CISSP Lesson 8 PreTest Flashcards
Which is a function of a gateway?
A) Copies packets from one network protocol to another protocol
B) Reads the network address of the destination and forwards the packet to that network
C) Filters packets going into and out of a network
Copies packets from one network protocol to another protocol
A DoS attack is typically against one machine, whereas a DDoS attack is against many machines.
A) TRUE
B) FALSE
TRUE
Which statement describes the hash totals security technique?
A) It allows users to access resources without knowing whether the resource is local or remote
B) It is an error-correcting protocol that re-creates blocks of text
C) It is a mathematically-generated unique value from a string of text that can be used when integrity must be assured
It is a mathematically-generated unique value from a string of text that can be used when integrity must be assured
Which e-mail protocol forwards e-mail from one mail server to another mail server?
A) POP
B) IMAP
C) SMTP
SMTP
What is a fifth-generation firewall?
A) A combination of second- and third-generation firewalls
B) A dynamic firewall
C) A multilevel firewall integrated into the OS kernel
A multilevel firewall integrated into the OS kernel
Which is a downside of packet filtering firewalls?
A) Easily fooled by spoofing
B) Allows for eavesdropping
C) Filters too much, causing a bottleneck
Easily fooled by spoofing
At which layer do second-generation firewalls operate?
A) Network
B) Transport
C) Application
Application
A flooding attack is considered to be which kind of attack?
A) Spoofing
B) Spamming
C) DoS
DoS
Switches only forward packets to the specific port where the destination machine is located.
A) TRUE
B) FALSE
TRUE
What do first- and third-generation firewalls have in common?
A) Both allow packets if they are a continuation of a previous connection
B) Both consider the source and destination addresses
C) Both change the source and destination address from the original packet
Both consider the source and destination addresses
A screened-subnet architecture is the ideal place for which type of server?
A) Web
B) Mail
C) Network
Web
Which statement describes a NAT function?
A) Translates nonroutable IP addresses behind a firewall to routable addresses
B) Uses the Internet to create a virtual private line
C) Captures and analyzes network packets
Translates nonroutable IP addresses behind a firewall to routable addresses
What is the definition of a class B network abuse?
A) Unauthorized access of restricted network resources
B) Unauthorized use of network resources for nonbusiness purposes
C) Denial of service and other disruptions
Unauthorized use of network resources for nonbusiness purposes
Which is a function of a hub?
A) Filters traffic based on DLL addresses
B) Connects multiple LAN devices
C) Forwards messages from one network segment to another
Connects multiple LAN devices
Which application layer protocol uses digital certificates and signatures to provide data confidentiality and integrity?
A) SET
B) S/MIME
C) PEM
SET
Which transport layer protocol provides high availability using encryption?
A) SWIPE
B) SKIP
C) SSL
SKIP
What comprises a screened-host architecture?
A) Packet filtering router
B) Packet filtering router and a bastion host
C) Packet filtering router, a bastion host, and two NICs
Packet filtering router and a bastion host
Frame relay is a combination of digital telephony and data transport services.
A) TRUE
B) FALSE
FALSE
Which is a network layer security protocol?
A) L2TP
B) TCP/IP
C) IPSec
IPSec
What is a function of the IP portion of TCP/IP?A) Manages addressing the packets and getting them to the destinationB) Splits outbound messages into packetsC) Assembles inbound packets into messages
Manages addressing the packets and getting them to the destination
