《CISSP 电信题目.doc》由会员分享,可在线阅读,更多相关《CISSP 电信题目.doc(8页珍藏版)》请在金锄头文库上搜索。
1、通信安全知识域练习题1. Which of the following does not allow for a workstation to get an IP address assigned?a) BOOTPb) RARPc) DHCPd) ICMP2. A Wide Area Network (WAN) may be privately operated for a specific user community, may support multiple communication protocols, or may provide network connectivity and
2、services via:a) interconnected network segments (extranets, internets, and Virtual Private Networks).b) interconnected netBIOS segments (extranets, intranets, and Virtual Private Networks).c) interconnected netBIOS segments (extranets, internets, and Virtual Private Networks).d) interconnected netwo
3、rk segments (extranets, intranets, and Virtual Private Networks).3. A proxy server should:a) Be connected directly to the external network.b) Have routing enabled.c) Be located behind a firewall.d) Allow access from external clients.4. Which of the following is true of Network-based ID systems?a) Th
4、ey commonly reside on a discrete network segment and monitor the traffic on that network segment.b) They commonly will not reside on a discrete network segment and monitor the traffic on that network segment.c) They commonly reside on a discrete network segment but do not monitor the traffic on that
5、 network segment.d) They commonly do not reside on a discrete network segment and monitor the traffic on that network segment.5. Which of the following error correction methods is more effective when bursts of errors may be present?a) Parity checkb) Cyclic redundancy checkc) Block sum checkd) Block
6、chaining check6. Which of the following describe elements that create reliability and stability in networks and systems and which assures that connectivity is accessible when needed?a) Availabilityb) Acceptabilityc) confidentialityd) Integrity7. In stateful inspection firewalls, packets are queued a
7、nd then:a) accessed at only one Open Systems Interconnect (OSI) layer.b) analyzed at all Open Systems Interconnect (OSI) layers.c) decapsulated at all Open Systems Interconnect (OSI) layers.d) encapsulated at all Open Systems Interconnect (OSI) layers.8. There is no good logical reason for not using
8、 a DMZ:a) If a company decides not to use one, they are ignorant of security risks or theyre just careless.b) If a company decides not to use one, they must have no Extranet connectionsc) If a company decides to use one, they must have only wireless connections.d) If a company decides not to use one
9、, they HAVE A GOOD REASON as DMZ are useless9. Which cable technology refers to the CAT3 and CAT5 categories?a) Coaxial cablesb) Fiber Optic cablesc) Axial cablesd) Twisted Pair cables10. Which backup method is used if time and tape space is at an extreme premium?a) Incremental backup method.b) Diff
10、erential backup method.c) Full backup method.d) Tape backup method.D D C A B A B A D A11. A TCP SYN attack:a) requires a synchronized effort by multiple attackers.b) takes advantage of the way a TCP session is established.c) may result in elevation of privileges.d) is not something system users woul
11、d notice.B12. How would an IP spoofing attack be best classified?a) Session hijacking attackb) Passive attackc) Fragmentation attackd) Sniffing attackA13. Which of the following NAT firewall translation modes allows a large group of internal clients to share a single or small group of internal IP ad
12、dresses for the purpose of hiding their identities?a) Static translationb) Load balancing translationc) Network redundancy translationd) Dynamic translationD14. The general philosophy for DMZs is that:a) any system on the DMZ can be compromized because its accessible from the Internet.b) any system
13、on the DMZ cannot be compromized because its not accessible from the Internet.c) some systems on the DMZ can be compromized because they are accessible from the Internet.d) any system on the DMZ cannot be compromized because its by definition 100 percent safe and not accessible from the Internet.A15
14、. A packet filtering firewall looks at the data packet to get information about the source and destination addresses of an incoming packet, the sessions communications protocol (TCP, UDP, or ICMP), and the source and destination application port for the:a) desired service.b) dedicated service.c) del
15、ayed service.d) distributed service.A16. CAT3 is an older specification with a:a) longer effective distance.b) shorter effective distance.c) longer effective strength.d) higher EMI protection.B17. Which of the following is true related to network sniffing?a) Sniffers allow an attacker to monitor data passing across a network.b) Sniffers alter the source address of a computer to disguise and exploit weak authentication methods.c) Sniffers take over network connections.d) Sniffers send IP fragments to a system that overlap with each other.A18. Which of the following includes noti
