Domain 2 - Telecommunications and Network Security

Question 1

26. ARP is an acronym for:

a. Address Resolution Protocol
b. Advanced Research Project
c. Anti-virus Resolution Protocol
d. Address Research Project

Answer 1

Explanation: Answer a is correct answer. ARP provides a dynamic mapping of a 32 bit-bit IP address to a 48-bit physical hardware address.

Question 2

30. The lower layers of the OSI model (layers 1,2, and 3) deal with the following:

a. Defining the characteristics of the systems at the two ends of the communication
b. Deals with end-user interface
c. Deals with the application
d. Defining the network facilities necessary to transfer a message

Answer 2

Explanation: Answer d is correct answer. The lower layers are the Physical, Data Link, and Network; they define the interfaces necessary for transfer. Answer a is incorrect because it defines how the user accesses the network. Answer b is incorrect because the middle layers (presentation, session, and transport) are responsible for networking management, establishes communications session between the two sides and prepares information for the application.

Question 3

31. One method often used to reduce the risk to a local area network that has external connections is by using:

a. Passwords
b. Dial-back
c. Firewall
d. A token ring

Answer 3

Explanation: Answer c is correct answer. Firewall will best protect the LAN if properly set up and maintained.

Question 4

41. The use of VLAN (Virtual Local Area Networks), IP Subnets, NAT (Network Address Translation) and Routing provide security through which of the following?

a. The separation of network resources to prevent systems from directly interacting with each other.
b. The hiding of network resources from the boundary protection devices that protect them from attack.
c. Improving the flow of traffic throughout the network to make detection and response to an attack more efficient and effective.
d. These methods can not be used to improve the security of a network.

Answer 4

Explanation: Answer a is correct answer. Separation of resources will provide security when using the weakest link theory. If one resource is compromised the attacker is not able to jump to other resources. Answer b is incorrect; if the network resources hide from the boundary protection devices, they won’t know what to protect. Answer c is incorrect; improving flow of traffic does not make it more secure. Answer d is incorrect since answer a is correct.

Question 5

53. Zones of control (sometimes referred to as enclaves) do NOT require different levels of security than the corporate network at the following:

a. Intranet
b. Extranet
c. Internet
d. Remote Access

Answer 5

Explanation: Answer a is correct answer. Typically companies do not add additional security to access their Intranet. Answers b, c, and d are incorrect; all require additional security than that required by the corporate network

Question 6

54. Which of the following is NOT a Passive telecommunications attack (by definition is restricted to observation or other methods that do not alter the data within a system)?

a. Eavesdropping
b. Traffic analysis
c. Disclosure by observation of a screen
d. Computer Virus

Answer 6

Explanation: Answer d is correct answer. The objective of a computer virus is to replicate and will cause harm. Answer a is incorrect; eavesdropping is the unauthorized interception of information-bearing emanations through the use of methods other than wiretapping. Answer b is incorrect; traffic analysis is the inference of information from observation of traffic flows (presence, absence, amount, direction, and frequency). Answer c is incorrect; monitors emit a frequency that can be eavesdropped.

Question 7

57. Which item is NOT a VPN component?

a. Tunneling
b. Encryption
c. Availability
d. Authentication

Answer 7

Explanation: Answer c is correct answer. VPN’s do not guarantee availability. Answers a, b, and d are all components of a VPN.

Question 8

58. Which of the following is NOT and example of an Intrusion Detection System?
    a. An outsourced monitoring service
    b. Anti-virus software
    c. Automated review of logs searching for anomalous behavior
    d. An incident response team on immediate standby

Answer 8

Explanation: Answer d is correct answer. An incident response teams goes into action when an incident occurs, it does not detect the incident.

Question 9

60. VPN’s (Virtual Private Networks) do NOT provide the following:

a. Secure Internet-based remote access via a peer to peer VPN
b. Secure dedicated private network connections
c. Secure Extranet access
d. Secure end to end data flow via a gateway to gateway VPN

Answer 9

Explanation: Answer d is correct answer. VPN’s cannot secure the dataflow past the gateway, this leaves the connection between the gateway and the host insecure. Answer a is incorrect; Peer to peer VPN’s provides security from Host to Host. Answer b is incorrect; A VPN may provide secure dedicated private network connections. Answer c is incorrect; A VPN may provide secure Extranet access.

Question 10

62. Which layer of the OSI model is responsible for security?

a. Application
b. Transport
c. Session
d. Physical

Answer 10

Explanation: Answer c is correct answer. The Session layer typically deals with starting up new tasks, if necessary, and with security (for example, authentication of nodes). Answer a; the Application layer is incorrect because it defines how the user accesses the network. Answer b; the Transport layer in incorrect because this layer is responsible for general network management functions and resource optimization. Answer d is incorrect because the physical layer establishes the physical, mechanical and electrical connection and transmits the actual bits.

Question 11

67. How many layers in the TCP/IP protocol stack?

a. 1
b. 7
c. 5
d. 4

Answer 11

Explanation: Answer c is correct answer. The TCP/IP protocol stack has five layers, the Physical, Data-Link, Network, Transport, and Application

Question 12

74. Which of the following is NOT an Active telecommunications attack (by definition attack on the data in the network is altered)?

a. Playback
b. Denial of Service
c. Sniffing
d. Spoofing

Answer 12

Explanation: Answer c is correct answer. Sniffers collect the data going across the network but do not alter it. Answer a is incorrect; Playback occurs when something is recorded and then played back into the process for which it was intended. Answer b is incorrect; denial of service could be software or physical problems). Answer d is incorrect; spoofing is taking over someone’s id.

Question 13

75. Digital Signatures used in combination with e-mail does NOT provide the following:

a. Integrity
b. Confidentiality
c. Authentication
d. Non-Repudiation

Answer 13

Explanation: Answer b is correct answer. Digital Signatures do not provide confidentiality; the sender may send the document to many people. Answer a is incorrect; a digital signature allows the recipient of a given file or message to detect whether that file or message has been modified. Answer c is incorrect; a digital signature makes it possible to verify cryptographically the identity of the person who signed the message. Answer d is incorrect; a digital signature prevents the sender of a message from later claiming that they never sent it.

Question 14

76. When using e-mail, which of the following is the BEST way to secure a message?

a. Send message only to the person you want to see it
b. Write the message assuming that someone is listening in
c. Encrypt the message before sending
d. Sign the message using a digital signature

Answer 14

Explanation: Answer c is correct answer. Encrypting on your side will require the receiver to decrypt the message with your public key or a private key given to them. Answer a is incorrect; the message may be intercepted and read. Answer b is incorrect; no protection is assumed and may be read by anyone. Answer d is incorrect; sender is verified, but data is not necessarily secure.

Question 15

80. Which best describes the definition of Protocol?

a. Multiple communications networks
b. A set of rules for how information is exchanged over a communications network
c. Layering of networks
d. Layering of Suites

Answer 15

Explanation: Answer b is correct answer. Answer b dictates the formats and the sequences of the messages passed between the sender and the receiver. Answers a, c, and d do not define how the communications take place and are therefore wrong.

Question 16

143. In distributed systems, the basic security problem is knowing:

a. Who to trust
b. When to reconnect
c. How to name resources
d. The order of transactions

Answer 16

Explanation: Answer a is correct answer. Who to trust is the basic problem, the wrong answer can wreck havoc on your systems. Typically you do not have physical access to all the systems so the authentication of each is essential for trust. Answers b, c, and d are not security problems in distributed systems.

Question 17

164. Which of the following are NOT used for sending information securely over the Internet:

a. SSL
b. S-HTTP
c. HTML
d. SET

Answer 17

Explanation: Answer c is correct answer. HTML stands for Hyper Text Markup Language and controls how Web pages are formatted and displayed. Answer a is incorrect; SSL or Secure Socket Layer is a protocol developed by Netscape for transmitting private documents via the Internet. Answer b is incorrect; S-HTTP or Secure Hyper Text Transfer protocol creates a secure connection between a client and a server. Answer d is incorrect; Secure Electronic Transaction was designed to provide a complete system for electronic transactions securely

Question 18

166. Which of the following is NOT a communication threat?a. Masquerade
     b. Playback
     c. Repudiation
     d. Proxies

Answer 18

Explanation: Answer d is the correct answer; Proxies are a type of firewall and help provide secure communications. Answer a is incorrect and occurs when an imposter pretends to be an authorized user. Answer b is incorrect and occurs when someone records a legitimate message and later sends it again (a funds transfer). Answer c is incorrect; someone may deny that they ever received a message, even though they received it.

Question 19

171. What is the most commonly employed network protocol for remote access systems?

a. DECNet
b. SNA
c. IPX/NetBIOS
d. TCP/IP

Answer 19

Explanation: Answer d is correct answer. Most corporations either use TCP/IP as their networks protocol or allow their traffic to be encapsulated over TCP/IP networks. Answers A, B, and C are older protocols that are not widely supported.

Question 20

176. Which is the most secure type of Modem?

a. Dial-back modems
b. Password modems
c. Encryption modems
d. Silent modems

Answer 20

Explanation: Answer c is correct answer. All information sent via the modem is encrypted when sent and decrypted at reception, they protect against wire tapping and unauthorized users. Answer a is incorrect; dial-back modems can be defeated by call forwarding. Answer b is incorrect; Password modems rely on the strength of the password, which is often weak. Answer c is incorrect; Silent modems won’t signal that the connection has been made until you begin the logon session, but do not secure the data.

Question 21

182. Which of the following telecommunications media is MOST resistant to tapping?

a. Microwave
b. Twisted pair
c. Fibre optic
d. Coaxial cable

Answer 21

Explanation: Answer c is correct answer. Since signals in fibre optic cabling are in the form of laser light pulses, electromagnetic emissions that might be used to tap the line are essentially nonexistent. Answer a is incorrect; you only have to have access to the path of the microwave to intercept it. Answer b is incorrect; you only have to lop a wire around the twisted pair to pick up emissions. Answer d is incorrect, more secure than either a or b, but can be tapped with inexpensive equipment.

Question 22

189. Layer 4 of the OSI (Open System Integration) stack is known as?

a. The data link layer
b. The transport layer
c. The network layer
d. The presentation layer

Answer 22

Explanation: Answer b is correct answer per OSI model

Question 23

190. The most widely used standard for digital certificates is:

a. X.17799
b. X.509
c. POP3
d. X.25

Answer 23

Explanation: Answer b is correct answer. X.509 is an ITU recommendation which means it has not yet been defined or approved and may be implemented in different ways. Answer a is incorrect; there is no standard X.17799. Answer c is incorrect; POP3 stands for Post Office Protocol version 3. Answer d is incorrect; X.25 is CCITT’s (Comite´ Consultatif Internationale Telegraphique et Telephonique protocol for packet-switching networks.

Question 24

200. To update anti-virus software the quickest, which location is best to update first?

a. Mail server (Notes, Exchange)
b. Network server
c. PC
d. Internet Gateway virus server

Answer 24

Explanation: Answer d is correct answer. With most viruses being spread via the Internet or in e-mail the best location to update anti-virus software first is at the Internet gateway virus server. One update will stop any new viruses from entering the network. Answers a, b, and c, all may/will require multiple updates which will allow the virus to spread while the machines are being updated.

Question 25

217. To best protect the network from viruses where should anti-virus software be placed?

a. On the firewall
b. On the PC
c. On the router
d. On the server

Answer 25

Explanation: Answer d is correct answer. Server anti-virus software will detect and eradicate viruses at the network level. Answer a is incorrect; anti-virus software should never be placed on the firewall, it slows down the firewall. Answer b is incorrect; anti-virus software on the PC will detect and eradicate viruses on the PC, but not the network. Answer c is incorrect, as there is no anti-virus software developed for routers.