1. Главная
  2. Книги
  3. Vallabhaneni S. Rao
  4. CISSP Practice
  5. Страница 85
Выбрать главу

309. Which of the following permits Internet Protocol security (IPsec) to use external authentication services such as Kerberos and RADIUS?

a. EAP

b. PPP

c. CHAP

d. PAP

309. a. The Internet Key Exchange (IKE) Version 2 of IPsec supports the extensible authentication protocol (EAP), which permits IPsec to use external authentication services such as Kerberos and RADIUS.

The point-to-point protocol (PPP) standard specifies that password authentication protocol (PAP) and challenge handshake authentication protocol (CHAP) may be negotiated as authentication methods, but other methods can be added to the negotiation and used as well.

310. Which of the following supports the secure sockets layer (SSL) to perform client-to-server authentication process?

a. Application layer security protocol

b. Session layer security protocol

c. Transport layer security protocol

d. Presentation layer security protocol

310. c. Transport layer security (TLS) protocol supports the SSL to perform client-to-server authentication process. The TLS protocol enables client/server application to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. The TLS protocol provides communication privacy and data integrity over the Internet.

311. Challenge handshake authentication protocol (CHAP) requires which of the following for remote users?

a. Initial authentication

b. Pre-authentication

c. Post-authentication

d. Re-authentication

311. d. CHAP supports re-authentication to make sure the users are still who they were at the beginning of the session. The other authentication methods mentioned would not achieve this goal.

312. A major problem with Serial Line Internet Protocol (SLIP) is which of the following?

a. The protocol does not contain address information.

b. The protocol is used on point-to-point connections.

c. The protocol is used to attach non-IP devices to an IP network.

d. The protocol does not provide error detection or correction mechanism.

312. d. SLIP is a protocol for sending IP packets over a serial line connection. Because SLIP is used over slow lines (56kb), this makes error detection or correction at that layer more expensive. Errors can be detected at a higher layer. The addresses are implicitly defined, which is not a major problem. Point-to-point connections make it less vulnerable to eavesdropping, which is strength. SLIP is a mechanism for attaching non-IP devices to an IP network, which is an advantage.

313. A serious and strong attack on a network is just initiated. The best approach against this type of attack is to:

a. Prevent and detect

b. Detect and recover

c. Prevent and correct

d. Prevent and intervene

313. d. On any attack, preventing network attacks from occurring is the first priority. For serious and strong attacks, prevention should be combined with intervening techniques to minimize or eliminate negative consequences of attacks that may occur. Intervening actions start right after full prevention and right before full detection, correction, and recovery actions by installing decoy systems (e.g., honeypot), vigilant network administrators, and alerts/triggers from central network monitoring centers. In other words, intervening actions face the attacker head on right after the initial signs and symptoms of attack detection but do not wait until the full detection to take place as in a normal case of detection, thus halting the attacker to proceed further. These intervening actions stop the attack right at the beginning by diverting or stalling the attacker.

For serious and strong attacks, normal detection alone is not enough, correction alone or combined with detection is not enough, recovery alone or combined with detection and correction is not enough because they may not contain the serious and strong attacks quickly as they are too late to be of any significant use. However, they are very useful in normal attacks. Intervening is pro-active and action-oriented, whereas detecting, correcting, and recovering are re-active and passive-oriented.

314. Major vulnerabilities stemming from the use of the World Wide Web (WWW) are associated with which of the following?

a. External websites and hypertext markup language (HTML)

b. Web browser software and Web server software

c. External websites and hypertext transfer protocol (HTTP)

d. Internal websites and Web pages

314. b. Vulnerabilities stemming from the use of the Web are associated with browser software and server software. Although browser software can introduce vulnerabilities to an organization, these vulnerabilities are generally less severe than the threat posed by servers. Many organizations now support an external website describing their products and services. For security reasons, these servers are usually posted outside the organization’s firewall, thus creating more exposure. Web clients, also called Web browsers, enable a user to navigate through information by pointing and clicking. Web servers deliver hypertext markup language (HTML) and other media to browsers through the hypertext transfer protocol (HTTP). The browsers interpret, format, and present the documents to users. The end result is a multimedia view of the Internet.

315. Which of the following is an inappropriate control over telecommunication hardware?

a. Logical access controls

b. Security over wiring closets

c. Contingency plans

d. Restricted access to test equipment

315. a. Logical access control is a software-based control, not a hardware-based control. Security over wiring-closets circuits, transmission media, and hardware devices, and restricting access to test equipment are appropriate to protect hardware. Contingency plans to minimize losses from equipment failure or damage are important and appropriate. The other choices are physical security controls over telecommunications hardware. They minimize risks such as physical damage or unauthorized access to telecommunications hardware.

316. Which of the following guarantees network quality-of-service (QoS) and quality-of-protection (QoP)?

a. Memorandum of agreement (MOA)

b. Service-level agreement (SLA)

c. Memorandum of understanding (MOU)

d. Rules of network connection

316. b. Either MOA or MOU are initial documents prior to finalizing the SLA document. The rules of network connection can be informal and not binding. The SLA document is between a user (customer) organization and a service provider, so as to satisfy specific customer application system requirements. The SLA should address performance properties such as throughput (bandwidth), transit delay (latency), error rates, packet priority, network security, packet loss, and packet jitter.

~ 85 ~