SSCP : System Security Certified Practitioner (SSCP) : Part 15

SSCP : System Security Certified Practitioner (SSCP) : Part 15

1. The basic language of modems and dial-up remote access systems is:

   • Asynchronous Communication.
   • Synchronous Communication.
   • Asynchronous Interaction.
   • Synchronous Interaction.

   Explanation:

   Asynchronous Communication is the basic language of modems and dial-up remote access systems.

   Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 100.

2. Unshielded Twisted Pair cabling is a:

   • four-pair wire medium that is used in a variety of networks.
   • three-pair wire medium that is used in a variety of networks.
   • two-pair wire medium that is used in a variety of networks.
   • one-pair wire medium that is used in a variety of networks.
   Explanation:
   Unshielded Twisted Pair cabling is a four-pair wire medium that is used in a variety of networks.
   Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 101.

3. Unshielded Twisted Pair (UTP) cables comes in several categories. The categories are based on:

   • The level of performance
   • How thick the shielding is.
   • The length of the cable
   • The diameter of the copper.
   Explanation:

   TIA/EIA-568 is a set of telecommunications standards from the Telecommunications Industry Association, an offshoot of the EIA. The standards address commercial building cabling for telecom products and services.

   The standard is currently (2009) at revision C, replacing the 2001 revision B, the 1995 revision A, and the initial issue of 1991, which are now obsolete.

   Perhaps the best known features of TIA/EIA-568 are the pin/pair assignments for eight-conductor 100-ohm balanced twisted pair cabling. These assignments are named T568A and T568B, and are frequently referred to (erroneously) as TIA/EIA-568A and TIA/EIA-568B. An IEC standard ISO/IEC 11801 provides similar standards for network cables.

   The standard defines categories of unshielded twisted pair cable systems, with different levels of performance in signal bandwidth, attenuation, and cross-talk. Generally increasing category numbers correspond with a cable system suitable for higher rates of data transmission. Category 3 cable was suitable for telephone circuits and data rates up to 16 million bits per second. Category 5 cable, with more restrictions on attenuation and cross talk, has a bandwidth of 100 MHz. The 1995 edition of the standard defined categories 3, 4, and 5. Categories 1 and 2 were excluded from the standard since these categories were only used for voice circuits, not for data.

   Twisted pair cabling is a type of wiring in which two conductors of a single circuit are twisted together for the purposes of canceling out electromagnetic interference (EMI) from external sources; for instance, electromagnetic radiation from unshielded twisted pair (UTP) cables, and crosstalk between neighboring pairs. It was invented by Alexander Graham Bell.

   SOME OF THE LIMITATION OF UTP
   UTP has several drawbacks. Because it does not have shielding like shielded twisted-pair cables, UTP is susceptible to interference from external electrical sources, which could reduce the integrity of the signal. Also, to intercept transmitted data, an intruder can install a tap on the cable or monitor the radiation from the wire. Thus, UTP may not be a good choice when transmitting very sensitive data or when installed in an environment with much electromagnetic interference (EMI) or radio frequency interference (RFI). Despite its drawbacks, UTP is the most common cable type. UTP is inexpensive, can be easily bent during installation, and, in most cases, the risk from the above drawbacks is not enough to justify more expensive cables.

   Resource(s) used for this question:
   Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 6507-6511). Auerbach Publications. Kindle Edition.
   http://en.wikipedia.org/wiki/TIA/EIA-568#cite_note-7
   http://en.wikipedia.org/wiki/Twisted_pair
   AIOv3 Telecommunication and Networking Security (page 455)

4. The communications products and services, which ensure that the various components of a network (such as devices, protocols, and access methods) work together refers to:

   • Netware Architecture.
   • Network Architecture.
   • WAN Architecture.
   • Multiprotocol Architecture.
   Explanation:

   A Network Architecture refers to the communications products and services, which ensure that the various components of a network (such as devices, protocols, and access methods) work together.

   Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 101.

5. Network cabling comes in three flavors, they are:

   • twisted pair, coaxial, and fiber optic.
   • tagged pair, coaxial, and fiber optic.
   • trusted pair, coaxial, and fiber optic.
   • twisted pair, control, and fiber optic.
   Explanation:

   Network cabling comes in three flavors: twisted pair, coaxial, and fiber optic.
   Twisted pair

   Twisted pair cabling is a form of wiring in which two wires (the forward and return conductors of a single circuit) are twisted together for the purposes of canceling out electromagnetic interference (EMI) from external sources. This type of cable is used for home and corporate Ethernet networks. Twisted pair cables consist of two insulated copper wires. There are three types of twisted pair cables: Shielded, Unshielded and Foil
   Fiber Optic cable

   An optical fiber cable consists of a center glass core surrounded by several layers of protective material. The outer insulating jacket is made of Teflon or PVC to prevent interference. It is expensive but has higher bandwidth and can transmit data over longer distances.
   Coaxial cable

   Coaxial lines confine the electromagnetic wave to area inside the cable, between the center conductor and the shield. The transmission of energy in the line occurs totally through the dielectric inside the cable between the conductors. Coaxial lines can therefore be bent and twisted (subject to limits) without negative effects, and they can be strapped to conductive supports without inducing unwanted currents in them and though.

   The most common use for coaxial cables is for television and other signals with bandwidth of multiple megahertz. Although in most homes coaxial cables have been installed for transmission of TV signals, new technologies (such as the ITU-T G.hn standard) open the possibility of using home coaxial cable for high-speed home networking applications (Ethernet over coax).

   See the following page for more details: http://fcit.usf.edu/network/chap4/chap4.htm

   Reference used for this question:
   KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 101.
   and
   Wikipedia at http://en.wikipedia.org/wiki/Networking_cables

6. How long are IPv4 addresses?

   • 32 bits long.
   • 64 bits long.
   • 128 bits long.
   • 16 bits long.
   Explanation:
   IPv4 addresses are currently 32 bits long. IPv6 addresses are 128 bits long.
   Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 87.

7. Which of the following is the core of fiber optic cables made of?

   • PVC
   • Glass fibers
   • Kevlar
   • Teflon
   Explanation:

   Fiber optic cables have an outer insulating jacket made of Teflon or PVC, Kevlar fiber, which helps to strengthen the cable and prevent breakage, plastic coatings, used to cushion the fiber center. The center (core) of the cable is made of glass or plastic fibers.

   Source: ANDRESS, Mandy, Exam Cram CISSP, Coriolis, 2001, Chapter 3: Telecommunications and Network Security (page 31).

8. Which SSL version offers client-side authentication?

   • SSL v1
   • SSL v2
   • SSL v3
   • SSL v4
   Explanation:

   Secure Sockets Layer (SSL) is the technology used in most Web-based applications. SSL version 2.0 supports strong authentication of the web server, but the authentication of the client side only comes with version 3.0. SSL v4 is not a defined standard.

   Source: TIPTON, Harold F. & KRAUSE, Micki, Information Security Management Handbook, 4th edition (volume 1), 2000, CRC Press, Chapter 3, Secured Connections to External Networks (page 54).

9. Which of the following protocols is designed to send individual messages securely?

   • Kerberos
   • Secure Electronic Transaction (SET).
   • Secure Sockets Layer (SSL).
   • Secure HTTP (S-HTTP).
   Explanation:

   An early standard for encrypting HTTP documents, Secure HTTP (S-HTTP) is designed to send individual messages securely. SSL is designed to establish a secure connection between two computers. SET was originated by VISA and MasterCard as an Internet credit card protocol using digital signatures. Kerberos is an authentication system.

   Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 89.

10. Secure Electronic Transaction (SET) and Secure HTTP (S-HTTP) operate at which layer of the OSI model?

    • Application Layer.
    • Transport Layer.
    • Session Layer.
    • Network Layer.
    Explanation:

    The Secure Electronic Transaction (SET) and Secure HTTP (S-HTTP) operate at the Application Layer of the Open Systems Interconnect (OSI) model.

    Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 89.

11. In order to ensure the privacy and integrity of the data, connections between firewalls over public networks should use:

    • Screened subnets
    • Digital certificates
    • An encrypted Virtual Private Network
    • Encryption
    Explanation:

    Virtual Private Networks allow a trusted network to communicate with another trusted network over untrusted networks such as the Internet.

    Screened Subnet: A screened subnet is essentially the same as the screened host architecture, but adds an extra strata of security by creating a network which the bastion host resides (often call perimeter network) which is separated from the internal network. A screened subnet will be deployed by adding a perimeter network in order to separate the internal network from the external. This assures that if there is a successful attack on the bastion host, the attacker is restricted to the perimeter network by the screening router that is connected between the internal and perimeter network.

    Digital Certificates: Digital Certificates will be used in the intitial steps of establishing a VPN but they would not provide the encryption and integrity by themselves.

    Encryption: Even thou this seems like a choice that would include the other choices, encryption by itself does not provide integrity mechanims. So encryption would satisfy only half of the requirements of the question.

    Source: TIPTON, Harold F. & KRAUSE, Micki, Information Security Management Handbook, 4th edition (volume 1), 2000, CRC Press, Chapter 3, Secured Connections to External Networks (page 65).

12. Which of the following protocols does not operate at the data link layer (layer 2)?

    • PPP
    • RARP
    • L2F
    • ICMP
    Explanation:ICMP is the only of the mentioned protocols to operate at the network layer (layer 3). Other protocols operate at layer 2.
    Source: WALLHOFF, John, CBK#2 Telecommunications and Network Security (CISSP Study Guide), April 2002 (page 1). 

13. Which of the following statements pertaining to IPSec is incorrect?

    • IPSec can help in protecting networks from some of the IP network attacks.
    • IPSec provides confidentiality and integrity to information transferred over IP networks through transport layer encryption and authentication.
    • IPSec protects against man-in-the-middle attacks.
    • IPSec protects against spoofing.
    Explanation:

    IPSec provides confidentiality and integrity to information transferred over IP networks through network (not transport) layer encryption and authentication. All other statements are correct.

    Source: TIPTON, Harold F. & KRAUSE, Micki, Information Security Management Handbook, 4th edition (volume 1), 2000, CRC Press, Chapter 6, Extranet Access Control Issues (page 110).

14. Which of the following is NOT a characteristic or shortcoming of packet filtering gateways?

    • The source and destination addresses, protocols, and ports contained in the IP packet header are the only information that is available to the router in making a decision whether or not to permit traffic access to an internal network.
    • They don’t protect against IP or DNS address spoofing.
    • They do not support strong user authentication.
    • They are appropriate for medium-risk environment.
    Explanation:

    Packet filtering firewalls use routers with packet filtering rules to grant or deny access based on source address, destination address, and port.

    They offer minimum security but at a very low cost, and can be an appropriate choice for a low-risk environment.

    Source: TIPTON, Harold F. & KRAUSE, Micki, Information Security Management Handbook, 4th edition (volume 1), 2000, CRC Press, Chapter 3, Secured Connections to External Networks (page 60).

15. When a station communicates on the network for the first time, which of the following protocol would search for and find the Internet Protocol (IP) address that matches with a known Ethernet address?

    • Address Resolution Protocol (ARP).
    • Reverse Address Resolution Protocol (RARP).
    • Internet Control Message protocol (ICMP).
    • User Datagram Protocol (UDP).
    Explanation:

    The RARP protocol sends out a packet, which includes its MAC address and a request to be informed of the IP address that should be assigned to that MAC address.

    ARP does the opposite by broadcasting a request to find the Ethernet address that matches a known IP address.

    ICMP supports packets containing error, control, and informational messages (e.g. PING).
    UDP runs over IP and is used primarily for broadcasting messages over a network.

    Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 87.

16. Which of the following protocols’ primary function is to send messages between network devices regarding the health of the network?

    • Reverse Address Resolution Protocol (RARP).
    • Address Resolution Protocol (ARP).
    • Internet Protocol (IP).
    • Internet Control Message protocol (ICMP).
    Explanation:
    Its primary function is to send messages between network devices regarding the health of the network. ARP matches an IP address to an Ethernet address. RARP matches and Ethernet address to an IP address. ICMP runs on top of IP.
    Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 87.

17. Which of the following is used to find the Media Access Control address (MAC) that matches with a known Internet Protocol (IP) address?

    • Address Resolution Protocol (ARP).
    • Reverse Address Resolution Protocol (RARP).
    • Internet Control Message protocol (ICMP).
    • User Datagram Protocol (UDP).
    Explanation:

    ARP is used to find the Media Access Control address (MAC) that matches with a known Internet Protocol (IP) address.

    The Address Resolution Protocol (ARP) is a computer networking protocol for determining a network host’s link layer or hardware address when only its Internet Layer (IP) or Network Layer address is known

    Reverse Address Resolution Protocol (RARP) is used to find the IP address that matches an Ethernet address.

    ICMP is a management protocol and messaging service provider for IP (e.g. PING).
    UDP runs over IP. It is a best effort protocol that offers no reliability. UDS is used for application such as streaming media, voice over IP, the DNS protocol, as well as the Simple Network Management Protocol (SNMP).

    Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 87.
    also see:
    http://en.wikipedia.org/wiki/Address_resolution_protocol

18. Address Resolution Protocol (ARP) interrogates the network by sending out a?

    • broadcast.
    • multicast.
    • unicast.
    • semicast.
    Explanation:
    ARP interrogates the network by sending out a broadcast seeking a network node that has a specific IP address, and asks it to reply with its hardware address. A broadcast message is sent to everyone whether or not the message was requested. A traditional unicast is a “one-to-one” or “narrowcast” message. A multicast is a “one-to-many” message that is traditionally only sent to those machine that requested the information. Semicast is an imposter answer.
    Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 87.

19. Which protocol is used to send email?

    • File Transfer Protocol (FTP).
    • Post Office Protocol (POP).
    • Network File System (NFS).
    • Simple Mail Transfer Protocol (SMTP).
    Explanation:

    Simple Mail Transfer Protocol (SMTP) is a protocol for sending e-mail messages between servers. POP is a protocol used to retrieve e-mail from a mail server. NFS is a TCP/IP client/server application developed by Sun that enables different types of file systems to interoperate regardless of operating system or network architecture. FTP is the protocol that is used to facilitate file transfer between two machines.

    Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 88.

20. What enables a workstation to boot without requiring a hard or floppy disk drive?

    • Bootstrap Protocol (BootP).
    • Reverse Address Resolution Protocol (RARP).
    • Address Resolution Protocol (ARP).
    • Classless Inter-Domain Routing (CIDR).
    Explanation:

    Bootstrap Protocol (BootP) is an Internet Layer protocol that enables a workstation to boot without requiring a hard or floppy disk drive. Reverse Address Resolution Protocol (RARP) is a TCP/IP protocol that permits a physical address, such as an Ethernet address, to be translated into an IP address. Address Resolution Protocol (ARP) is a TCP/IP protocol that permits an IP address to be translated into a physical address. Classless Inter-Domain Routing (CIDR) is a new IP addressing scheme.

    Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 88.