CISSP - Questions with Answers
Advertisement Area

1. Which choice below is NOT an element of a fiber optic cable ?

  1. Core
  2. BNC
  3. Jacket
  4. Cladding

Answer: B

Hint: A BNC refers to a Bayonet Nell Concelman RG58 connector for 10Base2. Fiberoptic cable has three basic physical elements: the core, the cladding, and the jacket. The core is the innermost transission medium, which can be glass or plastic. The next outer layer, the cladding, is also made of glass or plastic,but it has different properties and helps to reflect the light back into the core. The outermost layer, the jacket, provides protection from heat, moisture, and other environmental elements.

2. Which backup method listed below will probably require the backup operator to use the most number of tapes for a complete system restoration if a different tape is used every night in a five-day roation ?

  1. Full
  2. Differental
  3. Incremental
  4. Ad Hoc

Answer: C

Hint: Most backup nethods use the Archive file attribute to determine wheather the file should be backed up. The backup software determines which files need to be backed up by checking to see wheather the Archive file attribute has been set and then resets the Archive bit value to null after the backup procedure. The Incremental backup method backs up only files that have been created or modified since the last backup was made because the Archive file attribute is reset. This can result in the backup operator needing several tapes to do a complete restoration, as every tape with changed files as well as the last full backup tape will need to be restored.

3. To what does 10Base-5 refer ?

  1. 10 Mbps thinnet coax cabling rated to 185 meters maximum length
  2. 10 Mbps thicknet coax cabling rated to 500 meters maximum length
  3. 10 Mbps baseband optical fiber
  4. 100 Mbps unshielded twisted pair cabling

Answer: B

Hint: Answer A refers to 10Base-2; answer C refers to 10Base-F; and answer D refers to 100Base-T.

4. Which LAN transmission method below describes a packet sent from a single source to multiple specific destinations ?

  1. Unicast
  2. Multicast
  3. Broadcast
  4. Anycast

Answer: B

Hint: Answer A, Unicast describes a packet sent from a single source to a single destination. Answer C, Broadcast, describes a packet sent to all nodes on the network segment. Answer D, Anycast, refers to communication between any sender and the nearest of a group of receivers in a network.

5. Which part of the 48-bit, 12-digit hexadecimal number known as the Media Access Control (MAC) address identifies the manufacturer of the network device ?

  1. The first three bytes
  2. Thefirst two bytes
  3. The second half of the MAC address
  4. The last three bytes

Answer: A

Hint: The first three bytes (or first half) of the six-byte MAC address is the manufacture's identifier. This can be a good troubleshooting aid if a network device is acting up, as it will isloate the brand of the failing device. The other answers are distracters.

6. Which choice below BEST describes coaxial cable ?

  1. Coax consists of two insulated wires wrapped around each other in a regular spiral pattern.
  2. Coax consists of a holloe outer cylindrical conductor surrounding a single, inner conductor.
  3. Coax does not require the fixed spacing between connections that UTP requires.
  4. Coax carries signals as light waves.

Answer: B

Hint: Coax consists of a hollow outer cylindrical conductor surrounding a single, inner wire conductor. Answer A describes UTP. Coax requires fixed spacing between connections, and answer D describes liber-optic cable.

7. Which choice below is NOT one of the legal IP address ranges specified by RFC 1976 and reserved by the Internet Assigned Numbers Authority (IANA) for nonroutable private addresses ?

  1. 10.0.0.0 - 10.255.255.255
  2. 127.0.0.0 - 127.0.255.255
  3. 172.16.0.0 - 172.31.255.255
  4. 192.168.0.0 - 192.168.255.255

Answer: B

Hint: The other three address ranges can be used for Network Address Translation (NAT). While NAT is, in itself, not a very effective security measure, a large network can benefit from using NAT with Dynamic Host Configuration Protocol (DHCP) to help prevent certain internal routing information from being exposed. The address 127.0.0.1 is a called the loopback address.

8. Which statement below about the difference between analog and digital signals is incorrect ?

  1. An analog signal produces an infinite waveform.
  2. Analog signals cannot be used for data communications.
  3. An analog signal can be varied by amplification.
  4. A digital signal produces a saw-tooth waveform.

Answer: B

Hint: The other answers are all properties of analog or digital signals.

9. Which choice below acurately describes SSL?

  1. It's a widely used standard of securing email at the Application level.
  2. It gives a user remote access to a command prompt across a secure, encrypted session.
  3. It uses two protocols, the Authentication Header and the Encapsulating Security Payload.
  4. It allows an application to have authenticated encrypted communications across a network.

Answer: D

Hint: The Secure, Socket Layer (SSL) sits between higher-level application functions and the TCP/IP stack and provides security to applications. It includes a variety of encryption algorithms to secure transmitted data, but the functionality must be integrated into the application. Answer A refers to the Secure/Multipurpose Internet Mail Extension (s/MIME). Most major email clients support S/MIME today. Answer B describes Secure Shell (SSH). Answer C refers to IPSec. IPSec enables security to be built directly into the TCP/IP stack, without requiring application modification.

10. Which IEEE protocol defines wireless transmission in the 5 GHz band with data rates up to54 Mbps?

  1. IEEE 802.11a
  2. IEEE 802.11b
  3. IEEE 802.11g
  4. IEEE 802.15

Answer: A

Hint: IEEE 802.11a specifies high-speed wireless connectivity in the 5 GHz band using Orthogonal Frequency Division Multiplexing with data rates up to 54 Mbps. Answer B, IEEE 802.11b, specifies high-speed wireless connectivity in the 2.4.GHz ISM band up to 11 Mbps. Answer C, IEEE 802.11g, is a proposed standard that offers wireless transmission over relatively short distances at speeds from 20 Mbps up to 54 Mbps and operates in the 2.4 GHz range (and is therefore expected to be backward-compatible with existing 802.11b-based networks). Answer D, IEEE 802.15, defines Wireless Personal Area Networks (WPAN), such as Bluetooth, in the 2.4-2.5 GHz band.

11. Which protocol is used to resolve a known IP address to an unknown MAC address ?

  1. ARP
  2. RARP
  3. ICMP
  4. TFTP

Answer: A

Hint: The Address Resolution Protocol (ARP) sends a broadcast asking for the host with a specified IP address to reply with its MAC, or hardware address. This information is kept in the ARP Cache. Answer B, the Reverse Address Resolution Protocol (RARP) is commonly used on diskless machines when the MAC is known, but not the IP address. It asks a RARP server to provide a valid IP address, which is somewhat the reverse of ARP. Answer C, the Internet Control Message Protocol(ICMP) is a management protocol for IP. Answer D, the Trvial File Transfer Protocol(TFTP), is a stripped-down version of the File Transfer Protocol(FTP).

12. Which TCP/IP protocol operates at the OSI NetworkLayer ?

  1. FTP
  2. IP
  3. TCP
  4. UDP

Answer: B

Hint: IP operates at the Network Layer of the OSI model and at the Internet layer of the TCP/IP model. FTP operates at the Application layer of the TCP/IP model, which is roughly similar to the top three layers of the OSI model: the Application, Presentation, and Session Layers. TCP and UDP both operate at the OSI Transport Layer, which is similar to the TCP/IP host-to-host layer.

13. Which statement accurately describes the difference between 802.11b WLAN ad hoc and infrastructure modes ?

  1. The ad hoc mode requires an Access Point to communication to the wired network.
  2. Wireless nodes can communicate peer-to-peer in the infrastructure mode.
  3. Wireless nodes can communicate peer-to-peerin the ad hoc mode.
  4. Access points are rarely used in802.11b WLANs.

Answer: C

Hint: Nodes on an IEEE 802.11b wireless LANs can communicate in one of two modes; ad hoc or infrastructure. In ad hoc mode, the wireless nodes communicate directly with each other, without establishing a connection to an access point on a wired LAN. In infrastructure mode, the wireless nodes communicate to an access point, which operates similarly to a bridge or router and manages traffic between the wireless network and the wired network.

14. Which answer below is true about the difference between TCP and UDP ?

  1. UDP is considered a connectionless protpcol and TCP is connection-oriented.
  2. TCP is considered a connectionless protocol, and UDP is connection-oriented.
  3. UDP acknowledges the receipt of packets, and TCP does not.
  4. TCP is sometimes referred to as an unreliable protocol.

Answer: A

Hint: As opposed to the Transmission Control Protocol (TCP), the User Datagram Protocol (UDP) is a connectionless protocol. It does not sequence the packets or acknowledge the receipt of packets and is referred to as an unreliable protocol.

15. Which choice below denotes a packet-switched connectionless wide area network (WAN) technology?

  1. X 25
  2. Frame Relay
  3. SMDS
  4. ATM

Answer: C

Hint: Switched Multimegabit Data Service (SMDS) is a high-speed, connectionless, packet-switching public network service that extends LAN-like perforance to a metropolitan area network (MAN) or a wide area network (WAN). It's generally delivered over a SONET ring with a maximum effective service radius of around 30 miles. Answer A, X 25, defines an interface to the first commercially successful connection-oriented packet-switching network, in which the packets travel over virtual circuits. Answer B, Frame Relay, was a siccessor to X.25 and offers a connection-oriented packet-switching network. Answer D, Asynchronous Transfer Mode (ATM) was developed from an outgrowth of ISDN standards and is fast-packet, connection-oriented, cell-switching technology.

16. Which answer below is true about the difference between FTP and TFTP?

  1. FTP does not have a directory-browsing capability, whereas TFTP does.
  2. FTP enables print job spooling, whereas TFTP does not.
  3. TFTP is less secure because session authentication does not occur.
  4. FTP is less secure because session authentication does not occur.

Answer: C

Hint: The Trivial File Transfer Protocol (TFTP) is considered less secure than the File Transfer Protocol (FTP) because authentication does not occur during session establishment.

17. Which statement below is correct regarding VLANs?

  1. A VLAN restricts flooding to only those ports included in the VLAN.
  2. A VLAN is a network segmented physically, not logically
  3. A VLAN is less secure when implemented in conjunction with private port switching.
  4. A closed VLAN configuration is the least secure VLAN configuration.

Answer: A

Hint: A virtual local area network (VLAN) allows ports on the same or different switches to be grouped so that traffic is confined to members of that group only, and it restricts broadcast, unicast, and multicast traffic. Answer B is incorrect because a VLAN is segmented logically, rather than physically. Answer C is incorrect. When a VLAN is implemented with private port, or single-user,switching, it provides fairly stringent security because broadcast vulnerabilities are minimized. Answer D is incorrect, as a closed VLAN authenticates a user to an access control list on a central authentication server, where they are assigned authorization parameters to determine their level of network access.

18. Which statement about a VPN tunnel below is incorrect?

  1. It can be created by implementing only IPSec devices.
  2. It can be created by installing software or hardware agents on the client or network.
  3. It can be created by implementing key and certificate exchange systems.
  4. It can be created by implementing node authentication systems.

Answer: A

Hint: IPSec-compatible and non-IPSec compatible devices are used to create VPNs. The other three answers are all ways in ehich VPNs can be created.

19. Which utility below can create a server-spoofing attack?

  1. DNS poisoning
  2. C2MYAZZ
  3. Snort
  4. BO2K

Answer: B

Hint: C2MYAZZ is a utility that enables server spoofing to implement a session hijacking or man-in-the-middle exploit. It intercepts a client LANMAN authentication logon and obtains the session's logon credentials and password combination transparently to the user. Answer A, DNS poisoning, is also known as cache poisoning. It is the process of distributing incorrect IP address information for a specific host with the intent to divert traffic from its true destination. Answer C, Snort, is a utility used for network sniffing. Network sniffing is the process of gathering traffic from a network by capturing the data as it passes and storing it to analyze later. Answer D, Back Orifice 2000 (BO2K), is an application-level Trojan Horse used to give an attacker backdoor network access.

20. What is a server cluster?

  1. A primary server that mirrors its data to a secondary server.
  2. A group of independent servers that are managed as a single system.
  3. A tape array backup implementation.
  4. A group of WORM optical jukeboxes.

Answer: B

Hint: A server cluster is a group of servers that appears to be a single server to the user. Answer A refers to redundant servers.

21. Which attack type below does NOT exploit TCP vulnerabilities?

  1. Sequence Number attack
  2. SYN attack
  3. Ping of Death
  4. land.c attack

Answer: C

Hint: The Ping of Death exploits the fragmentation vulnerability of large ICMP ECHO request packets by sending an illegal packet with more than 65K of data, creating a buffer overflow. Answer A is a TCP sequence number attack, which exploits the nonrandom predictable pattern of TCP connection sequence numbers to spoof a session. Answer B, a TCP SYN attack, is a DoS attack that exploits the TCP three-way handshake. The attacker rapidly generates randomly sourced SYN packets filling the target's connection queue before the connection can timeout. Answer D, land.c attack, is also a DoS attack that exploits TCP SYN packets. The attacker sends a packet that gives both the source and destination as the target's address and uses the same source and destination port.

22. What is probing used for?

  1. To induce a user into taking an incorrect action
  2. To give an attacker a road map of the network
  3. To use up all of a target's resources
  4. To covertly listen to transmissions

Answer: B

Hint: Probing is a procedure whereby the intruder runs programs that scan the network to create a network map for later intrusion. Answer A is spoofing, answer C is the objective of a DoS attack, and answer D describes passive eavesdropping.

23. Which firewell type below uses a dynamic state table to input the content of packets?

  1. A packet-filtering firewall
  2. An application-level firewall
  3. A circuit-level firewall
  4. A stateful-inspection firewall

Answer: D

Hint: A stateful-inspection firewall intercepts incoming packets at the Network level, and then uses an Inspection Engine to extract stste-related information from upper layers. It maintains the information in dynamic state table and evaluates subsequent connection attempts. Answer A, packet-filtering firewall, is the simplest type of firewall commonly implemented on routers. It operates at the Network layer and offers good performance but is the least secure. Answer B, application-level firewall or application-layer gateway, is more secure because it examines the packet at the Application layer but at the expense of performance. Answer C, circuit-level firewall, is similar to the application-level firewall in that it functions as a proxy server, but it differs in that special proxy application software is not needed.

24. To what does logon abuse refer?

  1. Breaking into a network primarily from an external source
  2. Legitimate users accessing network services that would normally be restricted to them
  3. Nonbusiness or personal use of the Internet
  4. Intrusions via dial-up or asynchronous external network connections.

Answer: B

Hint: Logon abuse entails an otherwise proper user attempting to access areas of the network that are deemed off-limits, Answer A is called network intrusion, and D refers to back-door remote access.

25. What type of firewall architecture employs two network cards and a single screeing router ?

  1. A screened-host firewall
  2. A dual-homed host firewall
  3. A screened-subnet firewall
  4. An application-level proxy server

Answer: A

Hint: Like a dual-homed host, a screened-host firewall uses two network cards to connect to the trusted and untrusted networks, but it adds a screening router between the host and the untrusted network. Answer B, dual-homed host, has two NICs but not necessarily a screening router. Answer C, screened-subnet firewall, also uses two NICs but has two screening routers with the host acting as a proxy server on its own network segment. One screening routet controls traffic local to the network while the second monitors and controls incoming and outgoing Internet traffic. Answer D, application-level proxy, is unrelated to this question.

26. To what does covert channel eavesdropping refer ?

  1. Using a hidden, unauthorized network connection to communicate unauthorized information
  2. Nonbusiness or personal use of the Internet
  3. Socially engineering from an ISP
  4. The use of two-factor passwords

Answer: A

Hint: A covert channel is a connection intentionally created to transmit unauthorized information from inside a trusted network to a partner at an outside, untrusted node. Answer C is called masquerading.

27. What is one of the most common drawbacks to using a dual-homed host firewall ?

  1. The examination of the packet at the Network Layer introduces latency.
  2. The examination of the packet at the Application Layer introduces latency.
  3. The ACLs must be manually maintained on the host.
  4. Internet routing may accidentally become enabled.

Answer: D

Hint: A dual-homed host uses two NICs to attach to two separate networks, commonly a trusted network and an untrusted network. It's important that the internal routing function of the host be disabled to create an Application-layer chokepoint and filter packets. Many systems come with routing enabled by default, such as IP forwarding, which makes the firewall useless. The other answers are distracters.

28. What is NOT a property of a bridge ?

  1. Forwards the data to all other segments if the destination is not on the local segment
  2. Operates at Layer 2, the Data Link Layer
  3. Operates at Layer 3, the Network Layer
  4. Can create a broadcast storm

Answer: C

Hint: A bridge operates at Layer 2 and therefore does not use IP addressing to make routing decisions.

29. Which IEEE protocol defines the Spanning Tree protocol ?

  1. IEEE 802.5
  2. IEEE 802.3
  3. IEEE 802.11
  4. IEEE 802.1D

Answer: D

Hint: The 802.ID spanning tree protocol is an Ehernet link-management protocol that provides link redundancy while preventing routing loops. Because only one active path can exist for an Ethernet network to route properly, the STP algorithm calculates and manages the best loop-free path through the network. Answer A, IEEE 802.5, specifies a token-passing ring access method for LANs. Answer B, IEEE 802.3, specifies an Ethernet bus topology using Carrier Sense Multiple Access Control/Carrier Detect (CSMA/CD). Answer C, IEEE 802.11, is the IEEE standard that specifies 1 Mbps and 2 Mbps wireless connectivity in the 2.4 MHz ISM (Industrial, Scientific, Medical) band.

30. What does the Data Encapsulation in the OSI model do ?

  1. Creates seven distint layers
  2. Wraps data fromone layer around a data packet packed from an adjoining layer
  3. Provides best-effort delivery of a data packet
  4. Makes the network transmission deterministic

Answer: B

Hint: Data Encapsulation attaches information from one layer to the packet as it travels from an adjoining layer. The OSI-layered architecture model creates seven layers. The TCP/IP proocol UDP provides best effort packet delivery, and a token-passing transmission scheme creates a deterministic network because it is possible to compute the maximum predictable delay.

31. Which choice below is NOT an element of IPSec ?

  1. Authrntication Header
  2. Layer two Tunneling Protocol
  3. Security Association
  4. Encapsulating Security Payload

Answer: B

Hint: The layer Two Tunneling Protocol (L2TP) is a layer two tunneling protocol that allows a host to establish a virtual connection. Although L2TP, an enhancement to Layer Two Forwarding Protocol (L2F) that supports some features of the Point to Point Tunneling (PPTP), may coexist with IPSec, it is not natively an IPSec component. Answer A, the Authentication Header (AH), is an authenticating protocol that uses a hash signature in the packet header to validate the integrity of the packet data and the authenticity of the sender. Answer C, the Security Association (SA). is a component of the IPSec architecture that contains the information the IPSec device needs to process incoming and outbound IPSec packets. IPSec devices embed a value called the Security Parameter Index (SPI) in the header to associate a datagram with its SA and to store SAs in a Security Association Database (SAD). Answer D, the Encapsulating Security Payload (ESP), is an authenticating and encrypting protocol that provides integrity, source authentication, and confidentiality services.

32. Which network attack below would NOT be considered a Denial of Service attack ?

  1. Ping of Death
  2. SMURF
  3. Brute Force
  4. TCP SYN

Answer: C

Hint: A brute force attack is an attempt to use all combinations of key patterns to decipher a message. The other three attacks are commonly used to create a Denial of Service (DoS). Answer A, Ping of Death, exploits ICMP by sending an illegal ECHO packet of >65K octets of data, which can cause an overflow of system variables and lead to a system crash. Answer B, SMURF, is a type of attack using spoofed ICMP ECHO requests to broadcast addresses, which the routers attempt to propagate, congesting the network. Three participants are required for a SMURF attacker, the amplifying network, and the victim. Answer D, a TCP SYN flood attack, generates phony TCP SYN packets from random IP addresses at a rapid rate to fill up the connection queue and stop the system from accepting legitimate users.

33. Which statement is NOT true about the SOCKS protocol ?

  1. It is sometimes referred to as an application-level proxy.
  2. It uses an ESP for authentication and encryption.
  3. It operates in the Transport Layer of the OSI model.
  4. Network applications need to be SOCKS-ified to operate.

Answer: B

Hint: The Encapsulating Security Payload (ESP) is a component of IPSec. Socket Security (SOCKS) is a Transport layer, secure networking proxy protocol. SOCKS replaces the standard network systems calls with its own calls. These calls open connections to a SOCKS proxy server for client authentication, transparently to the user. Common network utilities, like TELNET or FTP, need to be SOCKS-ified or have their network calls altered to recognize SOCKS proxy calls.

34. Which choice below is NOT a eay to get Window NT passwords ?

  1. Obtain the backup SAM from the repair directory.
  2. Boot the NT server with a floppy containing an alternate operating.
  3. Obtain root access to the /etc/passwd file.
  4. Use pwdump2 to dump the password hashes directly from the registry.

Answer: C

Hint: The /etc/passwd file is a Unix system file. The NT Security Accounts Manager, SAM, contains the usernames and encrypted passwords of all local (and domain, if the server is a domain controller) users. The SAM uses an older, weaker LanManager hash that can be broken easily by tools like L0phtcrack. Physical access to the NT server and the rdisks must be controlled. The "Sam-"file in the repair directory must be deleted after creation of an rdisk. Pwdump and pwdump2 are utilities taht allow someone with Administrator rights to target the Local Security Authority Subsystem, isass.exe, from a remote system.

35. Which type of routing below commonly broadcasts its routing table information to all other routers every minute ?

  1. Static
  2. Distance Vector
  3. Link State
  4. Dynamic Control Protocol

Answer: B

Hint: Distance vector rouing uses the routing information protocol (RIP) to main-tain a dynamic table of routing information that is updated regularly. It is the oldest and most common type of dynamic routing. Answer A, static routing, defines a specific route in a configuration file on the router and does not require the routers to exchange route information dynamically. Answer C, link state routers,functions like distance vector routers, but it uses first-hand information when building routing tables only by maintaining a copy of every other router's Link State Protocol (LSP) frame. This helps to eliminate routing errors and considerably lessens convergence time. Answer D is a distracter.

36. A back door into a network refers to what ?

  1. Socially engineering passwords from a subject
  2. Mechanisms created by hackers to gain network access at a later time.
  3. Undocumented instructions used by programmers to debug applications.
  4. Monitoring programs implemented on dummy applications to lure intruders

Answer: B

Hint: Back doors are very hard to trace, as an intruder will often create several avenues into a network to be exploited later. The only real way to be sure these avenues are closed after an attack is to restore the operating system from the original media, apply the patches, and restore all data and applications. Answer A, social engineering, is a technique used to mainpulate users into revealing information like passwords. Answer C refers to a trap door, which is an undocumented hook into an application to assist programmers with debugging. Although intended innocently, these can be exploited by intruders. Answer D is a "honey pot" or "padded cell". A honey pot uses a dummy server with bogus applications as a decoy for intruders.

37. What is the protocol that supports sending and receiving email ?

  1. SNMP
  2. SMTP
  3. ICMP
  4. RARP

Answer: B

Hint: Simple Mail Transport Protocol (SMTP) queues and transfers email. SNMP stands for Simple Network Management Protocol. ICMP stands for Internet Control Message Protocol. RARP stands for Reverse Address Resolution Protoco.

38. Which protocol below does NOT pertain to email ?

  1. SMTP
  2. POP
  3. CHAP
  4. IMAP

Answer: C

Hint: The Challenge Handshake Authentication Protocol (CHAP) is used at the starup of a remote link to verify the identity of a remote node. Answer A, the Simple Mail Transfer Protocol (RFCs 821 and 1869), is used by a server to deliver email over the Internet. Answer B, the Post Office Protocol (RFC 1939), enables users to read their email by downloading it from a remote server on to their local computer. Answer D, the Internet Message Access Protocol (RFC 2060), allows users to read their email on a remote server without downloading the mail locally.

39. Which choice below does NOT relate to analog dial-up hacking ?

  1. War dialing
  2. War walking
  3. Demon dialing
  4. ToneLoc

Answer: B

Hint: War walking (or war driving) refers to scanning for 802.11-based wireless network information by either driving or walking with a laptop, a wireless adapter in promiscuous mode, some type of scanning software such as NetStumbler or AiroPeek, and a Global Positioning System (GPS). Answer A, war dialing, is a method used to hack into computers by using a software program to automatically call a large pool of telephone numbers to search for those that have a modem attached. Answer C, demon dialing, similar to war dialing, is a tool used to attack one modem using brute force to guess the password and gain access. Answer D, ToneLoc, was one of the first war-dialing tools used by phone phreakers.

40. Which level of RAID is commonly referred to as disk mirroring ?

  1. RAID 0
  2. RAID 1
  3. RAID 3
  4. RAID 5

Answer: B

Hint: Redundant Array of Inexpensive Disks (RAID) is a method of enhancing hard disk fault tolerence, which can improve performance. RAID 1 maintains a complete copy of all data by duplicating each hard drive. Performance can suffer in some implementations of RAID 1, and twice as many drives are required. Novell developed a type of disk mirroring called disk duplexing, which uses multiple disk controller cards,increasing both performance and reliability. Answer A, RAID 0, gives some performance gains by striping the data across multiple drives but reduces fault tolerence, as the failure of any single drive disables the whole volume. Answer C, RAID 3, uses a dedicated error-correction disk called a parity drive, and it stripes the data across the other data drives. Answer D, RAID 5, uses all disks in the array for both data and error correction, increasing both storage capacity and performance.

41. Which choice below is the earliest and the most nommonly found Interior Gateway Protocol ?

  1. RIP
  2. OSPF
  3. IGRP
  4. EAP

Answer: A

Hint: The Routing Information Proocol (RIP) bases its routing path on the distance (number of hops) to the destination. RIP maintains optimum routing paths by sending out routing update messages if the network topology changes. For example, if a router finds that a particular link is faulty, it will update its routing table and then send a copy of the modified table to each of its neighbors. Answer B, the Open Shortest Path First (OSPF), is a link-state hierarchical routing algorithm intended as a successor to RIP. It features least-cost routing, multipath routing, and load balancing. Answer C, the Internet Gateway Routing Protocol (IGRP), is a Cisco protocol that uses a composite metric as its routing metric, including bandwidth, delay, reliability, loading, and maximum transmission unit. Answer D, the Extensible Authentication Protocol (EAP), is a general protocol for PPP authentication that supports multiple remote authentication mechanisms.

42. What is the Network Layer of the OSI reference model primarily responsible for ?

  1. Internetwork packet routing
  2. LAN bridging
  3. SMTP Gateway services
  4. Signal regeneration and repeating

Answer: A

Hint: Although many routers can perform most of the functions above, the OSI Network Layer is primarily responsible for routing. Answer B, bridging, is a Data Link Layer function. Answer C, gateways, most commonly function at the higher layers. Answer D, signal regeneration and repeating, is primarily a Physical Layer function.

43. Which of the following is NOT a true statement about Network Address Translation (NAT)?

  1. NAT is used when corporations want to use private addressing ranges for internal networks.
  2. NAT is designed to mask the true IP addresses of internal systems.
  3. Private addresses can easily be routed globally.
  4. NAT translates private IP addresses to registered "real" IP addresses.

Answer: C

Hint: Private addresses are not easily routable.

44. In the DoD reference model, which layer conforms to the OSI Transport Layer ?

  1. Process/Application Layer
  2. Host-to-Host Layer
  3. Internet Layer
  4. Network Access Layer

Answer: B

Hint: In the DoD reference model, the Host-to-Host layer parallels the function of the OSI's Transport Layer. This layer contains the Transmission Control Protocol (TCP), and the User Datagram Protocol (UDP). Answer A, the DoD Process/Application layer, corresponds to the OSI's top three layers, the Application, Presentation, and Session Layers. Answer C, The DoD Internet layer, corresponds to the OSI's Network Layer, and answer D, the DoD Network Access layer, is the equivalent of the Data Link and Physical Layers of the OSI model.

45. The IP address, 178.22.90.1, is considered to be in which class of address ?

  1. Class A
  2. Class B
  3. Class C
  4. Class D

Answer: B

Hint: The class a address range is 1.0.0.0 to 126.255.255.255. The class B address range is 128.0.0.0 to 191.255.255.255. The class C address range is from 192.0.0.0 to 223.255.255.255. The class D address range is 244.0.0.0 to 239.255.255.255 and is used for multicast packets.

46. What does TFTP stand for ?

  1. Trivial File Transport Protocol
  2. Transport for TCP/IP
  3. Trivial File Transfer Protocol
  4. Transport File Transfer Protocol

Answer: C

Hint: The other acronyms do not exist.

Suggested Read Articles:
Contents/Index
  1. Chapter 1 (30 Questions)
  2. Chapter 2 (30 Questions)
  3. Chapter 3 (46 Questions)
  4. Chapter 4 (35 Questions)
  5. Chapter 5 (34 Questions)
  6. Chapter 6 (30 Questions)
  7. Chapter 7 (30 Questions)
  8. Chapter 8 (32 Questions)
  9. Chapter 9 (30 Questions)
  10. Chapter 10 (30 Questions)
  11. Chapter 11 (30 Questions)
  12. Chapter 12 (30 Questions)
  13. Chapter 13 (30 Questions)
  14. Chapter 14 (30 Questions)
Advertisement Area