INT-2690: CISSP Chapter 4 Communication and Network Security Questions

Ace your homework & exams now with Quizwiz!

Which best describes the IP protocol?

A connectionless protocol that deals with the addressing and routing of packets

Which of the following proxies cannot make access decisions based upon protocol commands?

Circuit

An effective method to shield networks from unauthenticated DHCP clients is through the use of _______________ on network switches.

DHCP snooping

Which of the following is the best countermeasure for the attack type addressed in the scenario?

DNSSEC

Which of the following is the best countermeasure that John's team should implement to protect from improper caching issues?

DNSSEC

Which of the following shows the layer sequence as layers 2, 5, 7, 4, and 3?

Data link, session, application, transport, and network

Which of the following is not a characteristic of the Protected Extensible Authentication Protocol?

Designed to support password-protected connections

What takes place at the session layer?

Dialog control

Which of the following is the best and most cost-effective countermeasure for Grace's team to put into place?

Disallowing unnecessary ICMP traffic coming from untrusted networks

What type of client ports should Don make sure the institution's software is using when client-to-server communication needs to take place?

Dynamic

Which of the following solutions is best to meet the company's need to protect wireless traffic?

EAP-TTLS

What takes place at the data link layer?

Framing

What should Tom's team implement to provide source authentication and data encryption at the data link level?

IEEE 802.1X

Wireless LAN technologies have gone through different versions over the years to address some of the inherent security issues within the original IEEE 802.11 standard. Which of the following provides the correct characteristics of Wi-Fi Protected Access 2 (WPA2)?

IEEE 802.1X, EAP, CCMP

Which of the following provides an incorrect definition of the specific component or protocol that makes up IPSec?

Internet Key Exchange provides authenticated keying material for use with encryption algorithms.

How does TKIP provide more protection for WLAN environments?

It adds more keying material.

Why are switched infrastructures safer environments than routed networks?

It is more difficult to sniff traffic since the computers have virtual private connections.

Which of the following is not a characteristic of the IEEE 802.11a standard?

It provides 52 Mbps in bandwidth.

Which of the following is the best type of fiber that should be implemented in this scenario?

Multimode

Which of the following is not one of the stages of the DHCP lease process?

None of Them

Charlie uses PGP on his Linux-based email client. His friend Dave uses S/MIME on his Windows-based e-mail. Charlie is unable to send an encrypted email to Dave. What is the likely scenario?

PGP and S/MIME are incompatible

Which of the following best describes why Sean's team wants to put in the mentioned countermeasure for the most commonly attacked systems?

Reduce DoS attack effects

Alice wants to send a message to Bob, who is several network hops away from her. What is the best approach to protecting the confidentiality of the message?

S/MIME

Which of the following is the best countermeasure to put into place to help reduce the threat of network sniffers viewing network management traffic?

SNMP v3

What should Don's team put into place to stop the masquerading attacks that have been taking place?

SRPC

Which of the following is a cost-effective countermeasure that Don's team should implement?

SYN proxy

The ______________ is an IETF-defined signaling protocol, widely used for controlling multimedia communication sessions such as voice and video calls over IP.

Session Initiation Protocol

Which of the following best describes the firewall configuration issues Sean's team member is describing?

Silent rule, negate rule

Which of the following technologies should Lance's team investigate for increased authentication efforts?

Simple Authentication and Security Layer

Which of the following is most likely taking place to allow spurious packets to gain unauthorized access to critical servers?

Source routing is not restricted

Which of the following protocols is considered connection-oriented?

TCP

Which of the following protocols work in the following layers: application, data link, network, and transport?

TFTP, ARP, IP, and UDP

Based upon the information in the scenario, what should the network team implement as it pertains to IPv6 tunneling?

Teredo should be configured on IPv6-aware hosts that reside behind the NAT device.

Metro Ethernet is a MAN protocol that can work in network infrastructures made up of access, aggregation, metro, and core layers. Which of the following best describes these network infrastructure layers?

The access layer connects the customer's equipment to a service provider's aggregation network. Aggregation occurs on a distribution network. The metro layer is the metropolitan area network. The core connects different metro networks.

Systems that are built on the OSI framework are considered open systems. What does this mean?

They are built with internationally accepted protocols and standards so they can easily communicate with other systems.

Which of the following is most likely the issue that Grace's team experienced when their systems went offline?

Three critical systems were connected to a single-attached station.

Which of the following technologies integrates previously independent security solutions with the goal of providing simplicity, centralized control, and streamlined processes?

Unified Threat Management

Which of the following can take place if an attacker can insert tagging values into network- and switch-based protocols with the goal of manipulating traffic at the data link layer?

VLAN hopping attack

Which of the following is a bridge-mode technology that can monitor individual traffic links between virtual machines or can be integrated within a hypervisor component?

Virtual firewall

Which of the following is the best solution to meet the company's need for broadband wireless connectivity?

WiMAX

Which of the following unauthorized activities have most likely been taking place in this situation?

Zone transfer


Related study sets

Real Estate Principles Chapter 8

View Set

Chapter 2 The Biological Perspective

View Set

ICM chapters 1-3 According to an integrated marketing communications planning model, which of the following activities is best associated with the review of the marketing plan step?

View Set

Module 9: Estate Planning Basics

View Set

Physics 1302 Chapter 19 Electric Charges, Forces and Fields Exam 1

View Set