1. Главная
  2. Книги
  3. Vallabhaneni S. Rao
  4. CISSP Practice
  5. Страница 83
Выбрать главу

BGP is used in updating routing tables, which are essential in assuring the correct operation of networks, as it is a dynamic routing scheme. Routing information received from other BGP routers is accumulated in a routing table. These routes are then installed in the router’s forwarding table.

An eavesdropper could easily mount an attack by changing routing tables to redirect traffic through nodes that can be monitored. The attacker could thus monitor the contents or source and destination of the redirected traffic or modify it maliciously.

The adj-RIB-In table routes after learning from the inbound update messages from BGP peers. The loc-RIB table routes after selecting from the adj-RIB-In table. The adj-RIB-Out table routes to its peers that the BGP router will advertise based on its local policy.

294. In Web services, which of the following can lead to a flooding-based denial-of-service (DoS) attack?

a. Source IP address

b. Network packet behavior

c. SOAP/XML messages

d. Business behavior

294. d. Flooding attacks most often involve copying valid service requests and re-sending them to a provider. The attacker may issue repetitive SOAP/XML messages in an attempt to overload the Web service. The user behavior (business behavior) in using the Web service transactions may not be legitimate and is detected, thus constituting a DoS attack. The other three choices may not be detected because they are legitimate where the source IP address is valid, the network packet behavior is valid, and the SOAP/XML message is well formed.

295. It has been said that no system is completely secure and can handle all disasters. Which one of the following items is needed most, even when all the other three items are working properly, to ensure online operation and security?

a. Intrusion detection systems (IDSs)

b. Firewalls

c. Antivirus software

d. File backups

295. d. Intrusion detection systems (IDSs), firewalls, and antivirus software are critical to online security. But no system is completely secure and can handle all disasters. Important files stored on a computer must be copied onto a removable disc and kept in a safe and secure place (i.e., file backups). IDS has detection features, but this is not enough in case of a disaster. Firewalls have protection features, but this is not enough in case of a disaster. Antivirus software has dis-infection features, but this is not enough in case of a disaster.

296. Which of the following technologies enables phone calls and facsimile transmissions to be routed over the same network used for data?

a. File transfer protocol

b. Content streaming

c. Voice over Internet Protocol

d. Instant messaging

296. c. In a Voice over Internet Protocol (VoIP) technology, voice and data are combined in the same network. The other three choices cannot combine voice and data. File transfer protocol (FTP) is used to copy files from one computer to another. Content streaming is a method for playing continuous pictures and voice from multimedia files over the Internet. It enables users to browse large files in real time. Instant messaging (IM) technology provides a way to send quick notes or text messages from PC to PC over the Internet, so two people who are online at the same time can communicate instantly.

297. The network address translation (NAT) changes which of the following from a connectionless network to a connection-oriented network?

a. Internet

b. Transmission control protocol (TCP)

c. Internet Protocol (IP)

d. Switched multimegabit data services (SMDS)

297. a. The network address translation (NAT) changes the Internet from a connectionless network to a connection-oriented network through its converting, mapping, and hiding of the Internet IP addresses. By design, the TCP is a connection-oriented network and both IP and SMDS are connectionless networks, which are not changed by the NAT.

298. Which of the following would be inherently in conflict with a traffic padding security mechanism?

a. Security labels and data splitting

b. Packet-switching network and local-area network

c. Packet-switching network and security labels

d. Local-area network and data splitting

298. b. A traffic-padding security mechanism provides security services such as traffic flow confidentiality. It involves collecting and transmitting spurious cases of communication and data and is used with encryption so that “dummy” data is separated from the real data.

A packet-switching network is in conflict with the traffic-padding security mechanism because it divides the data traffic into blocks, called packets. These packets, a group of binary digits, are delivered to the destination address in a data envelope. Because of a routing function used in packet switching, it is possible that packets can reach their destination out of sequence. The intended traffic-padding security mechanism will not be achieved with the use of a packet-switching network.

A local-area network refers to a network that interconnects systems located in a small geographic area, such as a building or a complex of buildings (campus). Traffic padding operates a network up to its full capacity thereby curtailing the resource sharing potential of the LAN.

Security label is a designation assigned to a system resource, such as a file, which cannot be changed except in emergency situations. Security labels protect the confidentiality of data. Similarly, data splitting increases the confidentiality of data where the file is broken up into two or more separate files so that an intruder cannot make any sense out of them. The separate files are then transferred independently via different routes and/or at different times.

299. The Internet Protocol version 6 (IPv6) is not related to which of the following?

a. Session-less protocols

b. Datagram-based protocols

c. Session initiation protocol (SIP)

d. Simple Internet Protocol Plus (SIPP)

299. c. Session initiation protocol (SIP) is a text-based protocol, like simple mail transfer protocol (SMTP) and hypertext transfer protocol (HTTP), for initiating interactive communication sessions between users. Such sessions include voice, video, data, instant messaging, chat, interactive games, and virtual reality. SIP is the protocol used to set up conferencing, telephony, multimedia, and other types of communication sessions on the Internet. SIP has nothing to do with and is not related to the Internet Protocol version 6 (IPv6).

Both the IPv4 and IPv6 are session-less and datagram-based protocols. The IPv6 security features include encryption, user authentication, end-to-end secure transmission, privacy, and automatic network configuration (automatically assigning IP addresses to hosts). IPv6 also handles real-time and delay-sensitive traffic. IPv6 runs on high-speed networks, those using asynchronous transfer mode (ATM) and wireless networks. Simple Internet Protocol Plus (SIPP) is used in IPv6.

300. Which of the following border gateway protocol (BGP) attacks does not use message digest 5 (MD5) authentication signature option as a countermeasure?

~ 83 ~