(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests. Mike Chapple

Чтение книги онлайн.

СКАЧАТЬ to the header.Information is added to the main body of the data.The data is encrypted with a new secret key.A security envelope that provides perfect forward secrecy

      70 During a troubleshooting process, the support technician that Alyssa is talking to states that the problem is a layer 3 problem. Which of the following possible issues is not a layer 3 problem?A TTL mismatchAn MTU mismatchAn incorrect ACLA broken network cable

      71 During a review of her organization's network, Angela discovered that it was suffering from broadcast storms and that contractors, guests, and organizational administrative staff were on the same network segment. What design change should Angela recommend?Require encryption for all users.Install a firewall at the network border.Enable spanning tree loop detection.Segment the network based on functional requirements.

      72 ICMP, RIP, and network address translation all occur at what layer of the OSI model?Layer 1Layer 2Layer 3Layer 4For questions 73–75, please refer to the following scenario:Ben is an information security professional at an organization that is replacing its physical servers with cloud-hosted virtual machines. As the organization builds its virtual environment, it is moving toward a hybrid cloud operational model with some systems and services remaining in its local data center and others hosted in the cloud. The following diagram shows the local data center and cloud VPC's network IP ranges, which you should consider as you answer the questions.

      73 Ben wants to ensure that the instance-to-instance (system-to-system) traffic in his cloud-hosted infrastructure as a service environment is secure. What can he do to fully ensure that the virtualized network traffic is not being captured and analyzed?Prevent the installation of a packet sniffer on all hosts.Disable promiscuous mode for all virtual network interfaces.Disallow the use of any virtual taps.Encrypt all traffic between hosts.

      74 What issue is most likely to occur due to the subnets configured for the data center and VPC?IP address conflictsRouting loopsMAC address conflictsAll of the above

      75 Ben wants to use multiple internet service providers (ISPs) to connect to his cloud VPC to ensure reliable access and bandwidth. What technology can he use to manage and optimize those connections?FCoEVXLANSDWANLiFi

      76 WPA2's Counter Mode Cipher Block Chaining Message Authentication Mode Protocol (CCMP) is based on which common encryption scheme?DES3DESAESTLS

      77 When a host on an Ethernet network detects a collision and transmits a jam signal, what happens next?The host that transmitted the jam signal is allowed to retransmit while all other hosts pause until that transmission is received successfully.All hosts stop transmitting, and each host waits a random period of time before attempting to transmit again.All hosts stop transmitting, and each host waits a period of time based on how recently it successfully transmitted.Hosts wait for the token to be passed and then resume transmitting data as they pass the token.

      78 Mark is concerned about the physical security of his network cables. What type of network connection would be the hardest to tap without specialized equipment?WiFiBluetoothCat5/Cat6 twisted pairFiber optic

      79 Rich wants to connect his network to a building a half-mile away from his current location. There are trees and terrain features along the way, but a road passes between the trees to the other location. What type of transmission media is best suited to this type of deployment?Ethernet cable with repeaters every 200 to 300 yardsA WiFi directional antennaFiber-optic cableA LiFi system

      80 What challenge is most common for endpoint security system deployments?CompromisesThe volume of dataMonitoring encrypted traffic on the networkHandling non-TCP protocols

      81 What type of address is 127.0.0.1?A public IP addressAn RFC 1918 addressAn APIPA addressA loopback address

      82 Susan is writing a best practices statement for her organizational users who need to use Bluetooth. She knows that there are many potential security issues with Bluetooth and wants to provide the best advice she can. Which of the following sets of guidance should Susan include?Use Bluetooth's built-in strong encryption, change the default PIN on your device, turn off discovery mode, and turn off Bluetooth when it's not in active use.Use Bluetooth only for those activities that are not confidential, change the default PIN on your device, turn off discovery mode, and turn off Bluetooth when it's not in active use.Use Bluetooth's built-in strong encryption, use extended (eight digits or longer) Bluetooth PINs, turn off discovery mode, and turn off Bluetooth when it's not in active use.Use Bluetooth only for those activities that are not confidential, use extended (eight digits or longer) Bluetooth PINs, turn off discovery mode, and turn off Bluetooth when it's not in active use.

      83 What type of networking device is most commonly used to assign endpoint systems to VLANs?FirewallRouterSwitchHub

      84 Steve has been tasked with implementing a network storage protocol over an IP network. What storage-centric converged protocol is he likely to use in his implementation?MPLSFCoESDNVoIP

      85 Michelle is told that the organization that she is joining uses an SD-WAN controller architecture to manage their WAN connections. What can she assume about how the network is managed and controlled? (Select all that apply.)The network uses predefined rules to optimize performance.The network conducts continuous monitoring to support better performance.The network uses self-learning techniques to respond to changes in the network.All connections are managed by the organization's primary internet service provider.

      86 Which of the following shows the layers of the OSI model in correct order, from layer 1 to layer 7? Place the layers of the OSI model shown here in the appropriate order, from layer 1 to layer 7.Layer 1 = Data Link; Layer 2 = Physical; Layer 3 = Network; Layer 4 = Transport; Layer 5 = Session; Layer 6 = Presentation; Layer 7 = ApplicationsLayer 1 = Physical; Layer 2 = Data Link; Layer 3 = Network; Layer 4 = Transport; Layer 5 = Session; Layer 6 = Presentation; Layer 7 = Applications Layer 1 = Physical; Layer 2 = Data Link; Layer 3 = Network; Layer 4 = Transport; Layer 5 = Session; Layer 6 = Applications; Layer 7 = PresentationLayer 1 = Physical; Layer 2 = Data Link; Layer 3 = Network; Layer 4 = Session; Layer 5 = Transport; Layer 6 = Presentation; Layer 7 = Applications

      87 Valerie enables port security on the switches on her network. What type of attack is she most likely trying to prevent?IP spoofingMAC aggregationCAM table floodingVLAN hopping

      88 Alaina wants to ensure that systems are compliant with her network security settings before they are allowed on the network and wants to ensure that she can test and validate system settings as possible. What type of NAC system should she deploy?A pre-admit, clientless NAC systemA postadmission, client-based NAC systemA pre-admit, client-based NAC systemA postadmission, clientless NAC system

      89 Derek wants to deploy redundant core routers, as shown in the diagram. What model of high availability clustering will provide him with the greatest throughput?Active/activeLine interactiveActive/passiveNearline

      90 Angela needs to choose between the following protocols for secure authentication and doesn't want to create unneeded technical complexity. Which authentication protocol should she choose and why?EAP, because it provides strong encryption by defaultLEAP, because it provides frequent reauthentication and changing of WEP keys PEAP, because it provides encryption and doesn't suffer from the same vulnerabilities that LEAP doesEAP-TLS

      91 What is a frequent concern for systems that require high-performing internet connectivity when satellite internet is the only available option?SecurityCompatibility with protocols like LiFiCompatibility with protocols like ZigbeeLatency

      92 What layer of an SDN implementation uses programs to communicate needs for resources via APIs?The data planeThe control planeThe application planeThe monitoring plane

      93 Which of the following is not a drawback of multilayer protocols?They can allow filters and rules to be bypassed.They can operate at higher OSI levels.They can allow covert channels.They СКАЧАТЬ