(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests. Mike Chapple. Читать онлайн. Newlib. NEWLIB.NET

Автор: Mike Chapple
Издательство: John Wiley & Sons Limited
Серия:
Жанр произведения: Зарубежная компьютерная литература
Год издания: 0
isbn: 9781119787648
Скачать книгу
transfers carried via TCP/IP?SCADA devices that are now connected to the network can now be attacked over the network.Serial data over TCP/IP cannot be encrypted.Serial data cannot be carried in TCP packets.TCP/IP's throughput can allow for easy denial-of-service attacks against serial devices.

      23 Ben provides networking and security services for a small chain of coffee shops. The coffee shop chain wants to provide secure, free wireless for customers. Which of the following is the best option available to Ben to allow customers to connect securely to his wireless network without needing a user account if Ben does not need to worry about protocol support issues?Use WPA2 in PSK mode.Use WPA3 in SAE mode.Use WPA2 in Enterprise mode.Use a captive portal.

      24 Alicia's company has implemented multifactor authentication using SMS messages to provide a numeric code. What is the primary security concern that Alicia may want to express about this design?SMS messages are not encrypted.SMS messages can be spoofed by senders.SMS messages may be received by more than one phone.SMS messages may be stored on the receiving phone.

      25 What speed and frequency range are used by 802.11n?5 GHz only900 MHz and 2.4 GHz2.4 GHz and 5 GHz2.4 GHz only

      26 The Address Resolution Protocol (ARP) and the Reverse Address Resolution Protocol (RARP) operate at what layer of the OSI model?Layer 1Layer 2Layer 3Layer 4

      27 Which of the following is a converged protocol that allows storage mounts over TCP, and which is frequently used as a lower-cost alternative to Fibre Channel?MPLSSDNVoIPiSCSI

      28 Chris is building an Ethernet network and knows that he needs to span a distance of more than 150 meters with his 1000BaseT network. What network technology should he use to help with this?Install a repeater, a switch, or a concentrator before 100 meters.Use Category 7 cable, which has better shielding for higher speeds.Install a gateway to handle the distance.Use STP cable to handle the longer distance at high speeds.For questions 29–31, please refer to the following scenario and diagram:Selah's organization has used a popular messaging service for a number of years. Recently, concerns have been raised about the use of messaging.

      29 What protocol is the messaging traffic most likely to use based on the diagram?SLACKHTTPSMTPHTTPS

      30 What security concern does sending internal communications from A to B raise?The firewall does not protect system B.System C can see the broadcast traffic from system A to B.It is traveling via an unencrypted protocol.Messaging does not provide nonrepudation.

      31 How could Selah's company best address a desire for secure messaging for users of internal systems A and C?Use a third-party messaging service.Implement and use a locally hosted service.Use HTTPS.Discontinue use of messaging and instead use email, which is more secure.

      32 Which of the following drawbacks is a concern when multilayer protocols are allowed?A range of protocols may be used at higher layers.Covert channels are allowed.Filters cannot be bypassed.Encryption can't be incorporated at multiple layers.

      33 Which of the following is not an example of a converged protocol?MIMEFCoEiSCSIVoIP

      34 Chris uses a cellular hot spot to provide internet access when he is traveling. If he leaves the hot spot connected to his PC while his PC is on his organization's corporate network, what security issue might he cause?Traffic may not be routed properly, exposing sensitive data.His system may act as a bridge from the internet to the local network.His system may be a portal for a reflected DDoS attack.Security administrators may not be able to determine his IP address if a security issue occurs.

      35 In her role as an information security professional, Susan has been asked to identify areas where her organization's wireless network may be accessible even though it isn't intended to be. What should Susan do to determine where her organization's wireless network is accessible?A site surveyWarwalkingWardrivingA design map

      36 What features can IPsec provide for secure communication?Encryption, access control, nonrepudiation and message authenticationProtocol convergence, content distribution, micro-segmentation, and network virtualizationEncryption, authorization, nonrepudiation, and message integrity checkingMicro-segmentation, network virtualization, encryption, and message authentication

      37 Casey has been asked to determine if Zigbee network traffic can be secured in transit. What security mechanism does Zigbee use to protect data traffic?3DES encryptionAES encryption ROT13 encryptionBlowfish encryption

      38 Sue modifies her MAC address to one that is allowed on a network that uses MAC filtering to provide security. What is the technique Sue used, and what nonsecurity issue could her actions cause?Broadcast domain exploit, address conflictSpoofing, token lossSpoofing, address conflictSham EUI creation, token loss

      39 Joanna wants to deploy 4G LTE as an out-of-band management solution for devices at remote sites. Which of the following security capabilities is not commonly available from 4G service providers?Encryption capabilitiesDevice-based authenticationDedicated towers and antennas for secure service subscribersSIM-based authentication

      40 SMTP, HTTP, and SNMP all occur at what layer of the OSI model?Layer 4Layer 5Layer 6Layer 7

      41 Melissa uses the ping utility to check whether a remote system is up as part of a penetration testing exercise. If she does not want to see her own ping packets, what protocol should she filter out from her packet sniffer's logs?UDPTCPIPICMP

      42 Selah wants to provide port-based authentication on her network to ensure that clients must authenticate before using the network. What technology is an appropriate solution for this requirement?802.11a802.3802.15.1802.1x

      43 Ben has deployed a 1000BaseT gigabit network and needs to run a cable across a large building. If Ben is running his link directly from a switch to another switch in that building, what is the maximum distance Ben can cover according to the 1000BaseT specification?2 kilometers500 meters185 meters100 meters

      44 What security control does MAC cloning attempt to bypass for wired networks?Port securityVLAN hopping802.1q trunkingEtherkiller prevention

      45 The company that Kathleen works for has moved to remote work for most employees and wants to ensure that the multimedia collaboration platform that they use for voice, video, and text-based collaboration is secure. Which of the following security options will provide the best user experience while providing appropriate security for communications?Require software-based VPN to the corporate network for all use of the collaboration platform.Require the use of SIPS and SRTP for all communications.Use TLS for all traffic for the collaboration platform.Deploy secure VPN endpoints to each remote location and use a point-to-point VPN for communications.

      46 Chris wants to use a low-power, personal area network wireless protocol for a device he is designing. Which of the following wireless protocols is best suited to creating small, low-power devices that can connect to each other at relatively short distances across buildings or rooms?WiFiZigbeeNFCInfrared

      47 Which of the following options includes standards or protocols that exist in layer 6 of the OSI model?NFS, SQL, and RPCTCP, UDP, and TLSJPEG, ASCII, and MIDIHTTP, FTP, and SMTP

      48 Cameron is worried about distributed denial-of-service attacks against his company's primary web application. Which of the following options will provide the most resilience against large-scale DDoS attacks?A CDNIncreasing the number of servers in the web application server clusterContract for DDoS mitigation services via the company's ISPIncreasing the amount of bandwidth available from one or more ISPs

      49 There are four common VPN protocols. Which group listed contains all of the common VPN protocols?PPTP, LTP, L2TP, IPsecPPP, L2TP, IPsec, VNCPPTP, L2F, L2TP, IPsecPPTP, L2TP, IPsec, SPAP

      50 Wayne wants to deploy a secure voice communication network. Which of the following techniques should he consider? (Select all that apply.)Use a dedicated VLAN for VoIP phones and devices.Require the use of SIPS and SRTP.Require the use of VPN for all remote VoIP devices.Implement a VoIP IPS.

      51 Which OSI layer includes electrical specifications, protocols, and interface standards?The Transport layerThe Device layerThe Physical layerThe Data Link layer

      52 Ben is designing a WiFi network and has been asked to choose the most secure option for the network. Which wireless security standard should he choose?WPA2WPAWEPWPA3

      53 Kathleen