11/12/2016 techbus.safaribooksonline.com/print?

xmlid=9780071849265%2Fsec263_html

Username:AdityaMishraBook:CISSPAllinOneExamGuide,SeventhEdition,7thEdition.Nopartofanychapterorbookmaybereproducedortransmittedin
anyformbyanymeanswithoutthepriorwrittenpermissionforreprintsandexcerptsfromthepublisherofthebookorchapter.Redistributionorotherusethat
violatesthefairuseprivilegeunderU.S.copyrightlaws(see17USC107)orthatotherwiseviolatestheseTermsofServiceisstrictlyprohibited.Violatorswillbe
prosecutedtothefullextentofU.S.FederalandMassachusettslaws.

Questions
Pleaserememberthatthesequestionsareformattedandaskedinacertainwayforareason.KeepinmindthattheCISSPexamisaskingquestionsata
conceptuallevel.Questionsmaynotalwayshavetheperfectanswer,andthecandidateisadvisedagainstalwayslookingfortheperfectanswer.Instead,the
candidateshouldlookforthebestanswerinthelist.

1.HowdoesTKIPprovidemoreprotectionforWLANenvironments?
A.ItusestheAESalgorithm.
B.ItdecreasestheIVsizeandusestheAESalgorithm.
C.Itaddsmorekeyingmaterial.
D.ItusesMACandIPfiltering.
2.WhichofthefollowingisnotacharacteristicoftheIEEE802.11astandard?
A.Itworksinthe5GHzrange.
B.ItusestheOFDMspreadspectrumtechnology.
C.Itprovides52Mbpsinbandwidth.
D.Itcoversasmallerdistancethan802.11b.
3.Whyareswitchedinfrastructuressaferenvironmentsthanroutednetworks?
A.Itismoredifficulttosnifftrafficsincethecomputershavevirtualprivateconnections.
B.Theyarejustasunsafeasnonswitchedenvironments.
C.Thedatalinkencryptiondoesnotpermitwiretapping.
D.Switchesaremoreintelligentthanbridgesandimplementsecuritymechanisms.
4.Whichofthefollowingprotocolsisconsideredconnectionoriented?
A.IP
B.ICMP
C.UDP
D.TCP
5.Whichofthefollowingcantakeplaceifanattackercaninserttaggingvaluesintonetworkandswitchbasedprotocolswiththegoalofmanipulatingtraffic
atthedatalinklayer?
A.Openrelaymanipulation
B.VLANhoppingattack
C.Hypervisordenialofserviceattack
D.Smurfattack
6.Whichofthefollowingproxiescannotmakeaccessdecisionsbaseduponprotocolcommands?
A.Application
B.Packetfiltering
C.Circuit
D.Stateful
7.Whichofthefollowingisabridgemodetechnologythatcanmonitorindividualtrafficlinksbetweenvirtualmachinesorcanbeintegratedwithina
hypervisorcomponent?
A.Orthogonalfrequencydivision
B.Unifiedthreatmanagementmodem
C.Virtualfirewall
D.InternetSecurityAssociationandKeyManagementProtocol
8.Whichofthefollowingshowsthelayersequenceaslayers2,5,7,4,and3?
A.Datalink,session,application,transport,andnetwork
B.Datalink,transport,application,session,andnetwork
C.Network,session,application,network,andtransport
D.Network,transport,application,session,andpresentation
9.Whichofthefollowingtechnologiesintegratespreviouslyindependentsecuritysolutionswiththegoalofprovidingsimplicity,centralizedcontrol,and
streamlinedprocesses?
A.Networkconvergence
B.Securityasaservice
C.Unifiedthreatmanagement
D.Integratedconvergencemanagement
10.MetroEthernetisaMANprotocolthatcanworkinnetworkinfrastructuresmadeupofaccess,aggregation,metro,andcorelayers.Whichofthefollowing
bestdescribesthesenetworkinfrastructurelayers?
A.Theaccesslayerconnectsthecustomersequipmenttoaserviceprovidersaggregationnetwork.Aggregationoccursonacorenetwork.Themetro
layeristhemetropolitanareanetwork.Thecoreconnectsdifferentmetronetworks.
B.Theaccesslayerconnectsthecustomersequipmenttoaserviceproviderscorenetwork.Aggregationoccursonadistributionnetworkatthecore.
Themetrolayeristhemetropolitanareanetwork.
C.Theaccesslayerconnectsthecustomersequipmenttoaserviceprovidersaggregationnetwork.Aggregationoccursonadistributionnetwork.The
metrolayeristhemetropolitanareanetwork.Thecoreconnectsdifferentaccesslayers.
D.Theaccesslayerconnectsthecustomersequipmenttoaserviceprovidersaggregationnetwork.Aggregationoccursonadistributionnetwork.The
metrolayeristhemetropolitanareanetwork.Thecoreconnectsdifferentmetronetworks.
11.WhichofthefollowingprovidesanincorrectdefinitionofthespecificcomponentorprotocolthatmakesupIPSec?
A.AuthenticationHeaderprotocolprovidesdataintegrity,dataoriginauthentication,andprotectionfromreplayattacks.

http://techbus.safaribooksonline.com/print?xmlid=9780071849265%2Fsec263_html 1/4
11/12/2016 techbus.safaribooksonline.com/print?xmlid=9780071849265%2Fsec263_html
B.EncapsulatingSecurityPayloadprotocolprovidesconfidentiality,dataoriginauthentication,anddataintegrity.
C.InternetSecurityAssociationandKeyManagementProtocolprovidesaframeworkforsecurityassociationcreationandkeyexchange.
D.InternetKeyExchangeprovidesauthenticatedkeyingmaterialforusewithencryptionalgorithms.
12.SystemsthatarebuiltontheOSIframeworkareconsideredopensystems.Whatdoesthismean?
A.Theydonothaveauthenticationmechanismsconfiguredbydefault.
B.Theyhaveinteroperabilityissues.
C.Theyarebuiltwithinternationallyacceptedprotocolsandstandardssotheycaneasilycommunicatewithothersystems.
D.Theyarebuiltwithinternationalprotocolsandstandardssotheycanchoosewhattypesofsystemstheywillcommunicatewith.
13.Whichofthefollowingprotocolsworkinthefollowinglayers:application,datalink,network,andtransport?
A.FTP,ARP,TCP,andUDP
B.FTP,ICMP,IP,andUDP
C.TFTP,ARP,IP,andUDP
D.TFTP,RARP,IP,andICMP
14.Whattakesplaceatthedatalinklayer?
A.Endtoendconnection
B.Dialogcontrol
C.Framing
D.Datasyntax
15.Whattakesplaceatthesessionlayer?
A.Dialogcontrol
B.Routing
C.Packetsequencing
D.Addressing
16.WhichbestdescribestheIPprotocol?
A.Aconnectionlessprotocolthatdealswithdialogestablishment,maintenance,anddestruction
B.Aconnectionlessprotocolthatdealswiththeaddressingandroutingofpackets
C.Aconnectionorientedprotocolthatdealswiththeaddressingandroutingofpackets
D.Aconnectionorientedprotocolthatdealswithsequencing,errordetection,andflowcontrol
17.WhichofthefollowingisnotacharacteristicoftheProtectedExtensibleAuthenticationProtocol?
A.Authenticationprotocolusedinwirelessnetworksandpointtopointconnections
B.Designedtoprovideauthenticationfor802.11WLANs
C.Designedtosupport802.1XportaccesscontrolandTransportLayerSecurity
D.Designedtosupportpasswordprotectedconnections
18.The______________isanIETFdefinedsignalingprotocol,widelyusedforcontrollingmultimediacommunicationsessionssuchasvoiceandvideocalls
overIP.
A.SessionInitiationProtocol
B.RealtimeTransportProtocol
C.SS7
D.VoIP
19.WhichofthefollowingisnotoneofthestagesoftheDHCPleaseprocess?
i.Discover
ii.Offer
iii.Request
iv.Acknowledgment
A.Allofthem
B.Noneofthem
C.i,ii
D.ii,iii
20.AneffectivemethodtoshieldnetworksfromunauthenticatedDHCPclientsisthroughtheuseof_______________onnetworkswitches.
A.DHCPsnooping
B.DHCPprotection
C.DHCPshielding
D.DHCPcaching

UsethefollowingscenariotoanswerQuestions2123.Donisasecuritymanagerofalargemedicalinstitution.Oneofhisgroupsdevelopsproprietarysoftware
thatprovidesdistributedcomputingthroughaclient/servermodel.Hehasfoundoutthatsomeofthesystemsthatmaintaintheproprietarysoftwarehavebeen
experiencinghalfopendenialofserviceattacks.Someofthesoftwareisantiquatedandstillusesbasicremoteprocedurecalls,whichhasallowedfor
masqueradingattackstotakeplace.
21.WhattypeofclientportsshouldDonmakesuretheinstitutionssoftwareisusingwhenclienttoservercommunicationneedstotakeplace?
A.Wellknown
B.Registered
C.Dynamic
D.Free
22.WhichofthefollowingisacosteffectivecountermeasurethatDonsteamshouldimplement?
A.Statefulfirewall
B.Networkaddresstranslation
C.SYNproxy
D.IPv6
23.WhatshouldDonsteamputintoplacetostopthemasqueradingattacksthathavebeentakingplace?
A.Dynamicpacketfilterfirewall

http://techbus.safaribooksonline.com/print?xmlid=9780071849265%2Fsec263_html 2/4
11/12/2016 techbus.safaribooksonline.com/print?xmlid=9780071849265%2Fsec263_html
B.ARPspoofingprotection
C.DisableunnecessaryICMPtrafficatedgerouters
D.SRPC

UsethefollowingscenariotoanswerQuestions2426.Graceisasecurityadministratorforamedicalinstitutionandisresponsibleformanydifferentteams.
OneteamhasreportedthatwhentheirmainFDDIconnectionfailed,threecriticalsystemswentofflineeventhoughtheconnectionwassupposedtoprovide
redundancy.Gracehastoalsoadviseherteamonthetypeoffiberthatshouldbeimplementedforcampusbuildingtobuildingconnectivity.Sincethisisa
trainingmedicalfacility,manysurgeriesarevideorecordedandthatdatamustcontinuouslytravelfromonebuildingtothenext.Oneotherthingthathasbeen
reportedtoGraceisthatperiodicDoSattackstakeplaceagainstspecificserverswithintheinternalnetwork.TheattackersendsexcessiveICMPEcho
Requestpacketstoallthehostsonaspecificsubnet,whichisaimedatonespecificserver.
24.WhichofthefollowingismostlikelytheissuethatGracesteamexperiencedwhentheirsystemswentoffline?
A.Threecriticalsystemswereconnectedtoadualattachedstation.
B.Threecriticalsystemswereconnectedtoasingleattachedstation.
C.ThesecondaryFDDIringwasoverwhelmedwithtrafficanddroppedthethreecriticalsystems.
D.TheFDDIringissharedinametropolitanenvironmentandonlyallowseachcompanytohaveacertainnumberofsystemsconnectedtobothrings.
25.Whichofthefollowingisthebesttypeoffiberthatshouldbeimplementedinthisscenario?
A.Singlemode
B.Multimode
C.Opticalcarrier
D.SONET
26.WhichofthefollowingisthebestandmostcosteffectivecountermeasureforGracesteamtoputintoplace?
A.Networkaddresstranslation
B.DisallowingunnecessaryICMPtrafficcomingfromuntrustednetworks
C.Applicationbasedproxyfirewall
D.Screenedsubnetusingtwofirewallsfromtwodifferentvendors

UsethefollowingscenariotoanswerQuestions2729.Johnisthemanagerofthesecurityteamwithinhiscompany.Hehaslearnedthatattackershave
installedsniffersthroughoutthenetworkwithoutthecompanysknowledge.AlongwiththisissuehisteamhasalsofoundoutthattwoDNSservershadno
recordreplicationrestrictionsputintoplaceandtheservershavebeencachingsuspiciousnameresolutiondata.
27.Whichofthefollowingisthebestcountermeasuretoputintoplacetohelpreducethethreatofnetworksniffersviewingnetworkmanagementtraffic?
A.SNMPv3
B.L2TP
C.CHAP
D.Dynamicpacketfilteringfirewall
28.Whichofthefollowingunauthorizedactivitieshavemostlikelybeentakingplaceinthissituation?
A.DNSquerying
B.Phishing
C.Forwarding
D.Zonetransfer
29.WhichofthefollowingisthebestcountermeasurethatJohnsteamshouldimplementtoprotectfromimpropercachingissues?
A.PKI
B.DHCPsnooping
C.ARPprotection
D.DNSSEC

UsethefollowingscenariotoanswerQuestions3032.Seanisthenewsecurityadministratorforalargefinancialinstitution.ThereareseveralissuesthatSean
ismadeawareofthefirstweekheisinhisnewposition.First,spuriouspacketsseemtoarriveatcriticalserverseventhougheachnetworkhastightly
configuredfirewallsateachgatewaypositiontocontroltraffictoandfromtheseservers.OneofSeansteammemberscomplainsthatthecurrentfirewalllogs
areexcessivelylargewithuselessdata.HealsotellsSeanthattheteamneedstobeusinglesspermissiverulesinsteadofthecurrentanyanyruletypein
place.Seanhasalsofoundoutthatsometeammemberswanttoimplementtarpitsonsomeofthemostcommonlyattackedsystems.
30.Whichofthefollowingismostlikelytakingplacetoallowspuriouspacketstogainunauthorizedaccesstocriticalservers?
A.TCPsequencehijackingistakingplace.
B.Sourceroutingisnotrestricted.
C.Fragmentattacksareunderway.
D.AttackeristunnelingcommunicationthroughPPP.
31.WhichofthefollowingbestdescribesthefirewallconfigurationissuesSeansteammemberisdescribing?
A.Cleanuprule,stealthrule
B.Stealthrule,silentrule
C.Silentrule,negaterule
D.Stealthrule,silentrule
32.WhichofthefollowingbestdescribeswhySeansteamwantstoputinthementionedcountermeasureforthemostcommonlyattackedsystems?
A.Preventproductionsystemhijacking
B.ReduceDoSattackeffects
C.Gatherstatisticsduringtheprocessofanattack
D.Increaseforensiccapabilities

UsethefollowingscenariotoanswerQuestions3335.Tomscompanyhasbeenexperiencingmanyissueswithunauthorizedsniffersbeinginstalledonthe
network.Onereasonisbecauseemployeescanplugtheirlaptops,smartphones,andothermobiledevicesintothenetwork,anyofwhichmaybeinfectedand
havearunningsnifferthattheownerisnotawareof.ImplementingVPNswillnotworkbecauseallofthenetworkdeviceswouldneedtobeconfiguredfor
specificVPNs,andsomedevices,asintheirswitches,donothavethistypeoffunctionalityavailable.AnotherissueTomsteamisdealingwithishowto
secureinternalwirelesstraffic.Whilethewirelessaccesspointscanbeconfiguredwithdigitalcertificatesforauthentication,pushingoutandmaintaining
certificatesoneachwirelessuserdeviceiscostprohibitiveandwillcausetoomuchofaburdenonthenetworkteam.Tomsbosshasalsotoldhimthatthe
companyneedstomovefromalandlinemetropolitanareanetworksolutiontoawirelesssolution.
33.WhatshouldTomsteamimplementtoprovidesourceauthenticationanddataencryptionatthedatalinklevel?
http://techbus.safaribooksonline.com/print?xmlid=9780071849265%2Fsec263_html 3/4
11/12/2016 techbus.safaribooksonline.com/print?xmlid=9780071849265%2Fsec263_html
A.IEEE802.1AR
B.IEEE802.1AE
C.IEEE802.1AF
D.IEEE802.1X
34.Whichofthefollowingsolutionsisbesttomeetthecompanysneedtoprotectwirelesstraffic?
A.EAPTLS
B.EAPPEAP
C.LEAP
D.EAPTTLS
35.Whichofthefollowingisthebestsolutiontomeetthecompanysneedforbroadbandwirelessconnectivity?
A.WiMAX
B.IEEE802.12
C.WPA2
D.IEEE802.15

UsethefollowingscenariotoanswerQuestions3638.Lancehasbeenbroughtinasanewsecurityofficerforalargemedicalequipmentcompany.Hehas
beentoldthatmanyofthefirewallsandIDSproductshavenotbeenconfiguredtofilterIPv6trafficthus,manyattackshavebeentakingplacewithoutthe
knowledgeofthesecurityteam.Whilethenetworkteamhasattemptedtoimplementanautomatedtunnelingfeaturetotakecareofthisissue,theyhave
continuallyrunintoproblemswiththenetworksNATdevice.Lancehasalsofoundoutthatcachingattackshavebeensuccessfulagainstthecompanyspublic
facingDNSserver.HehasalsoidentifiedthatextraauthenticationisnecessaryforcurrentLDAPrequests,butthecurrenttechnologyonlyprovidespassword
basedauthenticationoptions.
36.Basedupontheinformationinthescenario,whatshouldthenetworkteamimplementasitpertainstoIPv6tunneling?
A.TeredoshouldbeconfiguredonIPv6awarehoststhatresidebehindtheNATdevice.
B.6to4shouldbeconfiguredonIPv6awarehoststhatresidebehindtheNATdevice.
C.IntraSiteAutomaticTunnelAddressingProtocolshouldbeconfiguredonIPv6awarehoststhatresidebehindtheNATdevice.
D.IPv6shouldbedisabledonallsystems.
37.Whichofthefollowingisthebestcountermeasurefortheattacktypeaddressedinthescenario?
A.DNSSEC
B.IPSec
C.Splitserverconfigurations
D.Disablingzonetransfers
38.WhichofthefollowingtechnologiesshouldLancesteaminvestigateforincreasedauthenticationefforts?
A.ChallengeHandshakeAuthenticationProtocol
B.SimpleAuthenticationandSecurityLayer
C.IEEE802.2AB
D.EAPSSL
39.WirelessLANtechnologieshavegonethroughdifferentversionsovertheyearstoaddresssomeoftheinherentsecurityissueswithintheoriginalIEEE
802.11standard.WhichofthefollowingprovidesthecorrectcharacteristicsofWiFiProtectedAccess2(WPA2)?
A.IEEE802.1X,WEP,MAC
B.IEEE802.1X,EAP,TKIP
C.IEEE802.1X,EAP,WEP
D.IEEE802.1X,EAP,CCMP
40.AlicewantstosendamessagetoBob,whoisseveralnetworkhopsawayfromher.Whatisthebestapproachtoprotectingtheconfidentialityofthe
message?
A.PPTP
B.S/MIME
C.Linkencryption
D.SSH
41.CharlieusesPGPonhisLinuxbasedemailclient.HisfriendDaveusesS/MIMEonhisWindowsbasedemail.Charlieisunabletosendanencrypted
emailtoDave.Whatisthelikelyreason?
A.PGPandS/MIMEareincompatible
B.Eachhasadifferentsecretkey
C.EachisusingadifferentCA
D.Thereisnotenoughinformationtodeterminethelikelyreason

http://techbus.safaribooksonline.com/print?xmlid=9780071849265%2Fsec263_html 4/4