73. The least effective control in mitigating communication network failures would be which of the following?

a. Network contingency plans

b. Network capacity planning

c. Network application system

d. Network performance monitoring

73. c. A network application system that collects traffic statistics and provides reports to alert the network management does not help in minimizing communication network failures.

The other three choices are important to minimize losses from a network failure. Network contingency plans deal with redundant switching equipment, parallel physical circuits, and standby power supplies to address network disasters. Network capacity plans assist in forecasting computer resource requirements to ensure that adequate capacity exists when needed. For example, the capacity studies may call for higher bandwidth to accommodate newer technologies such as multimedia and videoconferencing. Capacity planning activities use current system performance data as a starting point to predict future resource needs. Network performance monitoring involves analyzing the performance of a computer system to determine how resources are currently utilized and how such utilization can be improved.

74. Conducting a periodic network monitoring to verify proper operations does not normally include:

a. Detecting network layers

b. Detecting line errors

c. Detecting terminal errors

d. Detecting modem errors

74. a. A network is composed of distinct layers, which is a network design issue, with each layer providing a specific function for the network. Periodic monitoring of the network does not normally include detection of the network layers where covert channels in ICMP or DNS can be found. For example, the ISO/OSI reference model has seven layers: application layer, presentation layer, session layer, transport layer, network layer, data link layer, and physical layer. Detecting line errors, terminal errors, and modem errors are routinely detected and monitored to ensure proper network operations.

75. Which of the following actions is not true about prohibiting remote activation for collaborative computing devices?

a. Block inbound and outbound traffic between instant messaging clients configured by end users.

b. Block inbound and outbound traffic between instant messaging clients configured by external providers.

c. Disconnect all unneeded collaborative computing devices physically.

d. Block inbound and outbound traffic between instant messaging clients configured by the IT security.

75. d. Collaborative computing devices are networked white boards and cameras. It is a good security practice to block the inbound and outbound network traffic configured by end users and external service providers, and not block the configurations established by the IT security function.

76. For worldwide interoperability for microwave access (WiMAX) security, when an adversary drains a client node’s battery by sending a constant series of management messages to the subscriber station/mobile subscriber (SS/MS), what is it called?

a. Man-in-the-middle attack

b. Water torture attack

c. Radio frequency jamming attack

d. Radio frequency scrambling attack

76. b. Exploitation of unencrypted management messages can result in subtle denial-of-service (DoS), replay, or manipulation attacks that are difficult to detect. These attacks spoof management messages. A water torture attack is an example of subtle DoS attack in which an adversary drains a client node’s battery by sending a constant series of management messages to the SS/MS. Radio frequency (RF) jamming is classified as a DoS attack. RF scrambling attacks are the precise injections of RF interference during the transmission of specific management messages. A man-in-the-middle (MitM) attack occurs when an adversary deceives an SS/MS to appear as a legitimate base station (BS) while simultaneously deceiving a BS to appear as a legitimate SS/MS.

77. Regarding worldwide interoperability for microwave access (WiMAX) security, which of the following is not a weakness of data encryption standard-cipher block chaining (DES-CBC) algorithm?

a. Replay attack

b. Denial-of-service attack

c. Eavesdropping attack

d. Man-in-the-middle attack

77. a. The weaknesses of data encryption standard-cipher block chaining (DES-CBC) are well documented, and include denial-of-service (DoS), eavesdropping, and man-in-the-middle (MitM) attacks. Replay attacks occur when adversaries reuse expired traffic encryption keys (TEKs). Replay attacks lead to unauthorized disclosure of information and compromise of the TEK.

78. For worldwide interoperability for microwave access (WiMAX) security, denial-of-service (DoS) attacks occur due to which of the following?

1. Lack of mutual authentication

2. Use of nonunicast messages

3. Use of wireless technology as a communications medium

4. Use of unencrypted management messages

a. 1 and 2

b. 1 and 3

c. 2 and 3

d. 1, 2, 3, and 4

78. d. Lack of mutual authentication occurs between subscriber’s station (SS) and base station (BS). This may enable a rogue BS operator to degrade performance or steal information by conducting denial-of-service (DoS) or forgery attacks against client SSs. In unencrypted management messages, nonunicast messages open WiMAX systems to DoS attacks. In the use of wireless as a communications medium, a DoS attack can be executed by the introduction of a powerful radio frequency (RF) source intended to overwhelm system radio spectrum.

79. For worldwide interoperability for microwave access (WiMAX) security, replay attacks occur due to which of the following?

1. Injection of reused traffic encryption key

2. Insecure unicast messages

3. Unencrypted management messages

4. Insecure nonunicast messages

a. 1 and 2

b. 1 and 3

c. 2 and 3

d. 3 and 4

79. b. Replay attacks occur due to injection of reused traffic encryption key (TEK) and unencrypted management messages. Integrity checks are added to unicast messages to prevent replay attacks. Nonunicast messages are open to DoS attacks.

80. For worldwide interoperability for microwave access (WiMAX) security, a countermeasure for man-in-the-middle (MitM) attack is:

a. DES-CBC

b. AES-CCM

c. AES only

d. VPN only

80. b. If a WiMAX system is not using the advanced encryption standard Counter with CBC message authentication code (AES-CCM), it can open up the possibility of a MitM attack. Data encryption standard-cipher block chaining (DES-CBC) is a weak algorithm that cannot ensure confidentiality of data and may lead to MitM attack. Virtual private network (VPN) is a mature technology and cannot defend against the MitM attacks. The advanced encryption standard (AES) is not as strong as the AES-CCM.