c. Narrowband ISDN, fiber optics, and asynchronous transfer mode (ATM)

d. Broadband ISDN, fiber optics, and ATM

66. d. Multimedia applications take advantage of the capability of high-bandwidth integrated services networks to deliver many different kinds of data such as video, image, audio, and text and numerical data. They also take advantage of the processing power of advanced workstations and other devices attached to the network, enabling users to edit, process, and select data arriving from a variety of sources over the network. The capacity of a network, measured as the number of bits it can transmit every second, is called bandwidth. Narrowband networks are low-bandwidth networks, and broadband networks are high-bandwidth networks.

ATM has been chosen as the foundation for the broadband ISDN where the latter is used to carry voice, video, and data traffic to support a range of applications. ATM networks are also suitable for carrying data, video, and voice communications. Fiber optics is an enabling technology for broadband networks. With increased bandwidth, the links can move data more quickly and support the transport of bandwidth-intensive traffic such as video.

Broadband ISDN uses different technology from narrowband (ordinary) ISDN. Narrowband ISDN is best viewed as a digital upgrade of the telephone network’s copper local loop. Broadband ISDN, by contrast, requires fiber optics and ATM, a new approach to network design. ISDN and broadband ISDN have little in common other than their names.

ISDN is a telecommunications industry standard for upgrading local loops to digital service. It enables the existing copper local loops to be used for digital service. However, it requires users to buy new equipment for their end of line, which converts their data to the ISDN format. It also requires that the telephone company’s equipment, such as the central office switches, be upgraded. The local loop uses low-capacity analog copper wires.

67. What is a physical security control that uses a network configuration mechanism to minimize theft or damage to computer equipment?

a. Web server

b. Terminal server

c. Server farm

d. Redundant server

67. c. In a server farm, all servers are kept in a single, secure location, and the chances of theft or damage to computer equipment are lower. Only those individuals who require physical access should be given a key. A redundant server concept is used in contingency planning and disaster recovery, which is kept away from the server farm.

68. Which of the following performs application content filtering?

a. Sensors

b. Gateway

c. Proxy

d. Hardware/software guard

68. c. A software proxy agent performs application content filtering to remove or quarantine viruses that may be contained in e-mail attachments, to block specific MIME types, or to filter other active content (e.g., Java, JavaScript, and ActiveX Controls). The proxy accepts certain types of traffic entering or leaving a network, processes it, and forwards it.

The other three choices are not related to application content filtering. Sensors are composed of network monitors and network scanners, where the former performs intrusion detection, and the latter performs vulnerability scanning. A gateway is an interface providing compatibility between networks by converting transmission speeds, protocols, codes, or security measures. A hardware/software guard enables users to exchange data between private and public networks, which is normally prohibited because of information confidentiality.

69. Which of the following functions is similar to a host firewall?

a. Authentication header

b. TCP wrappers

c. Encapsulating security payload

d. Security parameters index

69. b. Transmission control protocol (TCP) wrappers are a freely available application that functions similarly to a firewall. It can be used to restrict access and configured in such a way that only specified user IDs or nodes can execute specified server processes. An authentication header is one part of IPsec’s two security headers: (i) the authentication header and (ii) the encapsulating security payload. The authentication header provides source authentication and integrity to the IP datagram, and the payload provides confidentiality. A security parameter index consists of cryptographic keys and algorithms, and the authentication header contains the index.

70. A major risk involving the use of packet-switching networking is that:

a. It is possible that some packets can arrive at their destinations out of sequence.

b. It is not possible to vary the routing of packets depending on network conditions.

c. Terminals attached to a public data network may not have enough intelligence.

d. Terminals attached to a public data network may not have enough storage capacity.

70. a. Most packet-switching networks can vary the routing of packets depending on network conditions. Because of this, it is possible that some packets can arrive at their destinations out of sequence while most packets can arrive at their destination in normal sequence because they are reassembled at the receiver end. The reason for some packets not reaching their destinations is that there is a potential security risk in that a smart attacker can change the packet sequence numbers in the middle of the stream and divert the packet to his own site for later attack and then change the sequence numbers back to the original condition or forget to do it in the right way thus breaking the sequence. Even worse yet, a malicious attacker can insert fake sequence numbers so the packet would not reach its destination point. Here, the attacker’s goal is to steal valuable information from these packets for his own benefit.

Terminals attached directly to a public data network must have enough intelligence and storage capacity to break large messages into packets and to reassemble them into proper sequence. A packet assembly and disassembly (PAD) facility can help accommodate intelligence and storage problems.

71. One of the goals of penetration testing security controls is to determine:

a. The time between the flaw identification and the flaw remediation process

b. The time between the vulnerability identification and the vulnerability remediation process

c. The time between the vulnerability identification and the vulnerability exploitation

d. The time between the weaknesses is discovered and the time to eliminate the weaknesses

71. c. One of the goals of penetration testing is to determine exploitability of identified vulnerability. It is called time-to-exploitation, where the penetration testers (i.e., red team and blue team) determine the time to exploit. The other three choices require a corrective action in terms of a plan of action and milestones.

72. The basic protocols would not address which of the following?

a. Message size, sequence, and format

b. Message routing instructions

c. Error detection and correction

d. Message authentication

72. d. A basic protocol is a set of rules governing a specific time sequence of events. It defines the method of formatting bits of data and messages for transmission, routing, and identification of messages including error detection and correction. However, it does not address a message authentication, which is a security feature.