This chapter is supplemental to and coordinated with the Telecommunications and Network Security chapter in the CISSP Prep Guide. The fundamentals of telecommunications and network security are covered in Chapter 3 of the CISSP Prep Guide at a level on par with that of the CISSP Examination.
It is assumed that the reader has a basic knowledge of the material contained in Chapter 3 and has the CISSP Prep Guide available to provide background information for the advanced questions pertaining to the Telecommunications and Network Security chapter.
In the Telecommunications and Network Security areas we will discuss protocols, layers, firewalls, IP addressing, and other network concepts.
Advanced Sample Questions
Which of the choices below is NOT an OSI reference model Session Layer protocol, standard, or interface?
SQL
RPC
MIDI
ASP
DNA SCP
Which part of the 48-bit, 12-digit hexadecimal number known as the Media Access Control (MAC) address identifies the manufacturer of the network device?
The first three bytes
The first two bytes
The second half of the MAC address
The last three bytes
Which IEEE protocol defines the Spanning Tree protocol?
IEEE 802.5
IEEE 802.3
IEEE 802.11
IEEE 802.1D
Which choice below is NOT one of the legal IP address ranges specified by RFC1976 and reserved by the Internet Assigned Numbers Authority (IANA) for non-routable private addresses?
10.0.0.0–10.255.255.255
127.0.0.0–127.0.255.255
172.16.0.0–172.31.255.255
192.168.0.0–192.168.255.255
Which statement is correct about ISDN Basic Rate Interface?
It offers 23 B channels and 1 D channel.
It offers 2 B channels and 1 D channel.
It offers 30 B channels and 1 D channel.
It offers 1 B channel and 2 D channels.
In the DoD reference model, which layer conforms to the OSI transport layer?
Process/Application Layer
Host-to-Host Layer
Internet Layer
Network Access Layer
What is the Network Layer of the OSI reference model primarily responsible for?
Internetwork packet routing
LAN bridging
SMTP Gateway services
Signal regeneration and repeating
Which IEEE protocol defines wireless transmission in the 5 GHz band with data rates up to 54 Mbps?
IEEE 802.11a
IEEE 802.11b
IEEE 802.11g
IEEE 802.15
Which category of UTP wiring is rated for 100BaseT Ethernet networks?
Category 1
Category 2
Category 3
Category 4
Category 5
Which choice below is the earliest and the most commonly found Interior Gateway Protocol?
RIP
OSPF
IGRP
EAP
The data transmission method in which data is sent continuously and doesn't use either an internal clocking source or start/stop bits for timing is known as:
Asynchronous
Synchronous
Isochronous
Pleisiochronous
Which level of RAID is commonly referred to as “disk mirroring”?
RAID 0
RAID 1
RAID 3
RAID 5
Which network attack below would NOT be considered a Denial of Service attack?
Ping of Death
SMURF
Brute Force
TCP SYN
Which choice below is NOT an element of IPSec?
Authentication Header
Layer Two Tunneling Protocol
Security Association
Encapsulating Security Payload
Which statement below is NOT true about the difference between cut-through and store-and-forward switching?
A store-and-forward switch reads the whole packet and checks its validity before sending it to the next destination.
Both methods operate at layer two of the OSI reference model.
A cut-through switch reads only the header on the incoming data packet.
A cut-through switch introduces more latency than a store-and-forward switch.
Which statement is NOT true about the SOCKS protocol?
It is sometimes referred to as an application-level proxy.
It uses an ESP for authentication and encryption.
It operates in the transport layer of the OSI model.
Network applications need to be SOCKS-ified to operate.
Which choice below does NOT relate to analog dial-up hacking?
War Dialing
War Walking
Demon Dialing
ToneLoc
Which choice below is NOT a way to get Windows NT passwords?
Obtain the backup SAM from the repair directory.
Boot the NT server with a floppy containing an alternate operating system.
Obtain root access to the /etc/passwd file.
Use pwdump2 to dump the password hashes directly from the registry.
A “back door” into a network refers to what?
Socially engineering passwords from a subject
Mechanisms created by hackers to gain network access at a later time
Undocumented instructions used by programmers to debug applications
Monitoring programs implemented on dummy applications to lure intruders
Which protocol below does NOT pertain to e-mail?
SMTP
POP
CHAP
IMAP
The IP address, 178.22.90.1, is considered to be in which class of address?
Class A
Class B
Class C
Class D
What type of firewall architecture employs two network cards and a single screening router?
A screened-host firewall
A dual-homed host firewall
A screened-subnet firewall
An application-level proxy server
What is one of the most common drawbacks to using a dual-homed host firewall?
The examination of the packet at the Network layer introduces latency.
The examination of the packet at the Application layer introduces latency.
The ACLs must be manually maintained on the host.
Internal routing may accidentally become enabled.
Which firewall type below uses a dynamic state table to inspect the content of packets?
A packet-filtering firewall
An application-level firewall
A circuit-level firewall
A stateful-inspection firewall
Which attack type below does NOT exploit TCP vulnerabilities?
Sequence Number attack
SYN attack
Ping of Death
land.c attack
Which utility below can create a server-spoofing attack?
DNS poisoning
C2MYAZZ
Snort
BO2K
Which LAN topology below is MOST vulnerable to a single point of failure?
Ethernet Bus
Physical Star
FDDI
Logical Ring
Which choice below does NOT accurately describe the difference between multi-mode and single-mode fiber optic cabling?
Multi-mode fiber propagates light waves through many paths, single-mode fiber propagates a single light ray only.
Multi-mode fiber has a longer allowable maximum transmission distance than single-mode fiber.
Single-mode fiber has a longer allowable maximum transmission distance than multi-mode fiber.
Both types have a longer allowable maximum transmission distance than UTP Cat 5.
Which statement below is correct regarding VLANs?
A VLAN restricts flooding to only those ports included in the VLAN.
A VLAN is a network segmented physically, not logically.
A VLAN is less secure when implemented in conjunction with private port switching.
A “closed” VLAN configuration is the least secure VLAN configuration.
Which choice below denotes a packet-switched connectionless wide area network (WAN) technology?
X.25
Frame Relay
SMDS
ATM
Which statement below is accurate about the difference between Ethernet II and 802.3 frame formats?
802.3 uses a “Length” field, whereas Ethernet II uses a “Type” field.
802.3 uses a “Type” field, whereas Ethernet II uses a “Length” field.
Ethernet II uses a 4-byte FCS field, whereas 802.3 uses an 8-byte Preamble field.
Ethernet II uses an 8-byte Preamble field, whereas 802.3 uses a 4-byte FCS field.
Which standard below does NOT specify fiber optic cabling as its physical media?
100BaseFX
1000BaseCX
1000BaseLX
1000BaseSX
Which type of routing below commonly broadcasts its routing table information to all other routers every minute?
Static Routing
Distance Vector Routing
Link State Routing
Dynamic Control Protocol Routing
Which protocol is used to resolve a known IP address to an unknown MAC address?
ARP
RARP
ICMP
TFTP
Which statement accurately describes the difference between 802.11b WLAN ad hoc and infrastructure modes?
The ad hoc mode requires an Access Point to communicate to the wired network.
Wireless nodes can communicate peer-to-peer in the infrastructure mode.
Wireless nodes can communicate peer-to-peer in the ad hoc mode.
Access points are rarely used in 802.11b WLANs.
Which type of cabling below is the most common type for recent Ethernet installations?
ThickNet
ThinNet
Twinax
Twisted Pair
Which choice below most accurately describes SSL?
It's a widely used standard of securing e-mail at the Application level.
It gives a user remote access to a command prompt across a secure, encrypted session.
It uses two protocols, the Authentication Header and the Encapsulating Security Payload.
It allows an application to have authenticated, encrypted communications across a network.
Which backup method listed below will probably require the backup operator to use the most number of tapes for a complete system restoration, if a different tape is used every night in a five-day rotation?
Full Backup Method
Differential Backup Method
Incremental Backup Method
Ad Hoc Backup Method
Which choice below is NOT an element of a fiber optic cable?
Core
BNC
Jacket
Cladding
Given an IP address of 172.16.0.0, which subnet mask below would allow us to divide the network into the maximum number of subnets with at least 600 host addresses per subnet?