Domain 4 - Communications and Networking

Question 1

Simplex

Answer 1

one-way communication (one system transmits, the other listens)

Question 2

Half-duplex

Answer 2

communication sends or receives one at a time (only one can transmit at a time) like a Walkie Talkie

Question 3

full-duplex

Answer 3

communication is cable of sending and receiving simultaneously (both system talking at the same time)

Question 4

baseband

Answer 4

one channel, one signal at a time. ethernet is baseband

Question 5

broadband

Answer 5

multiple channels and all channels can send and receive multiple signals at a time

Question 6

Internet

Answer 6

a global connection of peered WAN networks (patchwork of ISPs)

Question 7

intranet

Answer 7

an organizations privately owned network, houses companies specific information. Example: how do I contact HR, what are policies and procedures.

Question 8

extranet

Answer 8

Private intranets that are connected. maybe these are business partners or in very large companies, all the child companies intranets connect to the extranet

Question 9

circuit switching

Answer 9

expensive
used less often
always available
guaranteed bandwidth
always takes the same path

Question 10

packet switching

Answer 10

cheap
ISP oversubscribes lines
people very seldom use what they pay for
packets take multiple different paths to destination
packets are reassembled at destination

Question 11

QOS

Answer 11

(Quality of service) give specific traffic priority over other traffic
most commonly used for VOIP or other UDP (connection less) traffic needing close to real time communication

Question 12

TCP

Answer 12

connection oriented
sequential - each packet is reassembled in the order it was sent
even with packets tacking different paths, this still happens
we use TCP for things that requires data integrity and can handle less delivery time

Question 13

PAN

Answer 13

personal area network — your personal area

Question 14

LAN

Answer 14

local area network - devices are nodes and are geographically constrained

Question 15

MAN

Answer 15

metropolitan area network - usually spans a city or large campus

Question 16

WAN

Answer 16

wide area network – covers a large geographic network area such as a city, country or even intercontinental distances. combines many types of media, telephone, cables and air waves.

Question 17

VPN

Answer 17

virtual private network

Question 18

GAN

Answer 18

global area network -
used for supporting mobile users across a number of wireless LANs, satellite coverage area. The transition from one to the next can be seamless
uses different technologies and protocols to make sure that user can continue to use their phone

Question 19

OSI model Layers 1-7

Answer 19

1 - Physical
2 - Data Link
3 - Network
4 - Transport
5 - Session
6 - Presentation
7 - Application

Question 20

We are blocking unused ports on our servers as part of our server hardening, when we block TCP/UDP port 138. Which protocol are we blocking?

Answer 20

Netbios datagram service

Question 21

We are using the OSI model to categorize attacks and threats. Which of these are COMMON layer 2 threats?
A: Ping of death
B: syn floods
C: arp spoofing
D: eavesdropping

Answer 21

C: arp spoofing
Explanation
ARP spoofing is an attack where an attacker sends a fake ARP (Address Resolution Protocol) messages over a local area network. This results in associating the attacker’s MAC address with the IP address of an authorized computer or server on our network.

Question 22

In a new data center implementation, we are wanting to use IPv6 addresses. Which of these statements are TRUE about IPv6 addresses? (Select all that apply).
A: they can use EUI/MAC48 addresses by adding ffe in the midle of the mac address
B: they use broadcast addresses
C: they are 32-bit binary
D: they are 128 bit binary

Answer 22

A and D
Explanation
IPv6 is 128-bit binary, often expressed in hexadecimal numbers (using 0-9 and a-f); for Link Local addresses we add the fe80: prefix to an address, and for EUI/MAC48 addresses we add “fffe” to make it an EUI/MAC64 address.

Question 23

Which layer of the Open Systems Interconnect (OSI) model isolates traffic into broadcast domains?

Answer 23

Explanation
Layer 3: Network Layer: Expands to many different nodes (IP) – The Internet is IP based. Isolates traffic into broadcast domains.

Question 24

know the IPV4 private addresses

Answer 24

10. 0.0.0 - 10.255.255.255.
11. 16.0.0 - 172.31.255.255
12. 168.0.0 - 192.168.255.255

Question 25

which port is used by our DHCP servers to communicate with the clients

Answer 25

Explanation
DHCP uses UDP Port 67 for the DHCP Server and UDP Port 68 for the Client.

Question 26

A system is requesting an IP address using DHCP. how would the traffic flow look

Answer 26

1. Discovery
2. offer
3. request
4. acknowledge

Question 27

Which of the following proxies cannot make access decisions based upon protocol commands?
A. Application
B. Packet filtering
C. Circuit
D. Stateful

Answer 27

answer is C.

Application and circuit are the only types of proxy-based firewall solutions listed here. The others do not use proxies. Circuit-based firewalls make decisions based on header information, not the protocol’s command structure. Application-based proxies are the only ones that understand this level of granularity about the individual protocols.

Question 28

Alice wants to send a message to Bob, who is several network hops away from her. What is the best approach to protecting the confidentiality of the message?
A. PPTP
B. S/MIME
C. Link encryption
D. SSH

Answer 28

Answer is B.
Secure Multipurpose Internet Mail Extensions (S/MIME) is a standard for encrypting and digitally signing e-mail and for providing secure data transmissions using public key infrastructure (PKI).

Question 29

what does TCP stand for in TCP/IP

Answer 29

• Transmission control protocol
• part of a suite of communication protocols
• defines how applications create communication
• manages how messages are broken down into packets to be transmitted and reassembled at the destination

Question 30

what does IP stand for in TCP/IP

Answer 30

• Internet Protocol
• part of a suite of protocols
• defines how to address and route packets for delivery

Question 31

how many layers are in TCP/IP and what are they in order (bottom to top)

Answer 31

• 4 (Link or Physical, network, transport, application)

Question 32

what does PDU stand for

Answer 32

• protocol data units

Question 33

Name the PDU and layer it is associated with in the OSI model

Answer 33

• data - session, presentation and application layer
• segments - transport layer
• packets - network layer
• frames - data link layer
• bits - physical layer

Question 34

what two things were behind the design of TCP/IP

Answer 34

• network reliability
• auto recovery from failure

Question 35

what layers does the link layer in TCP/IP map to in OSI

Answer 35

• link/physical in tcp/ip maps to (physical and data layers in the OSI model)

Question 36

what does network layer in TCP/IP map to in OSI

Answer 36

• same -network layer in OSI

Question 37

what does transport layer in TCP/IP map to in OSI

Answer 37

• same - transport layer in OSI

Question 38

what does the application layer in TCP/IP map to in OSI

Answer 38

TCP/IP application layer maps to (session, presentation and application in the OSI model)

Answer 39

Tables which included subjects, objects, and access controls / privileges

Question 40

Capability Tables

Answer 40

• Each row of an access control matrix is a capability list. A capability list is tied to the subject; it lists valid actions that can be taken on each object.
• List access controls and privileges assigned to a subject.

• ACLs focus on objects whereas capability lists focus on subjects.

Question 41

access control matrix, capabilities, ACL diagram

Answer 41

diagram

Question 42

TCB flow

Answer 42

Question 43

reference monitor

Answer 43

• (at a theoretical level) that all subject to object access should be controlled.
• It establishes an access control security policy around a computing device.

Question 44

what is the core of TCB

Answer 44

Question 45

explain TCB

Answer 45

• The trusted computer base (TCB) is the sum of all the protection mechanisms within a computer and is responsible for enforcing the security policy.
• this includes hardware, software, controls, and processes
• the TCB is responsible for confidentiality and integrity
• TCB is the only portion of a system that operates at a high level of trust

Question 46

what encryptions use discrete logarithms

Answer 46

• DSA
• Diffie-Hellman
• ElGamal

Answer 47

• if it is implemented by itself it is vulnerable to a man-in-the-middle attack

Answer 48

• digital certificates and PKI

Question 49

what are the key components of digital signature

Answer 49

• information about the use requesting the certification - used for proof of identity by the RA
• requesting users public key
• both of these pieces (user information the users public key) encrypted with the CAs private key

so when Alice sends a message to Bob with her digital signature, Bob uses the CA’s public key to decrypt the information. Bob knows the CAs public key because his browser has that information

Question 50

why would we need Diffie_Hellman if we are using asymmetric encryption

Answer 50

• asymmetric encryption is super slow but a better form of original communication since we are using public/private keys for encryption and decryption
• Diffie_Hellman helps us to determine a shared key over an unsecure media (internet) so that we can use symmetric encryption (faster)

Question 51

what is a caveat of RSA

Answer 51

• RSA needs to be appropriately padded to be secure

Question 52

As the length of plaintext messages is variable, the last block of a message is typically padded (expanded) per a certain padding scheme to be at the same size as the underlying cipher block. Which of the following block cipher modes of operation is most likely subject to padding oracle attack or POODLE attack? (Wentz QOTD)
A. Counter (CTR)
B. Cipher block chaining (CBC)
C. Cipher feedback (CFB)
D. Output feedback (OFB)

https://wentzwu.com/2022/01/03/cissp-practice-questions-20220103/

Answer 52

My suggested answer is B. Cipher block chaining (CBC).

explanation: A block cipher is a cryptographic algorithm operating on fixed-length blocks of bits. As a block has a fixed length and messages are variable in length, padding is required which adds data to the beginning, middle, or end of a message prior to encryption.

• “In cryptography, a padding oracle attack is an attack which uses the padding validation of a cryptographic message to decrypt the ciphertext.” (Wikipedia)
• “The POODLE attack (which stands for “Padding Oracle On Downgraded Legacy Encryption”) is a man-in-the-middle exploit which takes advantage of Internet and security software clients’ fallback to SSL 3.0.” (Wikipedia)

Question 53

elliptic curve Diffie_Hellman - what is the benefit

Answer 53

• Diffie_Hellman key exchange plus elliptic curve cryptography
• (all of the math aside) it uses the structure of curves to reduce the size of keys while still providing the equivalent level of security as non-elliptic curve cryptography
• a 224 bit elliptic curve key proves roughly the same level of security as 2048 bit RSA key

Question 54

for diffie-hellman key exchange to work properly what is needed with generated numbers

Answer 54

• both parties have to use cryptographically secure pseudo random number generators to generate the numbers they use in the Diffie_Hellman key exchange
• if numbers are somewhat predictable, it can make it much easier for a eavesdropping attacker to figure out the shared secret or either of Alice or Bob’s secret integers

Question 55

common ports to remember

Answer 55

• 21 (FTP) file transport protocol - TCP
• 22 (SSH) secure shell -TCP
• 23 Telnet -TCP
• 25 (SMTP) simple mail transport protocol - TCP
• 53 (DNS) domain name system - both TCP/UDP
• 67/68 (DHCP) dynamic host configuration protocol - UDP
• 80 (HTTP) hypertext transport protocol
• 110 (POP3) post office protocol - TCP
• 138 netbios datagram service both TCP/UDP
• 143 (IMAP) internet message access protocol - TCP
• 443 (HTTPS) hypertext transport protocol secure
• 3389 (RDP) remote desktop server both TCP/UDP

Question 56

what are the ports listed below and are they udp or tcp

• 21
• 22
• 23
• 25

Answer 56

• 21 (FTP control) file transport protocol - TCP
• 22 (SSH) secure shell -TCP
• 23 Telnet -TCP
• 25 (SMTP) simple mail transport protocol - TCP

Question 57

what are the ports listed below and are they tcp or udp

• 53
• 67/68
• 80
• 110

Answer 57

• 53 (DNS TCP/UDP) domain name system - both TCP/UDP
• 67/68 (DHCP- UDP) dynamic host configuration protocol
• 80 (HTTP) hypertext transport protocol
• 110 (POP3) post office protocol - TCP

Question 58

what are the ports below and are they tcp or udp

• 138
• 143
• 443
• 3389

Answer 58

• 138 netbios datagram service both TCP/UDP
• 143 (IMAP - TCP) internet message access protocol
• 443 (HTTPS -TCP/UDP) hypertext transport protocol secure
• 3389 (RDP - TCP) remote desktop server both TCP

Question 59

common wireless speeds

Answer 59

wireless speeds

Question 60

what are the ports below and tcp or udp

• 20
• 88
• 389
• 49
• 1812/1813

Answer 60

• 20 (FTP data transport) file transfer protocol domain name system - both TCP/UDP
• 88 (Kerberos)
• 389 (LDAP TCP/UDP) Lightweight Directory access
• 49 (TACACS+)
• 1812/1813 Radius TCP

Question 61

ephemeral port range

Answer 61

49152-65535

Question 62

WPA2 attributes

Answer 62

• (CCMP) counter mode with cipher block chaining message authentication code protocol
• AES

Question 63

IPV6 local address

Answer 63

• fe80::b8:20fa:22ff:fe52:888a

Question 64

gateway attributes

Answer 64

• a gateway connects networks that are using different network protocols. also known as protocol translators, can be stand-alone hardware devices or a software service.
• primarily layer 3
• could be any layer

Question 65

• PGP (pretty good privacy)

Answer 65

• Used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications.

Question 66

what is layer 6 in OSI and what function does it serve

Answer 66

• presentation
• coding and conversation functions on application layer data

Question 67

what is layer 6 in OSI and what function does it serve

Answer 67

• responsible for “presentation” character conversion, codecs, compression and decompression for streaming audio and video, image conversion, formatting (TIFF, JPEG, MPEG)
• establishes, manages, and terminates communication sessions between presentation layer entities

Question 68

what is layer 5 in the OSI and what function does it serve

Answer 68

• session
• circuit proxy firewall
• session management capabilities between hosts
• assists in synchronization, remember session information like passwords, so verification does not need to repeat, dialog control

Question 69

what is layer 4 in the OSI and what function does it serve and what ports

Answer 69

• transport
• responsible for end to end connection with error correction and detection
• data transport services transparent to upper layers
• TLS/SSL, TCP/UDP

Question 70

what is layer 3 in the OSI and what function does it serve

Answer 70

• Network
• IP addresses
• responsible for logical addressing, routing and datagram
• routers and packet filtering firewalls (simplest and fastest firewall)

Question 71

what is layer 2 of OSI and what function does it serve

Answer 71

• data link
• MAC address
• provides reliable transit of data across a physical network link

Question 72

what is layer 1 of OSI and what function does is server and what devices

Answer 72

• physical
• hubs, repeaters, concentrators
• bit level transmission between different devices, electrical or mechanical interfaces

Question 73

network class range of IPS

Answer 73

• Class A -
  
  • 127 networks
  • 16,777,214 hosts per network
• Class B -
  
  • 16,384 network
  • 65,534 hosts per network
• Class C -
  
  • 2,097,152 networks
  • 254 hosts per network

Question 74

which of the following best describes all the components of a system that are responsible for system security

• the international common criteria
• TCSEC
• TCB
• ITSEC

Answer 74

• TCB (trusted computing base)

Question 75

The purpose of key escrow is to enable a trusted third party to do which of the following? (Select the best answer.)

Answer 75

• access sensitive data if the need arises

Question 76

Which of the following types of obfuscation deals with making a program obscure to computers?

Answer 76

prevention obfuscation

Question 77

which of the following security standards recommends security controls based on industry best practices?

A. International Organization for Standardization (ISO) 27002

B. International Organization for Standardization (ISO) 27001

C. Information Technology Infrastructure Library (ITIL)

D. Control Objects for Information and Related Technology (COBIT)

Answer 77

Explanation:

ISO 27002 is a security standard that recommends security controls based on industry best practices. ISO 27002, which was renumbered from ISO 17799 in 2005, is based on British Standard 7799 (BS 7799); it defines security objectives and provides a list of security controls that are based on industry best practices. ISO 17799, and subsequently ISO 27002, was based on the first part of BS 7799. ISO 27002 includes the following 14 objectives:

1. Security Policy
2. Organization of Information Security
3. Human Resources Security
4. Asset Management
5. Access Control
6. Cryptography
7. Physical and Environmental Security
8. Operations security
9. Communications Security
10. Information Systems Acquisition, Development, Maintenance
11. Supplier Relationships
12. Information Security Incident management
13. Information Security Aspects of Business Continuity
14. Compliance

Question 78

what physical device is at layer 5 of OSI and what protocols

Answer 78

• circuit proxy firewall
  
  • Socks is an example of proxy firewall
• Netbios, SMB, RPC, NFS, and SQL
• RPC - remote procudure protocol
  
  • enables clients to send a request to a remote server to execute a specific procudure with supplied parameters

Question 79

what law prevents government agencies from disclosing personal information that an individual supplies to the government under protected circumstances

Answer 79

• privacy act

NOTE: it is not electronic communications privacy act

Question 80

what is layer 7 of OSI what works there, devices and protocols

Answer 80

• application layer
• greatest intelligence to make decisions
• human computer interaction and where applications can access network services
• application firewalls (very intelligent, very advanced decisions like deep packet inspection, slow)
• HTTP/S, DNS, SSH, SNMP, LDAP, DHCP, Telnet, POP3 IMAP,

Question 81

what is layer 6 of OSI, what works there, devices and protocols

Answer 81

• Presentation layer
• encryption/decryption
• responsible for “presentation” character conversion, codecs, compression and decompression for streaming audio and video, image conversion, formatting (TIFF, JPEG, MPEG)

Question 82

what is layer 4 of OSI model, what works there, what devices, what ports

Answer 82

• Transport layer
• responsible for end to end connection with error correction and detection
• Ports - 65,535 total (know some common ports)
• TCP/UDP and SSL/TLS(used to encrypt http and other data traffic) (makes sure to know tcp/udp nuances)

Question 83

what is layer 3 in OSI, what works here, what devices, what protocols

Answer 83

• nework
• IP addresses
• responsible for logical addressing, routing and datagram
• routers and packet filtering firewalls (simplest and fastest firewall)
• IP, ICMP(ping), IPSEC, IKE, ISAKMP, PING, IGMP IGMP, NAT, SKIP, OSPF (routing protocols)

Question 84

what is layer 2 of OSI, what works there, what devices and what prototocols

Answer 84

• Data Link
• MAC address
• switches (L2) and Bridges
• 802.1x (protocol used for authenticating network devices to a network – (Port based NAC/ISE))
• arp, rarp, PPTP, L2TP(vpn tunnels) , ppp (encapsulates IP traffice over analog, provides authentication, encryption (poor) and compression))
• authentication protocols pap, chap and eap
• FDDI, ISDN,

Question 85

what is arp and what OSI level does it operate at

Answer 85

• address resolution protocol
• converts a IP address at layer 3 (network)to a MAC address at layer 2 (data link)

Question 86

what do bridges do and what layer on OSI

Answer 86

• layer 2
• connect 2 physical network segments together

Question 87

other than SAML what other protocols enable single sign-on/federated access

Answer 87

• OpenID - provides authentication
  
  • is an open standard, It provides decentralized authentication, allowing users to log into multiple unrelated websites with one set of credentials maintained by a third-party service referred to as an OpenID provide
• OAuth - provides authorization
  
  • is an open standard for authorization, commonly used as a way for Internet users to log into third party websites using their Microsoft, Google, Facebook, Twitter, One Network etc. accounts without exposing their password.

Question 88

vulnerability and pen testing stages

Answer 88

• reconnaissance - gathering information about target
• enumeration/scanning - open ports and check network traffic
• vulnerability analysis/assessment - using tools to find vulnerabilities to exploit
• execute/exploitation - a vulnerability assessment moves to reporting. a pen tester attemps to exploit the vulnerabilities looking to verify if they are false positives or not
• reporting - prepare and deliver the documentation (CVEs and CVSS scores)

Question 89

Candidate Keys

Answer 89

• one or more per table
• a subset of attributes that can be used to uniquely identify any record in a table. No two records in the same table will ever contain the same values for all attributes composing a candidate key.
  • example: first name last name would work as a good candidate key until you have two employees with the same name. another column something like employee # might work better

Question 90

collisions on the network are handled how and what OSI layer do they happen at

Answer 90

• carrier sense multi access Collision Detection (csma/cd) (ethernet)
• carrier sense multi access Collision Avoidance (CSMA/CA) (wireless 802.11)
• layer 1 of OSI (physical layer)

Question 91

cryptographic algorithms convert plaintext to ciphertext with two methods

Answer 91

• substitution
• transposition

Question 92

Event:

Answer 92

• An observable change in state, this is neither negative nor positive, it is just something has changed.
• A system powered on, traffic from one segment to another, an application started.

Answer 93

• mac spoofing
• mac flooding

Question 94

layer 1 of OSI what protocols

Answer 94

• 802.11 (wireless family) radio frequency, infrared, microwave, bluetooth
• ethernet, wired (twisted, pair, coax, fiber optics, SONET

Question 95

security domain

Answer 95

• establishing the access control security policy by grouping the objects a user can access into a security domain.

Question 96

what OSI layer do these belong to

• Netbios, SMB, RPC, NFS, and SQL

Answer 96

layer 5