Mike Chapple

(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests


Скачать книгу

optic

      79 Rich wants to connect his network to a building a half-mile away from his current location. There are trees and terrain features along the way, but a road passes between the trees to the other location. What type of transmission media is best suited to this type of deployment?Ethernet cable with repeaters every 200 to 300 yardsA WiFi directional antennaFiber-optic cableA LiFi system

      80 What challenge is most common for endpoint security system deployments?CompromisesThe volume of dataMonitoring encrypted traffic on the networkHandling non-TCP protocols

      81 What type of address is 127.0.0.1?A public IP addressAn RFC 1918 addressAn APIPA addressA loopback address

      82 Susan is writing a best practices statement for her organizational users who need to use Bluetooth. She knows that there are many potential security issues with Bluetooth and wants to provide the best advice she can. Which of the following sets of guidance should Susan include?Use Bluetooth's built-in strong encryption, change the default PIN on your device, turn off discovery mode, and turn off Bluetooth when it's not in active use.Use Bluetooth only for those activities that are not confidential, change the default PIN on your device, turn off discovery mode, and turn off Bluetooth when it's not in active use.Use Bluetooth's built-in strong encryption, use extended (eight digits or longer) Bluetooth PINs, turn off discovery mode, and turn off Bluetooth when it's not in active use.Use Bluetooth only for those activities that are not confidential, use extended (eight digits or longer) Bluetooth PINs, turn off discovery mode, and turn off Bluetooth when it's not in active use.

      83 What type of networking device is most commonly used to assign endpoint systems to VLANs?FirewallRouterSwitchHub

      84 Steve has been tasked with implementing a network storage protocol over an IP network. What storage-centric converged protocol is he likely to use in his implementation?MPLSFCoESDNVoIP

      85 Michelle is told that the organization that she is joining uses an SD-WAN controller architecture to manage their WAN connections. What can she assume about how the network is managed and controlled? (Select all that apply.)The network uses predefined rules to optimize performance.The network conducts continuous monitoring to support better performance.The network uses self-learning techniques to respond to changes in the network.All connections are managed by the organization's primary internet service provider.

      86 Which of the following shows the layers of the OSI model in correct order, from layer 1 to layer 7? Place the layers of the OSI model shown here in the appropriate order, from layer 1 to layer 7.Layer 1 = Data Link; Layer 2 = Physical; Layer 3 = Network; Layer 4 = Transport; Layer 5 = Session; Layer 6 = Presentation; Layer 7 = ApplicationsLayer 1 = Physical; Layer 2 = Data Link; Layer 3 = Network; Layer 4 = Transport; Layer 5 = Session; Layer 6 = Presentation; Layer 7 = Applications Layer 1 = Physical; Layer 2 = Data Link; Layer 3 = Network; Layer 4 = Transport; Layer 5 = Session; Layer 6 = Applications; Layer 7 = PresentationLayer 1 = Physical; Layer 2 = Data Link; Layer 3 = Network; Layer 4 = Session; Layer 5 = Transport; Layer 6 = Presentation; Layer 7 = Applications

      87 Valerie enables port security on the switches on her network. What type of attack is she most likely trying to prevent?IP spoofingMAC aggregationCAM table floodingVLAN hopping

      88 Alaina wants to ensure that systems are compliant with her network security settings before they are allowed on the network and wants to ensure that she can test and validate system settings as possible. What type of NAC system should she deploy?A pre-admit, clientless NAC systemA postadmission, client-based NAC systemA pre-admit, client-based NAC systemA postadmission, clientless NAC system

      89 Derek wants to deploy redundant core routers, as shown in the diagram. What model of high availability clustering will provide him with the greatest throughput?Active/activeLine interactiveActive/passiveNearline

      90 Angela needs to choose between the following protocols for secure authentication and doesn't want to create unneeded technical complexity. Which authentication protocol should she choose and why?EAP, because it provides strong encryption by defaultLEAP, because it provides frequent reauthentication and changing of WEP keys PEAP, because it provides encryption and doesn't suffer from the same vulnerabilities that LEAP doesEAP-TLS

      91 What is a frequent concern for systems that require high-performing internet connectivity when satellite internet is the only available option?SecurityCompatibility with protocols like LiFiCompatibility with protocols like ZigbeeLatency

      92 What layer of an SDN implementation uses programs to communicate needs for resources via APIs?The data planeThe control planeThe application planeThe monitoring plane

      93 Which of the following is not a drawback of multilayer protocols?They can allow filters and rules to be bypassed.They can operate at higher OSI levels.They can allow covert channels.They can allow network segment boundaries to be bypassed.

      94 Place the following layers of the TCP/IP model in order, starting with the Application layer and moving down the stack.Application layerNetwork Access layerInternet layerTransport layer1, 2, 3, 41, 4, 2, 31, 4, 3, 24, 1, 3, 2

      95 What is the maximum speed that Category 5e cable is rated for?5 Mbps10 Mbps100 Mbps1000 Mbps

      96 What are two primary advantages that 5G networks have over 4G networks? (Select all that apply.)Anti-jamming featuresEnhanced subscriber identity protectionMutual authentication capabilitiesMultifactor authentication

      97 What function does VXLAN perform in a data center environment?It removes limitations due to maximum distance for Ethernet cables.It allows multiple subnets to exist in the same IP space with hosts using the same IP addresses.It tunnels layer 2 connections over a layer 3 network, stretching them across the underlying layer 3 network.All of the above

      98 Chris is setting up a hotel network and needs to ensure that systems in each room or suite can connect to each other, but systems in other suites or rooms cannot. At the same time, he needs to ensure that all systems in the hotel can reach the internet. What solution should he recommend as the most effective business solution?Per-room VPNsVLANsPort securityFirewalls

      99 During a forensic investigation, Charles is able to determine the Media Access Control (MAC) address of a system that was connected to a compromised network. Charles knows that MAC addresses are tied back to a manufacturer or vendor and are part of the fingerprint of the system. To which OSI layer does a MAC address belong?The Application layerThe Session layerThe Physical layerThe Data Link layer

      100 Mikayla is reviewing her organization's VoIP environment configuration and finds a diagram that shows the following design. What concern should she express?The voice connection is unencrypted and could be listened to.There are no security issues in this diagram.The session initialization connection is unencrypted and could be viewed.Both the session initialization and voice data connection are unencrypted and could be captured and analyzed.

       SUBDOMAINS:

       5.1 Control physical and logical access to assets

       5.2 Manage identification and authentication of people, devices, and services

       5.3 Federated identity with a third-party service

       5.4 Implement and manage authorization mechanisms

       5.5 Manage the identity and access provisioning lifecycle

       5.6 Implement authentication systems

      1 Which of the following is best described as an access control model that focuses on subjects and identifies the objects that each subject can access?An access control listAn implicit denial listA capability tableA rights management matrix

      2 Jim's organization-wide implementation of IDaaS offers broad support for cloud-based applications. Jim's company does not have internal identity management staff and does not use centralized identity services. Instead, they rely upon Active Directory for AAA services. Which of the following options should Jim recommend to best handle the company's on-site identity