CISSP Oicial (ISC)2 Practice Tests

NEXT

PREV

Chapter 3 Security Engineering (Domain 3)

Chapter 5 Identity and Access Management (Domain 5)

Chapter 4
Communication and Network Security (Domain
4)
1.WhatimportantfactorlistedbelowdifferentiatesFrameRelayfrom
X.25?
1.FrameRelaysupportsmultiplePVCsoverasingleWANcarrier
connection.
2.FrameRelayisacellswitchingtechnologyinsteadofapacketswitching
technologylikeX.25.
3.FrameRelaydoesnotprovideaCommittedInformationRate(CIR).
4.FrameRelayonlyrequiresaDTEontheproviderside.

2.Duringasecurityassessmentofawirelessnetwork,Jimdiscoversthat
LEAPisinuseonanetworkusingWPA.Whatrecommendationshould
Jimmake?
1.ContinuetouseLEAP.ItprovidesbettersecuritythanTKIPforWPA
networks.
2.UseanalternateprotocollikePEAPorEAPTLSandimplementWPA2if
supported.
3.ContinuetouseLEAPtoavoidauthenticationissues,butmovetoWPA2.
4.UseanalternateprotocollikePEAPorEAPTLS,andimplementWired
EquivalentPrivacytoavoidwirelesssecurityissues.

3.BenhasconnectedhislaptoptohistabletPCusingan802.11g
connection.Whatwirelessnetworkmodehasheusedtoconnectthese
devices?
1.Infrastructuremode
2.Wiredextensionmode
3.Adhocmode
4.Standalonemode

4.LaurensandNicksPCssimultaneouslysendtrafficbytransmittingat
thesametime.Whatnetworktermdescribestherangeofsystemsona
networkthatcouldbeaffectedbythissameissue?
1.Thesubnet
2.Thesupernet
3.Acollisiondomain
4.Abroadcastdomain

5.SarahismanuallyreviewingapacketcaptureofTCPtrafficandfindsthat
asystemissettingtheRSTflagintheTCPpacketsitsendsrepeatedly
duringashortperiodoftime.WhatdoesthisflagmeanintheTCPpacket
header?
1.RSTflagsmeanRest.Theserverneedstraffictobrieflypause.
2.RSTflagsmeanRelayset.Thepacketswillbeforwardedtotheaddress

Enjoy Safari? Subscribe Today

setinthepacket.

3.RSTflagsmeanResumeStandard.Communicationswillresumein
theirnormalformat.
4.RSTmeansReset.TheTCPsessionwillbedisconnected.

6.Garyisdeployingawirelessnetworkandwantstodeploythefastest
possiblewirelesstechnology.Ofthe802.11standardslistedbelow,which
isthefastest2.4GHzoptionhehas?
1.802.11a
2.802.11g
3.802.11n
4.802.11ac

7.WhatcommonapplicationsareassociatedwitheachofthefollowingTCP
ports:23,25,143,and515?
1.Telnet,SFTP,NetBIOS,andLPD
2.SSH,SMTP,POP3,andICMP
3.Telnet,SMTP,IMAP,andLPD
4.Telnet,SMTP,POP3,andXWindows

8.ChrisisconfiguringanIDStomonitorforunencryptedFTPtraffic.What
portsshouldChrisuseinhisconfiguration?
1.TCP20and21
2.TCP21only
3.UDPport69
4.TCPport21andUDPport21

9.FHSS,DSSS,andOFDMallusewhatwirelesscommunicationmethod
thatoccursovermultiplefrequenciessimultaneously?
1.WiFi
2.SpreadSpectrum
3.Multiplexing
4.Orthogonalmodulation

10.WhichauthenticationprotocolcommonlyusedforPPPlinksencrypts
boththeusernameandpasswordandusesachallenge/responsedialog
thatcannotbereplayedandperiodicallyreauthenticatesremotesystems
throughoutitsuseinasession?
1.PAP
2.CHAP
3.EAP
4.LEAP

11.Whichofthefollowingoptionsisnotacommonbestpracticeforsecuring
awirelessnetwork?
1.TurnonWPA2.
2.EnableMACfilteringifusedforarelativelysmallgroupofclients.
3.EnableSSIDbroadcast.
4.Separatetheaccesspointfromthewirednetworkusingafirewall,thus
treatingitasexternalaccess.

12.Whatnetworktopologyisshownintheimagebelow?

Enjoy Safari? Subscribe Today

1.Aring
2.Abus
3.Astar
4.Amesh
Chrisisdesigninglayerednetworksecurityforhisorganization.Using
thediagrambelow,answerquestions13through15.

13.Whattypeoffirewalldesignisshowninthediagram?
1.Asingletierfirewall
2.Atwotierfirewall
3.Athreetierfirewall
4.Afourtierfirewall

14.IftheVPNgrantsremoteusersthesameaccesstonetworkandsystem
resourcesaslocalworkstationshave,whatsecurityissueshouldChris
raise?
1.VPNuserswillnotbeabletoaccessthewebserver.
2.ThereisnoadditionalsecurityissuetheVPNconcentratorslogical
networklocationmatchesthelogicalnetworklocationofthe
workstations.
3.VPNbypassesthefirewall,creatingadditionalrisks.
4.VPNusersshouldonlyconnectfrommanagedPCs.

15.IfChriswantstostopcrosssitescriptingattacksagainstthewebserver,
whatisthebestdeviceforthispurpose,andwhereshouldheputit?
1.Afirewall,locationA
2.AnIDS,locationA
3.AnIPS,locationB
4.AWAF,locationC

16.Susanisdeployingaroutingprotocolthatmaintainsalistofdestination
networkswithmetricsthatincludethedistanceinhopstothemandthe

Enjoy Safari? Subscribe Today

directiontrafficshouldbesenttothem.Whattypeofprotocolisshe
using?
1.Alinkstateprotocol
2.Alinkdistanceprotocol
3.Adestinationmetricprotocol
4.Adistancevectorprotocol

17.BenhasconfiguredhisnetworktonotbroadcastaSSID.WhymightBen
disableSSIDbroadcast,andhowcouldhisSSIDbediscovered?
1.DisablingSSIDbroadcastpreventsattackersfromdiscoveringthe
encryptionkey.TheSSIDcanberecoveredfromdecryptedpackets.
2.DisablingSSIDbroadcasthidesnetworksfromunauthorizedpersonnel.
TheSSIDcanbediscoveredusingawirelesssniffer.
3.DisablingSSIDbroadcastpreventsissueswithbeaconframes.TheSSID
canberecoveredbyreconstructingtheBSSID.
4.DisablingSSIDbroadcasthelpsavoidSSIDconflicts.TheSSIDcanbe
discoveredbyattemptingtoconnecttothenetwork.

18.Whatnetworktoolcanbeusedtoprotecttheidentityofclientswhile
providingInternetaccessbyacceptingclientrequests,alteringthe
sourceaddressesoftherequests,mappingrequeststoclients,and
sendingthemodifiedrequestsouttotheirdestination?
1.Agateway
2.Aproxy
3.Arouter
4.Afirewall

19.Duringtroubleshooting,Chrisusesthenslookupcommandtocheckthe
IPaddressofahostheisattemptingtoconnectto.TheIPheseesinthe
responseisnottheIPthatshouldresolvewhenthelookupisdone.What
typeofattackhaslikelybeenconducted?
1.DNSspoofing
2.DNSpoisoning
3.ARPspoofing
4.ACainattack

20.AremoteaccesstoolthatcopieswhatisdisplayedonadesktopPCtoa
remotecomputerisanexampleofwhattypeoftechnology?
1.Remotenodeoperation
2.Screenscraping
3.Remotecontrol
4.RDP

21.Whichemailsecuritysolutionprovidestwomajorusagemodes:(1)signed
messagesthatprovideintegrity,senderauthentication,and
nonrepudiationand(2)anenvelopedmessagemodethatprovides
integrity,senderauthentication,andconfidentiality?
1.S/MIME
2.MOSS
3.PEM
4.DKIM

22.Duringasecurityassessment,Jimdiscoversthattheorganizationheis
workingwithusesamultilayerprotocoltohandleSCADAsystemsand
recentlyconnectedtheSCADAnetworktotherestoftheorganizations
productionnetwork.Whatconcernshouldheraiseaboutserialdata
transferscarriedviaTCP/IP?
1.SCADAdevicesthatarenowconnectedtothenetworkcannowbe
attackedoverthenetwork.
2.SerialdataoverTCP/IPcannotbeencrypted.
3.SerialdatacannotbecarriedinTCPpackets.
4.TCP/IPsthroughputcanallowforeasydenialofserviceattacksagainst
serialdevices.

23.WhattypeofkeydoesWEPusetoencryptwirelesscommunications?

Enjoy Safari? Subscribe Today

1.Anasymmetrickey

2.Uniquekeysetsforeachhost
3.Apredefinedsharedstatickey
4.Uniqueasymmetrickeysforeachhost

24.Anattackthatcausesaservicetofailbyexhaustingallofasystems
resourcesiswhattypeofattack?
1.Aworm
2.Adenialofserviceattack
3.Avirus
4.Asmurfattack

25.Whatspeedandfrequencyrangeisusedby802.11n?
1.54Mbps,5GHz
2.200+Mbps,5GHz
3.200+Mbps,2.4and5GHz
4.1Gbps,5GHz

26.TheAddressResolutionProtocol(ARP)andtheReverseAddress
ResolutionProtocol(RARP)operateatwhatlayeroftheOSImodel?
1.Layer1
2.Layer2
3.Layer3
4.Layer4

27.Whichofthefollowingisaconvergedprotocolthatallowsstoragemounts
overTCP,andwhichisfrequentlyusedasalowercostalternativeto
FibreChannel?
1.MPLS
2.SDN
3.VoIP
4.iSCSI

28.ChrisisbuildinganEthernetnetworkandknowsthatheneedstospana
distanceofover150meterswithhis1000BaseTnetwork.Whatnetwork
technologyshouldheusetohelpwiththis?
1.Installarepeateroraconcentratorbefore100meters.
2.UseCategory7cable,whichhasbettershieldingforhigherspeeds.
3.Installagatewaytohandlethedistance.
4.UseSTPcabletohandlethelongerdistanceathighspeeds.
Laurensorganizationhasusedapopularinstantmessagingservicefora
numberofyears.Recently,concernshavebeenraisedabouttheuseof
instantmessaging.Usingthediagrambelow,answerquestions29
through31aboutinstantmessaging.

Enjoy Safari? Subscribe Today

29.Whatprotocolistheinstantmessagingtrafficmostlikelytousebasedon
thediagram?
1.AOL
2.HTTP
3.SMTP
4.HTTPS

30.WhatsecurityconcerndoessendinginternalcommunicationsfromAto
Bcause?
1.ThefirewalldoesnotprotectsystemB.
2.SystemCcanseethebroadcasttrafficfromsystemAtoB.
3.Itistravelingviaanunencryptedprotocol.
4.IMdoesnotprovidenonrepudation.

31.HowcouldLaurenscompanybestaddressadesireforsecureinstant
messagingforusersofinternalsystemsAandC?
1.Usea3rdpartyinstantmessagingservice.
2.ImplementandusealocallyhostedIMservice.
3.UseHTTPS.
4.DiscontinueuseofIMandinsteaduseemail,whichismoresecure.

32.Whichofthefollowingdrawbacksisaconcernwhenmultilayerprotocols
areallowed?
1.Arangeofprotocolsmaybeusedathigherlayers.
2.Covertchannelsareallowed.
3.Filterscannotbebypassed.
4.Encryptioncantbeincorporatedatmultiplelayers.

33.Whatnetworktopologyisshownintheimagebelow?

1.Aring
2.Astar
3.Abus
4.Amesh

34.Chrisusesacellularhotspot(modem)toprovideInternetaccesswhenhe
istraveling.IfheleavesthehotspotconnectedtohisPCwhilehisPCis
onhisorganizationscorporatenetwork,whatsecurityissuemighthe
cause?
1.Trafficmaynotberoutedproperly,exposingsensitivedata.
2.HissystemmayactasabridgefromtheInternettothelocalnetwork.
3.HissystemmaybeaportalforareflectedDDoSattack.
4.SecurityadministratorsmaynotbeabletodeterminehisIPaddressifa
securityissueoccurs.

35.Inherroleasaninformationsecurityprofessional,Susanhasbeen
askedtoidentifyareaswhereherorganizationswirelessnetworkmay
beaccessibleeventhoughitisntintendedtobe.WhatshouldSusandoto
determinewhereherorganizationswirelessnetworkisaccessible?

Enjoy Safari? Subscribe Today

1.Asitesurvey

2.Warwalking
3.Wardriving
4.Adesignmap

36.TheDARPATCP/IPmodelsApplicationlayermatchesuptowhatthree
OSImodellayers?
1.Application,Presentation,andTransport
2.Presentation,Session,andTransport
3.Application,Presentation,andSession
4.Thereisnotadirectmatch.TheTCPmodelwascreatedbeforetheOSI
model.

37.OneofSusansattacksduringapenetrationtestinvolvesinsertingfalse
ARPdataintoasystemsARPcache.Whenthesystemattemptstosend
traffictotheaddressitbelievesbelongstoalegitimatesystem,itwill
insteadsendthattraffictoasystemshecontrols.Whatisthisattack
called?
1.RARPFlooding
2.ARPcachepoisoning
3.AdenialofARPattack
4.ARPbufferblasting

38.SuemodifiesherMACaddresstoonethatisallowedonanetworkthat
usesMACfilteringtoprovidesecurity.WhatisthetechniqueSueused,
andwhatnonsecurityissuecouldheractionscause?
1.Broadcastdomainexploit,addressconflict
2.Spoofing,tokenloss
3.Spoofing,addressconflict
4.ShamEUIcreation,tokenloss

39.JimsauditofalargeorganizationstraditionalPBXshowedthatDirect
InwardSystemAccess(DISA)wasbeingabusedbythirdparties.What
issueismostlikelytoleadtothisproblem?
1.ThePBXwasnotfullypatched.
2.Thedialinmodemlinesuseunpublishednumbers.
3.DISAissetuptoonlyallowlocalcalls.
4.Oneormoreusersaccesscodeshavebeencompromised.

40.SMTP,HTTP,andSNMPalloccuratwhatlayeroftheOSImodel?
1.Layer4
2.Layer5
3.Layer6
4.Layer7

41.Laurenusesthepingutilitytocheckwhetheraremotesystemisupas
partofapenetrationtestingexercise.Ifshewantstofilterpingoutby
protocol,whatprotocolshouldshefilteroutfromherpacketsnifferslogs?
1.UDP
2.TCP
3.IP
4.ICMP

42.Laurenwantstoprovideportbasedauthenticationonhernetworkto
ensurethatclientsmustauthenticatebeforeusingthenetwork.What
technologyisanappropriatesolutionforthisrequirement?
1.802.11a
2.802.3
3.802.15.1
4.802.1x

43.Benhasdeployeda1000BaseT1gigabitnetworkandneedstoruna
cabletoanotherbuilding.IfBenisrunninghislinkdirectlyfromaswitch
toanotherswitchinthatbuilding,whatisthemaximumdistanceBencan

Enjoy Safari? Subscribe Today

coveraccordingtothe1000BaseTspecification?

1.2kilometers
2.500meters
3.185meters
4.100meters

44.JimsremotesitehasonlyISDNasanoptionforconnectivity.Whattype
ofISDNshouldhelookfortogetthemaximumspeedpossible?
1.BRI
2.BPRI
3.PRI
4.Dchannel

45.SPITattackstargetwhattechnology?
1.Virtualizationplatforms
2.Webservices
3.VoIPsystems
4.SecureProcessInternalTransfers

46.Whatdoesabluesnarfingattacktarget?
1.DataonIBMsystems
2.AnoutboundphonecallviaBluetooth
3.802.11bnetworks
4.DatafromaBluetoothenableddevice

47.Whichofthefollowingoptionsincludesstandardsorprotocolsthatexist
inlayer6oftheOSImodel?
1.NFS,SQL,andRPC
2.TCP,UDP,andTLS
3.JPEG,ASCII,andMIDI
4.HTTP,FTP,SMTP

48.Whatnetworktopologyisshownbelow?

1.Aring
2.Abus
3.Astar
4.Amesh

49.TherearefourcommonVPNprotocols.Whichgroupoffourbelow
containsallofthecommonVPNprotocols?
1.PPTP,LTP,L2TP,IPsec
2.PPP,L2TP,IPsec,VNC
3.PPTP,L2F,L2TP,IPsec
4.PPTP,L2TP,IPsec,SPAP

50.Whatnetworktechnologyisbestdescribedasatokenpassingnetwork

Enjoy Safari? Subscribe Today

thatusesapairofringswithtrafficflowinginoppositedirections?

1.Aringtopology
2.TokenRing
3.FDDI
4.SONET

51.WhichOSIlayerincludeselectricalspecifications,protocols,and
interfacestandards?
1.TheTransportlayer
2.TheDevicelayer
3.ThePhysicallayer
4.TheDataLinklayer

52.BenisdesigningaWiFinetworkandhasbeenaskedtochoosethemost
secureoptionforthenetwork.Whichwirelesssecuritystandardshouldhe
choose?
1.WPA2
2.WPA
3.WEP
4.AES

53.Ifyourorganizationneedstoallowattachmentsinemailtosupport
criticalbusinessprocesses,whatarethetwobestoptionsforhelpingto
avoidsecurityproblemscausedbyattachments?
1.Trainyourusersanduseantimalwaretools.
2.Encryptyouremailanduseantimalwaretools.
3.TrainyourusersandrequireS/MIMEforallemail.
4.UseS/MIMEbydefaultandremoveallZIP(.zip)fileattachments.

54.Segmentation,sequencing,anderrorcheckingalloccuratwhatlayerof
theOSImodelthatisassociatedwithSSL,TLS,andUDP?
1.TheTransportlayer
2.TheNetworklayer
3.TheSessionlayer
4.ThePresentationlayer

55.TheWindowsipconfigcommanddisplaysthefollowinginformation:
BC5FF47B4B7D
Whattermdescribesthis,andwhatinformationcanbegatheredfromit?
1.TheIPaddress,thenetworklocationofthesystem
2.TheMACaddress,thenetworkinterfacecardsmanufacturer
3.TheMACaddress,themediatypeinuse
4.TheIPv6clientID,thenetworkinterfacecardsmanufacturer

56.ChrishasbeenaskedtochoosebetweenimplementingPEAPandLEAP
forwirelessauthentication.Whatshouldhechoose,andwhy?
1.LEAP,becauseitfixesproblemswithTKIP,resultinginstrongersecurity
2.PEAP,becauseitimplementsCCMPforsecurity
3.LEAP,becauseitimplementsEAPTLSforendtoendsessionencryption
4.PEAP,becauseitcanprovideaTLStunnelthatencapsulatesEAP
methods,protectingtheentiresession

57.BenistroubleshootinganetworkanddiscoversthattheNATrouterheis
connectedtohasthe192.168.x.xsubnetasitsinternalnetworkandthat
itsexternalIPis192.168.1.40.Whatproblemisheencountering?
1.192.168.x.xisanonroutablenetworkandwillnotbecarriedtothe
Internet.
2.192.168.1.40isnotavalidaddressbecauseitisreservedbyRFC1918.
3.DoubleNATingisnotpossibleusingthesameIPrange.
4.Theupstreamsystemisunabletodeencapsulatehispacketsandhe
needstousePATinstead.

Enjoy Safari? Subscribe Today

58.WhatisthedefaultsubnetmaskforaClassBnetwork?

1.255.0.0.0
2.255.255.0.0
3.255.254.0.0
4.255.255.255.0

59.JimsorganizationusesatraditionalPBXforvoicecommunication.What
isthemostcommonsecurityissuethatitsinternalcommunicationsare
likelytoface,andwhatshouldherecommendtopreventit?
1.Eavesdropping,encryption
2.Maninthemiddleattacks,endtoendencryption
3.Eavesdropping,physicalsecurity
4.Wardialing,deployanIPS

60.Whatcommonsecurityissueisoftenoverlookedwithcordlessphones?
1.Theirsignalisrarelyencryptedandthuscanbeeasilymonitored.
2.Theyuseunlicensedfrequencies.
3.Theycanallowattackersaccesstowirelessnetworks.
4.Theyarerarelypatchedandarevulnerabletomalware.

61.LaurensorganizationhasdeployedVoIPphonesonthesameswitches
thatthedesktopPCsareon.Whatsecurityissuecouldthiscreate,and
whatsolutionwouldhelp?
1.VLANhopping,usephysicallyseparateswitches.
2.VLANhopping,useencryption.
3.CallerIDspoofing,MACfiltering
4.Denialofserviceattacks,useafirewallbetweennetworks.

62.Whichtypeoffirewallcanbedescribedasadevicethatfilterstraffic
basedonitssource,destinationandtheportitissentfromorisgoing
to?
1.Astaticpacketfilteringfirewall
2.AnApplicationlayergatewayfirewall
3.Adynamicpacketfilteringfirewall
4.Astatefulinspectionfirewall

63.Aphreakingtoolusedtomanipulatelinevoltagestosteallongdistance
serviceisknownaswhattypeofbox?
1.Ablackbox
2.Aredbox
3.Abluebox
4.Awhitebox

64.DatastreamsoccuratwhatthreelayersoftheOSImodel?
1.Application,Presentation,andSession
2.Presentation,Session,andTransport
3.Physical,DataLink,andNetwork
4.DataLink,Network,andTransport

65.Chrisneedstodesignafirewallarchitecturethatcansupportseparatelya
DMZ,adatabase,andaprivateinternalnetwork.Whattypeofdesign
shouldheuse,andhowmanyfirewallsdoesheneed?
1.Afourtierfirewalldesignwithtwofirewalls
2.Atwotierfirewalldesignwiththreefirewalls
3.Athreetierfirewalldesignwithatleastonefirewall
4.Asingletierfirewalldesignwiththreefirewalls

66.Laurensnetworkingteamhasbeenaskedtoidentifyatechnologythat
willallowthemtodynamicallychangetheorganizationsnetworkby
treatingthenetworklikecode.Whattypeofarchitectureshouldshe
recommend?
1.Anetworkthatfollowsthe543rule
2.Aconvergednetwork

Enjoy Safari? Subscribe Today

3.Asoftwaredefinednetwork

4.Ahypervisorbasednetwork

67.Jimsorganizationusesfaxmachinestoreceivesensitivedata.Sincethe
faxmachineislocatedinapublicarea,whatactionsshouldJimtaketo
dealwithissuesrelatedtofaxeshisorganizationreceives?
1.Encryptthefaxesandpurgelocalmemory.
2.Disableautomaticprintingandpurgelocalmemory.
3.Encryptfaxesanddisableautomaticprinting.
4.Uselinkencryptionandenableautomaticprinting.

68.Cablemodems,ISDN,andDSLareallexamplesofwhattypeof
technology?
1.Baseband
2.Broadband
3.Digital
4.Broadcast

69.Whattypeoffirewalldesignisshownintheimagebelow?

1.Singletier
2.Twotier
3.Threetier
4.Nextgeneration

70.Duringareviewofherorganizationsnetwork,Angeladiscoveredthatit
wassufferingfrombroadcaststormsandthatcontractors,guests,and
organizationaladministrativestaffwereonthesamenetworksegment.
WhatdesignchangeshouldAngelarecommend?
1.Requireencryptionforallusers.
2.Installafirewallatthenetworkborder.
3.Enablespanningtreeloopdetection.
4.Segmentthenetworkbasedonfunctionalrequirements.

71.ICMP,RIP,andnetworkaddresstranslationalloccuratwhatlayerof
theOSImodel?
1.Layer1
2.Layer2
3.Layer3
4.Layer4
Usethefollowingscenariotohelpguideyouranswersinthefollowing
threequestions.
Benisaninformationsecurityprofessionalatanorganizationthatis
replacingitsphysicalserverswithvirtualmachines.Astheorganization
buildsitsvirtualenvironment,itisdecreasingthenumberofphysical
serversituseswhilepurchasingmorepowerfulserverstoactasthe
virtualizationplatforms.

72.TheIDSBenisresponsibleforisusedtomonitorcommunicationsinthe
datacenterusingamirroredportonthedatacenterswitch.Whattraffic
willBenseeoncethemajorityofserversinthedatacenterhavebeen
virtualized?
1.Thesametraffichecurrentlysees
2.AllinterVMtraffic
3.OnlytrafficsentoutsideoftheVMenvironment
4.Allinterhypervisortraffic

73.TheVMadministratorsrecommendenablingcutandpastebetween
virtualmachines.WhatsecurityconcernshouldBenraiseaboutthis
practice?
1.Itcancauseadenialofservicecondition.
2.Itcanserveasacovertchannel.

Enjoy Safari? Subscribe Today

3.Itcanallowvirusestospread.

4.Itcanbypassauthenticationcontrols.

74.BenisconcernedaboutexploitsthatallowVMescape.Whatoption
shouldBensuggesttohelplimittheimpactofVMescapeexploits?
1.Separatevirtualmachinesontoseparatephysicalhardwarebasedontask
ordatatypes.
2.UseVMescapedetectiontoolsontheunderlyinghypervisor.
3.Restoremachinestotheiroriginalsnapshotsonaregularbasis.
4.UseautilitylikeTripwiretolookforchangesinthevirtualmachines.

75.WPA2sCounterModeCiperBlockChainingMessageAuthentication
ModeProtocol(CCMP)isbasedonwhichcommonencryptionscheme?
1.DES
2.3DES
3.AES
4.TLS

76.WhenahostonanEthernetnetworkdetectsacollisionandtransmitsa
jamsignal,whathappensnext?
1.Thehostthattransmittedthejamsignalisallowedtoretransmitwhileall
otherhostspauseuntilthattransmissionisreceivedsuccessfully.
2.Allhostsstoptransmittingandeachhostwaitsarandomperiodoftime
beforeattemptingtotransmitagain.
3.Allhostsstoptransmittingandeachhostwaitsaperiodoftimebasedon
howrecentlyitsuccessfullytransmitted.
4.Hostswaitforthetokentobepassedandthenresumetransmittingdata
astheypassthetoken.

77.IPX,AppleTalk,andNetBEUIareallexamplesofwhat?
1.Routingprotocols
2.UDPprotocols
3.NonIPprotocols
4.TCPprotocols

78.WhatisthespeedofaT3line?
1.128kbps
2.1.544Mbps
3.44.736Mbps
4.155Mbps

79.Whattypeoffirewalldesigndoestheimagebelowshow?

1.Asingletierfirewall
2.Atwotierfirewall
3.Athreetierfirewall
4.AfullyprotectedDMZfirewall

80.Whatchallengeismostcommonforendpointsecuritysystem
deployments?
1.Compromises
2.Thevolumeofdata
3.Monitoringencryptedtrafficonthenetwork
4.HandlingnonTCPprotocols

81.Whattypeofaddressis127.0.0.1?
1.ApublicIPaddress
2.AnRFC1918address

Enjoy Safari? Subscribe Today

3.AnAPIPAaddress

4.Aloopbackaddress

82.Susaniswritingabestpracticesstatementforherorganizationalusers
whoneedtouseBluetooth.Sheknowsthattherearemanypotential
securityissueswithBluetoothandwantstoprovidethebestadviceshe
can.WhichofthefollowingsetsofguidanceshouldSusaninclude?
1.UseBluetoothsbuiltinstrongencryption,changethedefaultPINon
yourdevice,turnoffdiscoverymode,andturnoffBluetoothwhenitsnot
inactiveuse.
2.UseBluetoothonlyforthoseactivitiesthatarenotconfidential,change
thedefaultPINonyourdevice,turnoffdiscoverymode,andturnoff
Bluetoothwhenitsnotinactiveuse.
3.UseBluetoothsbuiltinstrongencryption,useextended(8digitor
longer)BluetoothPINs,turnoffdiscoverymode,andturnoffBluetooth
whenitsnotinactiveuse.
4.UseBluetoothonlyforthoseactivitiesthatarenotconfidential,use
extended(8digitorlonger)BluetoothPINs,turnoffdiscoverymode,and
turnoffBluetoothwhenitsnotinactiveuse.

83.Whattypeoffirewallisknownasasecondgenerationfirewall?
1.Staticpacketfilteringfirewalls
2.Applicationlevelgatewayfirewalls
3.Statefulinspectionfirewalls
4.UnifiedThreatManagement

84.Stevehasbeentaskedwithimplementinganetworkstorageprotocol
overanIPnetwork.Whatstoragecentricconvergedprotocolishelikely
touseinhisimplementation?
1.MPLS
2.FCoE
3.SDN
4.VoIP

85.Whattypeofnetworkdevicemodulatesbetweenananalogcarriersignal
anddigitalinformationforcomputercommunications?
1.Abridge
2.Arouter
3.Abrouter
4.Amodem

86.WhichlistpresentsthelayersoftheOSImodelinthecorrectorder?
1.Presentation,Application,Session,Transport,Network,DataLink,
Physical
2.Application,Presentation,Session,Network,Transport,DataLink,
Physical
3.Presentation,Application,Session,Transport,DataLink,Network,
Physical
4.Application,Presentation,Session,Transport,Network,DataLink,
Physical

87.Adenialofservice(DoS)attackthatsendsfragmentedTCPpacketsis
knownaswhatkindofattack?
1.Christmastree
2.Teardrop
3.Stackkiller
4.Fraggrenade

88.Moderndialupconnectionsusewhatdialupprotocol?
1.SLIP
2.SLAP
3.PPTP
4.PPP

89.OneofthefindingsthatJimmadewhenperformingasecurityauditwas

Enjoy Safari? Subscribe Today

theuseofnonIPprotocolsinaprivatenetwork.WhatissueshouldJim
pointoutthatmayresultfromtheuseofthesenonIPprotocols?

1.TheyareoutdatedandcannotbeusedonmodernPCs.
2.Theymaynotbeabletobefilteredbyfirewalldevices.
3.TheymayallowChristmastreeattacks.
4.IPXextendsontheIPprotocolandmaynotbesupportedbyallTCP
stacks.

90.AngelaneedstochoosebetweenEAP,PEAP,andLEAPforsecure
authentication.Whichauthenticationprotocolshouldshechooseand
why?
1.EAP,becauseitprovidesstrongencryptionbydefault
2.LEAP,becauseitprovidesfrequentreauthenticationandchangingof
WEPkeys
3.PEAP,becauseitprovidesencryptionanddoesntsufferfromthesame
vulnerabilitiesthatLEAPdoes
4.Noneoftheseoptionscanprovidesecureauthentication,andan
alternatesolutionshouldbechosen.

91.LaurenhasbeenaskedtoreplaceherorganizationsPPTP
implementationwithanL2TPimplementationforsecurityreasons.
WhatistheprimarysecurityreasonthatL2TPwouldreplacePPTP?
1.L2TPcanuseIPsec.
2.L2TPcreatesapointtopointtunnel,avoidingmultipointissues.
3.PPTPdoesntsupportEAP.
4.PPTPdoesntproperlyencapsulatePPPpackets.

92.Jimisbuildingaresearchcomputingsystemthatbenefitsfrombeingpart
ofafullmeshtopologybetweensystems.Inafivenodefullmesh
topologydesign,howmanyconnectionswillanindividualnodehave?
1.Two
2.Three
3.Four
4.Five

93.WhattopologycorrectlydescribesEthernet?
1.Aring
2.Astar
3.Amesh
4.Abus

94.WhattypeofattackismostlikelytooccurafterasuccessfulARPspoofing
attempt?
1.ADoSattack
2.ATrojan
3.Areplayattack
4.Amaninthemiddleattack

95.WhatspeedisCategory3UTPcableratedfor?
1.5Mbps
2.10Mbps
3.100Mbps
4.1000Mbps

96.Whatissueoccurswhendatatransmittedoveronesetofwiresispicked
upbyanothersetofwires?
1.Magneticinterference
2.Crosstalk
3.Transmissionabsorption
4.Amplitudemodulation

97.WhattwokeyissueswiththeimplementationofRC4makeWired
EquivalentPrivacy(WEP)evenweakerthanitmightotherwisebe?
1.Itsuseofastaticcommonkeyandclientsetencryptionalgorithms

Enjoy Safari? Subscribe Today

2.Itsuseofastaticcommonkeyandalimitednumberofinitialization
vectors

3.Itsuseofweakasymmetrickeysandalimitednumberofinitialization
vectors
4.Itsuseofaweakasymmetrickeyandclientsetencryptionalgorithms

98.Chrisissettingupahotelnetwork,andneedstoensurethatsystemsin
eachroomorsuitecanconnecttoeachother,butsystemsinothersuites
orroomscannot.Atthesametime,heneedstoensurethatallsystemsin
thehotelcanreachtheInternet.Whatsolutionshouldherecommendas
themosteffectivebusinesssolution?
1.PerroomVPNs
2.VLANs
3.Portsecurity
4.Firewalls

99.Duringaforensicinvestigation,CharlesisabletodeterminetheMedia
AccessControladdressofasystemthatwasconnectedtoacompromised
network.CharlesknowsthatMACaddressesaretiedbacktoa
manufacturerorvendorandarepartofthefingerprintofthesystem.To
whichOSIlayerdoesaMACaddressbelong?
1.TheApplicationlayer
2.TheSessionlayer
3.ThePhysicallayer
4.TheDataLinklayer

100.Benknowsthathisorganizationwantstobeabletovalidatetheidentity
ofotherorganizationsbasedontheirdomainnamewhenreceivingand
sendingemail.WhattoolshouldBenrecommend?
1.PEM
2.S/MIME
3.DKIM
4.MOSS

NEXT

PREV

Recommended
/ Queue
/ History /(Domain
Topics / Tutorials
/ Settings / Blog / Get the App / Sign
Chapter
Out 5 Identity and Access Management (Domain 5)
Chapter 3 Security
Engineering
3)
2016 Safari. Terms of Service / Privacy Policy

Enjoy Safari? Subscribe Today