Thursday, April 17, 2014

CISSP Exam Preparation (Question 176 ~ 200)

(176) The countermeasure to DNS poisoning is DNSSec. How does it work?
A. All DNS servers encrypt the data sent back and forth between them.
B. All DNS servers digitally sign messages between them.
C. All DNS servers authenticate to the requesting clients.
D. All clients and DNS servers carry out mutual authentication.

If DNSSEC (DNS security, which is part of the DNS Bind software) was
enabled, then when a DNS server received a response from another DNS server, it
would validate the digital signature on the message before accepting the information
to make sure that the response was from an authorized DNS server.
(177) Kathy works in an all-Windows environment and has been told that a Unix network needs to also be set up to support some new applications that cannot run on Windows systems. She has read that she needs to set up an NIS server. Why would she need to set this up?
A. To allow Windows and Unix clients to share files through a virtual file system
B. Security purposes
C. To include a type of firewall that works in Unix environments
D. Central administration

In a Unix environment, systems use certain system configuration files,
and in a network it is usually easier if all of the systems contain identical
configuration files. Instead of maintaining these files individually for each
computer, NIS is a way to have all of these configuration files stored and
maintained locally. This allows for central administration. NIS has no real security
(178) How does NIS provide functionality like a DNS server?
A. It has a central host table.
B. It forwards hostname to IP mapping requests.
C. It carries out zone transfers.
D. It contains configuration files.

A host table is a file that contains hostname-to-IP mappings. It is
used in the same way that DNS is, but it is a file that computers can use to map a
hostname to a specific IP address instead of a technology or a product. This is why
NIS is sometimes compared to DNS, because they both provide the necessary mechanisms
for computers to be able to uncover the IP address of a system.
(179) Two months after Kathy set up her NIS+ server she found out that password file had been captured and brute forced. What most likely took place to allow this to happen?
A. Kathy accidentally chose security level 3 when she was configuring the server.
B. The NIS+ server was configured to be backwards compatible with NIS.
C. Unauthorized zone transfers took place.
D. Kathy did not encrypt the password file on the server.

NIS+ is backward compatible with NIS, which opens up a hole for
hackers to exploit. If a hackers system has NIS client software, and the NIS+
server is configured to be backward compatible, the NIS+ server can access files
without first having to be authenticated and authorized. So the hacker can get the
password file and start cracking away.
(180) Which of the following best describes the Lightweight Directory Access Protocol?
A. A protocol designed to access directories that follow the X.500 standard
B. A protocol designed to access directories that follow the X.400 standard
C. A protocol designed to access directories that follow the X.509 standard
D. A protocol designed to access directories that follow the X.300 standard

Lightweight Directory Access Protocol (LDAP) is a client/server
protocol used to access network directories, as in Microsofts Active Directory or
Novells Directory Services (NDS). These directories follow the X.500 standard.
(181) Which of the following is not an attribute of LDAP directories?
A. Uses distinguished names
B. Uses attributes
C. Uses values
D. Uses tuples

The LDAP specification works with directories that organize their
database in a hierarchical tree structure. The tree has leaves (entries) with unique
distinguished names. These names are hierarchical and describe the objects place
within the tree. The entries can define network resources, computers, people,
wireless devices, and more. Each entry has an attribute and a value. A tuple is used
in a relational database, not a hierarchical database.
(182) What is the purpose of an EDI and how does it relate to a value-added network (VAN)?
A. Standardized electronic communication. A VAN provides the necessary level of security through VLANs.
B. Standardized electronic communication. A VAN is a service bureau that provides this type of service.
C. Technology that connects supplies and their customers. A VAN provides the authentication piece for the transactions.
D. Technology that connects supplies and their customers. A VAN provides the payment gateway for the transactions.

Instead of using paper purchase orders, receipts, and forms, EDI is
the technology to provide all of this digitally. A value-added network (VAN) is when
a company pays another company (service bureau) to develop and maintain this EDI
infrastructure for them.
(183) Companies can use private IP addresses for free, instead of paying for public addresses. Which of the following is an incorrect private IP range?
A. to
B. to
C. to
D. to

The following lists current private IP address ranges:
The Internet Assigned Numbers Authority (IANA) has reserved the following three
blocks of the IP address space for private internets: to (10/8 prefix) to (172.16/12 prefix) to (192.168/16 prefix)
(184) Monica has a choice of setting up static, dynamic, or port network address translation (NAT). Which of the following is a correct mapping between the type of NAT and its functionality?
A. Static uses a "first come first served" functionality for the one IP address it shares between all systems.
B. In dynamic NAT, each private address has a public address mapped to it at all times.
C. Port NAT uses one private address for all systems on the network.
D. Static NAT uses more public addresses than the other types.

Static NAT means that one public address is always mapped to the same
private address. Dynamic NAT works under the "first come first served" method. Port
NAT provides one public IP for all systems. Static NAT uses the most IP addresses.
(185) Why would a hacker be disappointed once she figured out that the network she is wanting to attack is using NAT?
A. Internal addresses are hidden.
B. Internal computers have another layer of firewall protection.
C. There is only one entry to the network.
D. NAT is harder to compromise than most firewalls.

NAT is not a firewall technology. And just because NAT is being used
does not mean that there is only one entry point to a network. NAT maps private
address to public addresses. All packets leaving the network will have the address
of the NAT device, so a hacker cannot see the internal addresses.
(186) Which of the following is true when comparing LAN and WAN protocols?
A. WAN environments can introduce more errors in transmission, so these protocols are usually connection-oriented.
B. LAN environments can introduce more errors in transmission, so these protocols are usually connection-oriented.
C. WAN protocols are usually connectionless because they have to transverse so many different network types.
D. LAN protocols are usually connection-oriented because of the amount of collisions that can take place on the network.

Communication error rates are lower in LAN when compared to WAN
environments, which makes sense when you compare the complexity of each environment.
WAN traffic may have to travel hundreds or thousands of miles and pass through
several different types of devices, cables, and protocols. Because of this
difference, most LAN media access control protocols are connectionless and most WAN
communication protocols are connection-oriented. Connection-oriented protocols
provide reliable transmission, because they have the capability of error detection
and correction.
(187) In packet-switched environments, routers and switches will make decisions on the best route for a packet to take. This is why different packets of a message can arrive out of order, as they did not necessarily all follow the same path. What technology do these types of protocols use to make the path decisions?
Time Division Multiplexing
Carrier Sensing Multiple Access
Statistical Time Division Multiplexing
Frequency Division Multiplexing
Packet switching is based on Statistical Time Division Multiplexing
(STDM), which analyzes statistics on the various possible routes to make the
decision on the best route for a packet.
(188) Tom is told that his network needs to be isochronous to meet the demands of the new application that the company purchased. What does this mean?
A. It needs to provide quality of service.
B. It needs to provide authentication between the client and server portions of the new software.
C. It needs to integrate EAP and Kerberos to support the application.
D. It needs PVCs set up through the WAN connection.

Applications that are time sensitive, such as voice and video signals,
need to work over an isochronous network. This means that all of the components in
the network that are responsible for providing the necessary uniform timing work
with a common clock and are properly synchronized.
(189) Shanes company lost their WAN link due to severe weather conditions. The company experienced a loss of $240,000 over the four hours their Web servers were unable to accept customer purchases. Shane has been told to implement a backup option, so that company will not go through this again. Which of the following would Shane implement?
B. Dial-on demand routing
D. Link-state redundant point-to-point connection

Dial-on Demand Routing (DDR) allows a company to send WAN data over
their existing telephone lines and use the public circuit-switched network as a
temporary type of WAN link. This technology is also implemented as a backup in case
the primary WAN link goes down. It provides redundancy and ensures that a company
will still be able to communicate if something happens to the primary WAN
communication channel.
(190) Which of the following is not a characteristic of IDSL?
A.Provides up to 128 Kbps in bandwidth
B.Solution for individuals who cannot get SDSL or ADSL
C.Reaches up to 36,000 feet from a providers central office
D.Provides up to 384 Kbps in bandwidth

IDSL provides DSL for customers who cannot get SDSL or ADSL because of
their distance from the central office. It is capable of reaching customers who are
up to 36,000 feet from the providers central office. IDSL operates at a symmetrical
speed of 128 Kbps.
(191) Which of the following technologies provides the bandwidth that is equivalent to a T-1 line?

HDSL (High bit rate Digital Subscriber Line) provides T-1 (1.544 Mbps)
speeds over regular copper phone wire without the use of repeaters. Requires two
twisted pairs of wires, which many voice grade UTP lines do not have.
(192) For two different locations to communicate via satellite links, they must be within the satellite’s line of sight and ______________________.
A. Area
B. Distance
C. Coverage
D. Footprint

Today, satellites are used to provide wireless connectivity between
different locations. For two different locations to communicate via satellite links,
they must be within the satellite’s line of sight and footprint (area covered by the
satellite). The sender of information (ground station) modulates the data onto a
radio signal that is transmitted to the satellite. A transponder on the satellite
receives this signal, amplifies it, and relays it to the receiver.
(193) Technologies that do not require a user to go through a dial-up procedure to connect to a service providers central office are referred to as always-on technologies. Attackers like these systems because they are always available to be attacked and to be used to attack others. Which of the following is not considered an always-on technology?
B. Cable modem

ISDN emulates a dial-up connection and requires the user to go through
a dial-up procedure.
(194) Jan has been told by the network administrator that the VPN he set up needs provide transport adjacency. Which of the following best describes what this means?
A. More than one security protocol is configured for the VPN traffic.
B. PPTP needs to be configured to be used with L2TP.
C. A PPTP tunnel needs to be configured to go through an IPSec tunnel.
D. An ESP IPSec VPN needs to be set up.

IPSec can be configured to provide transport adjacency, which just
means that more than one security protocol (ESP and AH) is applied to a packet.
(195) Sean has configured different VPNs for different routes data will take. This is because data that is traveling within the local network is considered to be at a lower risk of being compromised when compared to when the data travels outside of the local network. What is the term that describes what Sean has set up?
A. Transport adjacency
B. Iterated tunneling
C. Multiple tunneling architecture
D. Multiple adjacency

IPSec can also be configured to provide iterated tunneling, which is
tunneling an IPSec tunnel through another IPSec tunnel. Iterated tunneling would be
used if the traffic needed different levels of protection at different junctions of
its path. For example, if the IPSec tunnel started from an internal host to an
internal border router, this may not require encryption, so only the AH protocol is
used. But when that data travels from that border router throughout the Internet to
another network, then the data requires more protection. So the first packets travel
through a semi-secure tunnel until they get ready to hit the Internet and then go
through a very secure second tunnel.
(196) Spread spectrum works at which of the following OSI layers?
A. Transport
B. Network
C. Data Link
D. Physical

There are different types of spread spectrum technologies. They
differ in their approaches, but they are all technologies that modulate data onto frequencies. They are specifications that dictate how signaling will take place in WLAN environments.
(197) Which of the following best describes how frequency hopping spread spectrum (FHSS) differs from direct sequence spread spectrum (DSSS)?
A. FHSS uses a chipping sequence.
B. DSSS provides a higher bandwidth.
C. FHSS is used in the 802.11a standard.
D. DSSS is used in the 802.11a standard.

DSSS uses a chipping sequence, provides higher bandwidth than FHSS,
and is used in the 802.11b standard.
(198) What is the chipping code in DSSS used for?
A. It is made up of sub-bits that are combined with the original bits before transmission and provide parity protection.
B. It is made up of sub-bits that are combined with the original bits before transmission and provide encryption protection.
C. It is made up of new frequencies that are combined with the original bits before transmission and provide parity protection.
D. It is made up of new frequencies that are combined with the original bits before transmission and provide encryption protection.

DSSS takes a different approach by applying sub-bits to a message. The
sub-bits are used by the sending system to generate a different format of the data before it is transmitted. The receiving end uses these bits to reassemble the signal into the original data format. The sub-bits are collectively called a chip, and the sequence of how the sub-bits are applied is referred to as the chipping code. They work as parity. If a bit is corrupted during transmission, the receiving system uses the sub-bit to rebuild the original bit.
(199) Why does DSSS provide more bandwidth when compared to FHSS?
A. A higher number frequencies is used.
B. Data travels in parallel.
C. The algorithm increase the hopping speeds.
D. Data is compressed before being modulated on the radio wave.

FHSS puts data on different frequencies. It does not use the whole
spectrum at one time, as DSSS does. DSSS sends data down all available frequencies
at one time, instead of having the data hop from one frequency to the next.
(200) Which of the following is the proper mapping?
A. 802.11 uses FHSS.
B. 802.11a uses DSSS.
C. 802.11b provides up to 1 to 2 Mbps.
D. 802.11b provides up to 52 Mbps.

Since DSSS sends data across all frequencies at once, it has a higher
data throughput than FHSS. The first WAN standard, 802.11, used FHSS, but as bandwidth requirements increased DSSS was implemented. By using FHSS, the 802.11 standard can only provide a throughput of 1 to 2 Mbps. By using DSSS instead, 802.11b provides a data throughput of up to 11 Mbps.

- Muhammad Idham Azhari

No comments: