CISSP Domain 4: Assessing and Implementing Secure Principles in Network Architectures

Question 1

What’s Keep it Simple?

Answer 1

• complexity is the worst enemy of security
• best-in-suite over best-in-breed solutions are one approach used to simplify defense in-depth
• simplicity helps to avoid configuration mistakes
• enables organizations to move forward improving incrementally, rather than demanding perfection

Question 2

What does Best-in-Suite mean?

Answer 2

• a software solution that offers a comprehensive and integrated set of functionalities within a single package or suite
• a software vendor strives to deliver a cohesive and unified solution where different modules or components seamlessly work together

Question 3

What does Best-in-Breed mean?

Answer 3

• software approach that focuses on selecting and integrating individual software applications or solutions that are considered the best or most specialized in their respective domains
• prioritizes functionality and performance over integration and consolidation

Question 4

Which IEEE standard defines bluetooth?

Answer 4

802.15

Question 5

What type of network architecture is bluetooth?

Answer 5

Personal Area Network (PAN)

Question 6

How are connections set up with bluetooth?

Answer 6

with pairing where primary device scans the 2.4 GHz radio frequencies for available devices

Question 7

What mechanism prevents accidental pairing?

Answer 7

4 digit code (often 0000)

Question 8

What’s bluejacking?

Answer 8

• annoyance where pranksters push unsolicited messages to engage or annoy other nearby bluetoth users by taking advantage of a loophole in the technology’s messaging options

Question 9

What’s bluesnarfing?

Answer 9

• data theft
• thieves wirelessly connect to some early bluetooth enabled mobile devices without the owner’s knowledge to download and/or alter phonebooks, calendars or worse

Question 10

What’s bluebugging?

Answer 10

• attack that grants hackers remote control over he feature and functions of a bluetooth device
• could include the ability to turn on the microphone to use the phone as an audio bug

Question 11

How do wireless networks announce their SSID on a regular basis?

Answer 11

broadcast with a beacon frame

Question 12

Hiding SSID is considered which security technique?

Answer 12

security through obscurity

Question 13

What does SSID stand for?

Answer 13

Service Set Identifier

Question 14

What is TKIP and what does it stand for?

Answer 14

• Temorary Key Integrity Protocol
• designed to replace WEP without the need to replace legacy hardware

Question 15

What was TKIP implemented to?

Answer 15

802.11 wireless networking under the name WPA (WI-Fi Protected Access)

Question 16

What’s CCMP?

Answer 16

• Counter Mode with Cipher Block Chaining Message Authentication Code Protocol
• uses AES 128
• created to replace WEP and TKIP (WPA)
• used with WPA2, which replaced WEP and WPA

Question 17

What’s Fibre Channel?

Answer 17

a form of network data storage solution (SAN) or NAS, that allows for high-speed file transfers

Question 18

What’s Fibre Channel Over Ethernet (FCoE)?

Answer 18

used to encapsulate Fibre Channel communication over Ethernet networks

Question 19

What’s iSCSI

Answer 19

• stands for Internet Small Computer System Interface
• networking storage standard based on IP

Question 20

What’s Site Survey?

Answer 20

process of investigating the presence of strength and reach of wireless access points deployed in the environment

Question 21

What does EAP stand for?

Answer 21

Extensible Authentication Protocol.

Question 22

What’s PEAP?

Answer 22

• encapsulates EAP methods with a TLS tunnel that provides authentication and potenially encryption
• P stands for Protected

Question 23

What’s LEAP?

Answer 23

• Cisco’s proprietary alternative to TKIP and WPA
• developed to address deficincies in TKIP before 802.11i/WPA2 system was ratified as a standard

Question 24

What are different antena types? (7)

Answer 24

• monopole
• panel
• dipole
• loop
• cantenna
• yagi
• parabolic

Question 25

What is loop antenna used for and how does it receive signal?

Answer 25

• used for TV and RFID systems
• omnidirectional if horizontally mounted

Question 26

What is monopole antenna used for and how does it receive signal?

Answer 26

• can send and receive signals in all directions perpendicular to the line of the antenna itself
• used with wifi routers

Question 27

What is dipole antenna used for and how does it receive signal?

Answer 27

• omnidirectional antenna essentially composed of two monopoles
• generates powerful signal in restricted space

Question 28

What is panel antenna?

Answer 28

flat devices that focus from only one side of the panel

Question 29

What is parabolic antenna?

Answer 29

used to focus signals from very long distances or weak sources

Question 30

What is yagi antenna?

Answer 30

crafted from straight bar with cross sections to catch specific radio frequencies in the direction of the main bar

Question 31

What is cantenna antenna?

Answer 31

• constructed from tubes with one sealed end
• focus along the direction of the open end of the tube

Question 32

What are examples of some of the private circuit technologies?

Answer 32

• PPP
• SLIP
• ISDN
• DSL
• dedicated or leased lines

Question 33

What are examples of packet switching WAN technologies

Answer 33

• use virtual circuits - efficient and cost effective
• X.25, Frame Relay
• Asynchronous Transfer Mode (ATM)
• Synchornous Data Link Control (SDLC)
• High-Level Data Link Control (HDLC)

Question 34

What’s a circuit-level firewall?

Answer 34

• firewall that operates at the session layer (Layer 5) of the OSI model
• works by monitoring the TCP handshaking process between two network endpoints (usually a client and a server) without inspecting the contents of the actual data being transmitted

Question 35

What’s the main function of a circuit-level firewall?

Answer 35

• establish and manage network connections or sessions between internal and external networks
• ensures that the connections are legitimate and authorized based on a set of predefined rules
• once a connection is established, the circuit-level firewall creates a virtual circuit, or “stateful connection,” allowing subsequent packets to pass through without further inspection. It maintains information about the state of the connection, including source and destination IP addresses, ports, and connection status

Question 36

Do circuit-level firewalls inspect content?

Answer 36

they do not inspect the content of the data packets, making them less effective at detecting and blocking specific types of attacks or malicious activities

Question 37

What’s an example of a circtuit-level firewall?

Answer 37

SOCKS (Socket Secure)

Question 38

What’s deep packet inspection?

Answer 38

packet inspection that inspects and filters both the header and payload of a packet that is transmitted through an inspection point

Question 39

Describe IDS

Answer 39

• analyzes whole packets - both headers and payload, looking for known events
• when a known event is detected, a log message is generated
• reports and alerts

Question 40

Describe IPS

Answer 40

• analyzes whole packets - both headers and payload, looking for known events
• when a known event is detected, packet is rejected
• blocks

Question 41

What’s Behavior Based IDS?

Answer 41

• creates a baseline of activity to identify normal behavior and then measures system performance against the baseline to detect abnormal behavior
• can detect unknown attack methods

Question 42

What’s Knowledge Based IDS?

Answer 42

• uses signatures similar to the signature definitions used by ant-malware software
• only effective against known attacke methods

Question 43

What’s a bastion host?

Answer 43

computer or appliance that is exposed on the internet and has been hardened by removing unnecessary elemets such as services, programs, protocols and ports

Question 44

What’s Screened Host?

Answer 44

firewall-protected system logically positioned just inside a private network

Question 45

What’s screened subnet?

Answer 45

similar to the screened host in concept, except a subnet is placed between two routers or firewalls and the bastion host(s) is located within that subnet

Question 46

What’s the purpose of Honeypot?

Answer 46

• only entice, not entrap
• attackers shouldn’t be able to download items with enticement
• allowing to download a fake payroll file would be entrapment, which has different implications with law enforcement

Question 47

What’s the goal of Honeypot?

Answer 47

distract attackers from real assets and isolate in a padded cell until they can be tracked down

Question 48

What’s Zigbee?

Answer 48

low-power, low-data-rate wireless communication standard designed for applications in home automation, industrial automation, and sensor networks

Question 49

What are the frequency bands of Zigbee?

Answer 49

2.4 GHz or sub-GHz frequency bands

Question 50

What are the priorities of Zigbee?

Answer 50

1. efficient energy consumption
2. long battery life
3. device interoperability

Question 51

What are Zigbee security risks?

Answer 51

• weak encryption or insecure key management
• unauthorized device pairing
• network vulnerabilities

Question 52

What does Li-Fi stand for?

Answer 52

Light Fidelity

Question 53

What does Li-Fi use to transmit data?

Answer 53

• visible light or infrared signals
• leverages light-emitting diodes (LEDs) to transmit data by modulating the light intensity at high speeds

Question 54

What are advantages of Li-Fi?

Answer 54

1. high data rates
2. increased security
3. resistance to electromagnetic interference

Question 55

What are disadvantages of Li-Fi?

Answer 55

1. limited range
2. requires a direct line of sight (cannot penetrate walls)

Question 56

What are the main advantages of satellite communication?

Answer 56

1. communication over long distances
2. enables connectivity in areas where traditional terrestrial networks may not be available or practical

Question 57

What is the download speed range for 5G?

Answer 57

gigabits per second (Gbps)

Question 58

What is the latency range for 5G?

Answer 58

single-digit milliseconds range

Question 59

What security improvements does 5G offer?

Answer 59

1. stronger encryption algorithms
2. secure authentication protocols
3. network segment isolation

Question 60

What happens when a user requests content from CDN?

Answer 60

1. CDN’s edge server determines the closest PoP to the user and delivers the content from that location
2. the content may be cached at the edge server, or if it’s not available, the edge server retrieves it from the origin server and caches it for future requests

Question 61

What’s CDN?

Answer 61

geographically distributed network of servers and data centers that work together to deliver content efficiently over the internet

Question 62

What’s hosted CDN?

Answer 62

• type of CDN service that is provided and managed by a third-party company or service provider
• content provider (such as a website owner) contracts with a CDN provider to use their distributed network of servers to store and deliver content on their behalf
• CDN provider takes care of managing the infrastructure, network, and delivery mechanisms, allowing the content provider to offload the burden of content distribution and delivery from their own origin serve

Question 63

Name some companies that provide hosted CDN services

Answer 63

• CloudFlare
• CloudFront
• Akama’s Edge

Question 64

What are the 7 types of CDN?

Answer 64

1. Private CDN
2. Peer-to-Peer CDN (P2P CDN)
3. Telco CDN
4. Hybrid CDN
5. Software-Defined CDN (SD-CDN)
6. Transparent CDN

Question 65

Describe Private CDN

Answer 65

dedicated content delivery network that is exclusively owned and operated by a single organization

Question 66

Describe Peer-to-Peer CDN (P2P CDN)

Answer 66

• utilize the combined resources of users’ devices (peers) to distribute and deliver content
• when a user requests content, the CDN software on their device fetches the content from both the origin server and other nearby users who have already cached the content

Question 67

Describe Telco CDN

Answer 67

• operated by telcos
• leverage the telcos’ extensive network infrastructure to cache and deliver content to end-users

Question 68

Describe Hybrid CDN

Answer 68

• combines elements of both private CDNs and hosted CDNs
• organization may operate its private CDN for specific content and regions while also using a hosted CDN service for additional global coverage or to handle spikes in traffic

Question 69

Describe Software-Defined CDN

Answer 69

• CDNs that utilize software-defined networking (SDN) principles to provide dynamic and flexible content delivery capabilities
• SD-CDNs can adapt to changing network conditions, traffic patterns, and content availability, optimizing content delivery based on real-time data and analytics

Question 70

Describe Transparent CDN

Answer 70

• integrated with a website or application at the network level, so end-users are unaware that they are accessing content through a CDN
• ensure that the user experience remains seamless and that the content is delivered efficiently without any visible changes to the URL or browsing experience

Question 71

Describe Wi-Fi Infrastructure Mode

Answer 71

• most common mode of operation in Wi-Fi networks
• devices connect to a central wireless access point (AP) or router
• devices do not directly communicate with each other; instead, they send and receive data through the access point
• typically used in home and enterprise environments where multiple devices need to connect to the same network and access shared resources like the internet or networked printers

Question 72

Describe Wi-Fi Wired Mode

Answer 72

• access point is physically connected to a wired network infrastructure, such as an Ethernet LAN
• AP uses a wired connection to communicate with the rest of the network and the internet
• commonly used when the access point is deployed in areas where running Ethernet cables is feasible, such as in office buildings or large homes

Question 73

Describe Wi-Fi Ad hoc Mode

Answer 73

• also known as peer-to-peer mode
• allows devices to connect directly with each other without the need for a central access point
• devices create a temporary network on the fly, allowing them to share files, data, or services directly with each other
• useful in situations where a quick and direct connection between devices is needed, and no centralized infrastructure is available

Question 74

Describe Wi-Fi Standalone Mode

Answer 74

• default operation of an individual wireless access point
• access point operates independently and is not part of a larger controller-based system
• functions as a single entity, providing wireless connectivity to connected devices and managing its settings and configurations on its own
• commonly used in small to medium-sized environments where a single access point can adequately cover the required area

Question 75

What does PAP stand for?

Answer 75

Password Authentication Protocol

Question 76

Where is PAP primarly used?

Answer 76

Point-to-Point Protocol (PPP) connections

Question 77

Where are Point-to-Point Protocol (PPP) connections commonly employed?

Answer 77

• dial-up connections
• Virtual Private Networks (VPNs)
• some types of broadband connections

Question 78

Are credentials protected when being sent in PAP?

Answer 78

username and password are sent in cleartext - PAP is considered a weak authentication method from a security perspective

Question 79

What authentication steps are involved in PAP?

Answer 79

1. User Initiation
2. Username and Password Exchange
3. Authentication Check

Question 80

What CHAP stand for?

Answer 80

Challenge Handshake Authentication Protocol

Question 81

What’s CHAP and where is it used?

Answer 81

• authentication protocol used in Point-to-Point Protocol (PPP) connections
• commonly used in dial-up connections, Virtual Private Networks (VPNs), and other network scenarios

Question 82

What are the security advantages of CHAP?

Answer 82

• encrypts both username and password
• performs periodic reauthentication
• protects against replay attacks

Question 83

What’s the authentication process of CHAP?

Answer 83

• Challenge
  
  • when a client initiates a connection to a server, the server sends a random challenge value to the client
• Response
  
  • client combines the challenge value with its password (or shared secret) and creates a one-way hash
  • hash is sent back to the server as the response
• Authentication Check
  
  • server performs the same hash calculation using its copy of the client’s password (or shared secret) and the challenge value
  • calculated hash matches the received response, the authentication is successful, and the server grants access to the client

Question 84

What’s EAP?

Answer 84

authentication framework used in computer networks to support various methods for secure authentication between a client and a server

Question 85

Where is EAP commonly used?

Answer 85

wireless networks (e.g., Wi-Fi) and Virtual Private Networks (VPNs)

Question 86

Why is EAP known as “extensible”?

Answer 86

• because it allows for the incorporation of different authentication methods, known as EAP methods or EAP types
• each EAP method defines its specific way of authenticating users, such as using passwords, digital certificates, smart cards, or other authentication mechanisms

Question 87

What’s the EAP authentication process?

Answer 87

• Initiation
  
  • when a client device tries to connect to a network or server, the EAP process is initiated
• Method Selection
  
  • client and server negotiate and agree on the specific EAP method to be used for authentication
• Authentication Exchange
  
  • chosen EAP method defines the authentication exchange between the client and server
  • can involve multiple steps, such as the exchange of challenge-response pairs or the use of digital certificates for mutual authentication
• Authentication Result
  
  • after the exchange is completed, the server verifies the client’s identity based on the authentication method used
  • if the authentication is successful, the server grants access to the client

Question 88

What’s the purpose of SD-WAN?

Answer 88

provide centralized control and management of multiple WAN connections, allowing organizations to dynamically route traffic based on performance, security, and policy requirements

Question 89

What can be used to combine existing networks or to divide a network into multiple segments?

Answer 89

Virtual Network

Question 90

What does make firewall design two tier?

Answer 90

If it has 2 protected zones (not counting outside zone)

Question 91

What are two primary advantages that 5G networks have over 4G networks?

Answer 91

• enhanced subscriber identity protection
• mutual authentication capabilities
• stronger authentication methods and more advanced encryption techniques compared to 4G

Question 92

What layer of SDN implementation uses programs to communicate needs for resources via API?

Answer 92

application

Question 93

What are the types of NAC systems in existence (8)?

Answer 93

1. Pre-Admission NAC
2. Post-Admission NAC
3. Agent-Based NAC
4. Agentless NAC
5. Hybrid NAC
6. Cloud-based NAC
7. VLAN-based NAC
8. Identity-Based NAC

Question 94

How does Pre-Admission NAC assess devices and users?

Answer 94

• before granting access to the network
• performs checks on the device’s security posture, operating system, antivirus software, and other factors to determine if it meets the organization’s security standards
• if the device passes the pre-admission checks, it is granted access to the network; otherwise, access is denied or restricted

Question 95

How does Post-Admission NAC assess devices and users?

Answer 95

• grants network access first and then performs security checks after the device is connected
• if the system detects any non-compliant behavior or security issues during the post-admission check, it may quarantine the device or limit its access until the issues are resolved

Question 96

Explain Agent-Based NAC

Answer 96

• require the installation of software agents on end-user devices
• help monitor and enforce security policies, report device information to the NAC server, and ensure compliance with network access rules

Question 97

Explain Agentless NAC

Answer 97

• do not require any software installation on end-user devices
• instead, they rely on various techniques like deep packet inspection, MAC address authentication, and other network-based methods to identify and control devices attempting to connect to the network

Question 98

Explain Hybrid NAC

Answer 98

• combines elements of both agent-based and agentless NAC systems
• provides flexibility in how devices are managed and secured based on different factors such as device type, location, and user role

Question 99

Explain Cloud-based NAC

Answer 99

• hosted in the cloud and provide access control and security services to remote users and devices
• often preferred for their scalability, ease of management, and the ability to handle dispersed or mobile workforces

Question 100

Explain VLAN-based NAC

Answer 100

• devices are placed in separate Virtual LANs (VLANs) based on their compliance with security policies
• non-compliant devices may be placed in restricted VLANs with limited access to resources until they meet the required security standards

Question 101

Explain Identity-Based NAC

Answer 101

• focus on user authentication and apply access controls based on user identities and roles
• may integrate with directory services such as Active Directory to enforce security policies

Question 102

What’s the main disadvantage of clientless NAC?

Answer 102

it cannot check as many things as the client can

Question 103

What does Defense in Depth suggest?

Answer 103

using multiple security controls to achieve the same control objective

Question 104

What’s virtual network used for?

Answer 104

combine existing networks or to divide network into multiple segments

Question 105

What can happen if a PC is simultaneously connected to a secure and non-secure network like the internet?

Answer 105

it may act as a bridge, bypassing security controls located at the edge of the corp network

Question 106

PPTP, L2F, L2TP and IPsec are used for what purpose?

Answer 106

VPN

Question 107

What type of protocol is PPP?

Answer 107

dial-up

Question 108

How to secure bluetooth?

Answer 108

use bluetooth only for activities not confidential, change defult PIN, turn off discovery mode when it’s not active

Question 109

What type of issues can’t a strictly post-admission policy NAC handle?

Answer 109

since this doesn’t check the status of a machine before it connects, it can’t prevent the exploit of the system immediately after connection

Question 110

What type of device should be placed between networks, if one supports IPv6 and the other IPv4?

Answer 110

gatway

Question 111

What does DCE (system) stand for?

Answer 111

Distributed Computing Environment (DCE)

Question 112

What’s DCE system?

Answer 112

• system in which computing resources, such as processing power, storage, and memory, are spread across multiple interconnected computers or nodes
• the nodes collaborate to perform tasks and solve problems by sharing their resources and working together, often across a network

Question 113

What’s the primary security concern of DCE?

Answer 113

• interconnectedness of the components
• configuration could allow for error or malware propagation as well - if an adversary compromises one component, it may grant them the ability to compromise other components in the collective through pivoting and lateral movement

Question 114

What is a security risk of an embedded system that is not commonly found in a standard PC?

Answer 114

because an embedded system is often in control of a mechanism in the physical world, a security breach could cause harm to people and property (aka cyber-physical)

Question 115

What does RTOS stand for?

Answer 115

real-time operating system

Question 116

What are the characteristics of RTOS?

Answer 116

minimize latency and delay, store code in ROM, and optimized for mission-critical operations

Question 117

Describe Arduino

Answer 117

• type of microcontroller
• stores code on a flash chip
• has a limited C++ based instruction set
• not suited for mission-critical operations

Question 118

Describe Distributed Control System (DCS)

Answer 118

• open source hardware and software organization that creates single-board 8-bit microcontrollers for building digital devices
• used to manage small-scale industrial processes
• can execute C++ programs specifically written to its limited instruction set
• not designed as a near-real-time solution
• may be used to manage mission-critical operations

Question 119

Is LEAP example of an actual EAP method?

Answer 119

yes

Question 120

Is EAP-VPN example of an actual EAP method?

Answer 120

no

Question 121

Is EAP-SIM example of an actual EAP method?

Answer 121

yes

Question 122

Is EAP-FAST example of an actual EAP method?

Answer 122

yes

Question 123

Is EAP-MBL example of an actual EAP method?

Answer 123

no

Question 124

Is EAP-MD5 example of an actual EAP method?

Answer 124

yes

Question 125

Is VEAP example of an actual EAP method?

Answer 125

no

Question 126

Is EAP-POTP example of an actual EAP method?

Answer 126

yes

Question 127

Is EAP-TLS example of an actual EAP method?

Answer 127

yes

Question 128

Is EAP-TTLS example of an actual EAP method?

Answer 128

yes

Question 129

What does Fog computing rely on?

Answer 129

sensors, IoT devices, or even edge computing devices to collect data and then transfer it back to a central location for processing.

Question 130

What are cyber-physical systems?

Answer 130

devices that offer a computational means to control something in the physical world

Question 131

How does deduplication work?

Answer 131

• replaces multiple copies of a file with a pointer to one copy
• if the one remaining file is damaged, then all of the linked copies are damaged or inaccessible as well

Question 132

What are the concerns of when company technicians use 4G/5G during their travels?

Answer 132

• evesdropping
• rogue towers
• reliability of establishing a connection

Question 133

What’s nonpersistent system or static system?

Answer 133

• computer system that does not allow, support, or retain changes
• between uses and/or reboots, the operating environment and installed software are exactly the same
• changes may be blocked or simply discarded after each system use
• nonpersistent system is able to maintain its configuration and security in spite of user attempts to implement change

Question 134

What are the potential areas of concern related to third-party connectivity?

Answer 134

• those in which an actual outsider is to be directly connected to on-premises networks; these situations include:
  
  • business partnerships
  • cloud services
  • telecommuting

Question 135

Can agent-based quarantine noncompliant devices and implement updates automatically?

Answer 135

yes

Question 136

Can preadmission-based NAC require a system to meet all current security requirements (such as patch application and malware scanner updates) before it is allowed to communicate with the network?

Answer 136

yes

Question 137

Does NAC require the use of IEEE 802.1X?

Answer 137

no

Question 138

What can an agentless NAC do to determine whether devices are authorized and baseline compliant?

Answer 138

perform port scans, service queries, and vulnerability scans against networked systems to determine whether devices are authorized and baseline compliant

Question 139

Can agentless NAC automatically quarantine and resolve security issues on hosts?

Answer 139

no

Question 140

Describe L2F (Layer 2 Forwarding Protocol) protocol

Answer 140

• protocol from Cisco that aimed to tunnel PPP sessions
• aims to establish a connection-oriented tunnel between the user’s device and the VPN server, allowing PPP frames to be transported securely
• largely overshadowed by newer and more advanced protocols

Question 141

Describe L2TP (Layer 2 Tunneling Protocol)

Answer 141

• evolution of L2F that combines the best features of L2F and PPTP
• provides a framework for tunneling various protocols, including PPP
• used in conjunction with other encryption protocols like IPsec for enhanced security

Question 142

Describe PPTP (Point-to-Point Tunneling Protocol)

Answer 142

• one of the earliest VPN protocols, originally developed by Microsoft
• simple to set up but not secure due to known vulnerabilities
• not recommended for secure VPN connections

Question 143

Why is PEAP secure?

Answer 143

because it can provide a TLS tunnel that encapsulates EAP methods, protecting the entire session