning tree loop detection. D. Segment the network based on functional requirements.
D. Segment the network based on functional requirements.
99. During a forensic investigation, Charles is able to determine the Media Access Countrol address of a system that was connected to a compromised network. Charles knows that MAC addresses are tied back to a manufacturer or vedor and are part of the fingerprint of the system. To which OSI layer does a MAC address belongs? A. The Application layer B. The Session layer C. The Physical layer D. The Data Link layer
D. The Data Link layer
14. If the VPN grants remote users the same access to network and system resources as local workstations have, what security issue should Chris rsise? A. VPN users will not be able to access the web server. B. There is no additional security issue; the VPN concentrator's logical network location matches the logical network location of the workstations. C. VPN by passes the firewall, creating additional risks. D. VPN users should only connect from managed PCs.
D. VPN users should only connect from managed PCs.
27. Which of the following is a converged protocol that allows storage mounts over TCP, and which is frequently used as a lower-cost alternative to Fibre Channel? A. MPLS B. SDN C. VoIP D. iSCSI
D. iSCSI
88. Modern dial-up connections use what dial-up protocol? A. SLIP B. SLAP C. PPTP D. PPP
D.PPP