1. Главная
  2. Книги
  3. Vallabhaneni S. Rao
  4. CISSP Practice
  5. Страница 76
Выбрать главу

234. Secure remote procedure call (RPC) uses which of the following algorithms?

a. DES

b. DH

c. 3DES

d. IDEA

234. b. Secure remote procedure call (RPC) uses the Diffie-Hellman (DH) key generation method. Under this method, each user has a private/public key pair. Secure RPC does not use the other three choices.

235. In secure remote procedure call (RPC), which of the following provides the public and private keys to servers and clients?

a. Users

b. Clients

c. Servers

d. Authentication servers

235. d. The principals involved in the secure remote procedure call (RPC) authentication systems are the users, clients, servers, and authentication server. The authentication server provides the public and private keys to servers and clients.

236. The screened subnet firewall acts as which of the following?

a. Fast packet network

b. Digital network

c. Perimeter network

d. Broadband network

236. c. The screened subnet firewall acts as a perimeter network. If there is an attack on the firewall, the attacker is restricted to the perimeter (external) network and therefore is not attacking the internal network.

237. Which of the following are examples of security boundary access controls?

a. Patches and probes

b. Fences and firewalls

c. Tags and labels

d. Encryption and smart cards

237. b. A firewall is an example of logical access control whereas fences provide a physical security and perimeter access control. When these two controls are combined, they provide a total boundary control. By limiting access to host systems and services, firewalls provide a necessary line of perimeter defense against attacks, thus providing logical security boundary control. Similarly, perimeter fences provide a physical security boundary control for a facility or building.

A patch is a modification to software that fixes an error in an operational application system on a computer. Generally, the software vendor supplies the patch. A probe is a device programmed to gather information about a system or its users. Tags and labels are used in access controls. Encryption and smart cards are used in user identification and authentication mechanisms.

238. Which of the following cannot prevent login spoofing?

a. Providing a secure channel between the user and the system

b. Installing hardware-reset button for passwords

c. Implementing cryptographic authentication techniques

d. Installing input overflow checks

238. d. Input overflow checks ensure that input is not lost during data entry or processing and are good against input overflow attacks. These attacks can be avoided by proper program design. Providing a secure channel between the user and the system can defend login spoofing. A hardware-reset button on a personal computer can be effective in removing password-based spoofing attacks. Cryptographic authentication techniques can increase security but only for complex systems.

239. Which of the following can prevent both session hijacking and eavesdropping attacks?

a. SET

b. PPP

c. FTP

d. SSL

239. d. The secure sockets layer (SSL) protocol is the technology used in most Web-based applications. When both the Web client and the Web server are authenticated with SSL, the entire session is encrypted providing protection against session hijacking and eavesdropping attacks.

The other three choices are incorrect because SET is a secure electronic transaction protocol, PPP is a point-to-point protocol, and FTP is a file transfer protocol, and as such they cannot prevent session hijacking and eavesdropping attacks.

240. Which of the following provides a security service in authenticating a remote network access?

a. Remote access server

b. Windows NT server

c. An exchange server

d. A DNS server

240. a. The remote access server (RAS) provides the following services: When a remote user dials in through a modem connection, the server hangs up and calls the remote user back at the known phone number. The other three servers mentioned do not have this kind of dial-in and callback dual control mechanism.

241. Which one of the following firewalls is simple, inexpensive, and quick to implement?

a. Static packet filter firewall

b. Dynamic packet filter firewall

c. Application gateway firewall

d. Stateful inspection gateway firewall

241. a. A static packet filtering firewall is the simplest and least expensive way to stop messages with inappropriate network addresses. It does not take much time to implement when compared to other types of firewalls.

242. Which of the following can prevent e-mail spoofing?

a. Pretty good privacy

b. Point-to-point protocol

c. Microcom networking protocol

d. Password authentication protocol

242. a. Pretty good privacy (PGP) is a cryptographic software application for the protection of computer files and e-mail. PGP provides a good authentication mechanism, confidentiality protection, and nonrepudiation protection.

Point-to-point protocol (PPP) connects two TCP/IP devices over a standard serial line, such as a common telephone link. Microcom networking protocol (MNP) defines various levels of error correction and compression for modems. Password authentication protocol (PAP) is a handshaking protocol.

243. Security problems associated with network device passwords, network devices (e.g., routers and switches), and managing access points (APs) configuration in a legacy wireless local-area network (WLAN) environment require which of the following security controls to solve all these security problems?

a. Switch Telnet to SSH

b. Switch HTTP to HTTPS

c. Switch SNMP to SNMPv3

d. Switch FTP to SFTP

243. c. The basic simple network management protocol (SNMP) should be switched to SNMP version 3 (SNMPv3) because the latter provides strong security feature enhancements to basic SNMP, including encryption and message authentication and therefore should be used. The earlier versions of SNMP, SNMPv1, and SNMPv2 should not be used because they are fundamentally insecure because they support only trivial authentication based on default plaintext community strings. SNMP version 3 handles all the security problems listed in the question. The other three choices mostly solve the password-related security problem after the protocol switch is made but do not solve all the other security problems listed. That is, Telnet should be switched to secure shell (SSH), HTTP should be switched to HTTPS using TLS, and FTP should be switched to secure FTP (SFTP).

244. A stronger barrier control around insecure application software is which of the following?

~ 76 ~