|
zzsql
|
 |
« on: March 08, 2010, 09:12:52 PM » |
|
Questions from the practice exam:
CISSP Exam
Domain 2 Questions
Transcender
- What enables remote access users to log in to a network through a shared authentication database:
- RADIUS
- Ou need to solve a traffic problem in a large network. Accounting is flooding the network with a lot of traffic causing the entire network to slow down. What device can eastily and cheaply fix it?
- Bridge (Or switch)
- What OSI layer is #4?
- Transport. Duh.
- What protocol delivers email?
- heh, SMTP
- What function does the session layer of the OSI do?
- Data Synchronization
- Not Logical Net Addressing (2), physical addressing (3) nor routing (3)
- What media access method does 802.11 us?
- CSMA/CA
- Which protocols use UDP?
- NFS, TFTP and SNMP (FTP was in all other answers. = TCP)
- Phreakers attack phone things
- Where on the OSI do routers operate?
- Layer 3 / Network Layer
- Another term for DMZ = Screen Subnet.
- What can TDMA provide? (Duh)
- Protection against eavesdropping of digital cell phone comms.
- 802.11B (Wireless) uses DSSS - Direct Sequence Spread Spectrum
- Not FHSS or OFDM.
- What 802.X standard specifies CSMA/CD
- Buffer oVerflow countermeasures
- Update the software with the latest patches
- T1 Link to support 75 employees with a permanent connection. (Not dial on demand.)
- What do stop and start bits do?
- Mark the end and beginning of asynchronous comms
- Footprint is the area covered by a satellite.
- Reasons for implementing subnets on an IP Network.
- Increase network security
- Reduce congestion.
- Not "configure a greater number of hosts" although that's a valid answer.
- Hubs function at the physical layer. (Extends physical network.)
- Firewalls are used to create DMZs.
- SOCKS is a circuit-level proxy firewall that creates a channel between two computers.
- Hardware Firewalls have fix numbers of interfaces compared to a software firewall.
- PPTP and L2TP.
- L2TP is a combination of PPTP and Cisco's L2F tunneling protocols operating at layer 2.
- Multiprocessing is the ability to use mroe than on CPU to execute code.
- Heh. You send a message with the packet header 135.135.255.255.
- Broadcast your message to all stations on the 135.135 network.
- Authentication ensures that the identity of the remote host is verified.
- Presentation layer for formatting data.
- What technique provides numberous routes to the same destination to provide fault tolerence and increased performance?
- Diverse Routing.
- Not link-state, distance-vector or multiplexing
- SDLC and HDLC are WAN technologies primarily used to enable IBM mainframes to communicate with remote computers.
- SDLC: used on networks with permanent connections.
- HDLC: provides higher throughput by supporint full-duplex transmissions. SDLC doesn't support full duplex.
- Packet-Filtering firewalls only examine the destination address.
- What about MPLS - MultiProtocol Label Switching.
- Dependent on a particular Layer 2 technology.
- QUestion about 128-191 IP Range
- RAID 5 to minimize data loss.
- Network Availability apparently describes dependability and accessibility.
- POrt 1812 is used for RADIUS.
- 16XX and 16XX for TACACS.
- Which technology centralizes authentication, accounting and per-command authoriztion.
- TACACS+
- /etc/hosts.equiv = Allows users to connect remotely without authentication. That sounds bad.
- Router/Switch/Bridge to connect LAN segments together.
- Router needed to route between LAN segments
- What is provided by IPSec in tunnel mode with AH.
- Encapsulated packet that is digitally signed.
- Not encrypted or unencapsulated.
- The DOD TCP/IP OSI Model, Transport layer equatesA to the host-to-host layer.
- Know the generations of firewalls.
1. Packet filtering
2. Proxy Firewall (? Not sure that's right.)
- ADSL: Async DSL means higher downloads than up. (Hence "async")
- Proxy FIrewalls "Hides a packets true origin". (Rewrites SRC IP Address.)
- Ports 0-1023 are Well-known-ports.
- Class B networks can support how many hosts and why?
- 65,534. (65,536 = 2, one for NetID and one for Broadcast.)
- Honeypot on the DMZ to attract attackers.
- Max number of hosts on 208.15.208.0?
- Well, that's a class C (Default)
- Class C network, 254 total hosts.
- Datagram is the name for a message that has a network layer header added.
- AH protol in tunnel mode.
- used to digitally sign and encapsulate each packet as with VPN.
- ATM uses cell switching.
- IP, mask, DG to talk.
- hosts in the DMZ be a "bastion host".
- A hardened host.
- Protocoll field number of 115?
- I guessed L2TP and was right.
- TCP and UDP are lower nmbers.
- ICMP didn't sound right.
- Network layer = path selection and logical addressing.
- Not physical
- Network layer Firewalls:
- Stateful and packet-filtering firewall.
- Characteristics of 100Base-Tx:
- 100 Mbps
- Two pair cables
- 100 Meters max segment
- EAP authenticates remote users with smart cards.
- The highest OSI layer firewall most negatively impacts traffic speed.
- Application layer proxy firewalls
- 802.5 is Toekn Ring.
- 802.1: LAN/MAN Bridging
- 802.2: LLC
- 802.3: Ethernet
- 802.4: TOken Bus
- 802.5: Token RIng
- 802.6: Metro Area Net
- 802.7: Broadband LAN
- 802.8: Fiber-Optic Technical advisory group
- 802.9: Voice and data networks
- 802.10: Network security
- 802.11: Wireless
- 802.12: Demand priority access lAN
- BRI ISDN D channel = 16 Kbps.
- B (bearer) = 64.
- Other
|
Author
