Mike Chapple - (ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests

17 Ben has configured his network to not broadcast an SSID. Why might Ben disable SSID broadcast, and how could his SSID be discovered?Disabling SSID broadcast prevents attackers from discovering the encryption key. The SSID can be recovered from decrypted packets.Disabling SSID broadcast hides networks from unauthorized personnel. The SSID can be discovered using a wireless sniffer.Disabling SSID broadcast prevents issues with beacon frames. The SSID can be recovered by reconstructing the BSSID.Disabling SSID broadcast helps avoid SSID conflicts. The SSID can be discovered by attempting to connect to the network.

18 What network tool can be used to protect the identity of clients while providing Internet access by accepting client requests, altering the source addresses of the requests, mapping requests to clients, and sending the modified requests out to their destination?A switchA proxyA routerA firewall

19 Susan wants to secure her communications traffic via multiple internet service providers as it is sent to her company's second location. What technology should she use to protect the traffic for an always on, always connected link between the sites?FCoESDWAN A point-to-point IPsec VPNZigbee

20 Melissa wants to combine multiple physical networks in her organization in a way that is transparent to users but allows the resources to be allocated as needed for networked services. What type of network should she deploy?iSCSIA virtual networkSDWANA CDN

21 Which email security solution provides two major usage modes: (1) signed messages that provide integrity, sender authentication, and nonrepudiation; and (2) an enveloped message mode that provides integrity, sender authentication, and confidentiality?S/MIMEMOSSPEMDKIM

22 During a security assessment, Jim discovers that the organization he is working with uses a multilayer protocol to handle SCADA systems and recently connected the SCADA network to the rest of the organization's production network. What concern should he raise about serial data transfers carried via TCP/IP?SCADA devices that are now connected to the network can now be attacked over the network.Serial data over TCP/IP cannot be encrypted.Serial data cannot be carried in TCP packets.TCP/IP's throughput can allow for easy denial-of-service attacks against serial devices.

23 Ben provides networking and security services for a small chain of coffee shops. The coffee shop chain wants to provide secure, free wireless for customers. Which of the following is the best option available to Ben to allow customers to connect securely to his wireless network without needing a user account if Ben does not need to worry about protocol support issues?Use WPA2 in PSK mode.Use WPA3 in SAE mode.Use WPA2 in Enterprise mode.Use a captive portal.

24 Alicia's company has implemented multifactor authentication using SMS messages to provide a numeric code. What is the primary security concern that Alicia may want to express about this design?SMS messages are not encrypted.SMS messages can be spoofed by senders.SMS messages may be received by more than one phone.SMS messages may be stored on the receiving phone.

25 What speed and frequency range are used by 802.11n?5 GHz only900 MHz and 2.4 GHz2.4 GHz and 5 GHz2.4 GHz only

26 The Address Resolution Protocol (ARP) and the Reverse Address Resolution Protocol (RARP) operate at what layer of the OSI model?Layer 1Layer 2Layer 3Layer 4

27 Which of the following is a converged protocol that allows storage mounts over TCP, and which is frequently used as a lower-cost alternative to Fibre Channel?MPLSSDNVoIPiSCSI

28 Chris is building an Ethernet network and knows that he needs to span a distance of more than 150 meters with his 1000BaseT network. What network technology should he use to help with this?Install a repeater, a switch, or a concentrator before 100 meters.Use Category 7 cable, which has better shielding for higher speeds.Install a gateway to handle the distance.Use STP cable to handle the longer distance at high speeds.For questions 29–31, please refer to the following scenario and diagram:Selah's organization has used a popular messaging service for a number of years. Recently, concerns have been raised about the use of messaging.

29 What protocol is the messaging traffic most likely to use based on the diagram?SLACKHTTPSMTPHTTPS

30 What security concern does sending internal communications from A to B raise?The firewall does not protect system B.System C can see the broadcast traffic from system A to B.It is traveling via an unencrypted protocol.Messaging does not provide nonrepudation.

31 How could Selah's company best address a desire for secure messaging for users of internal systems A and C?Use a third-party messaging service.Implement and use a locally hosted service.Use HTTPS.Discontinue use of messaging and instead use email, which is more secure.

32 Which of the following drawbacks is a concern when multilayer protocols are allowed?A range of protocols may be used at higher layers.Covert channels are allowed.Filters cannot be bypassed.Encryption can't be incorporated at multiple layers.

33 Which of the following is not an example of a converged protocol?MIMEFCoEiSCSIVoIP

34 Chris uses a cellular hot spot to provide internet access when he is traveling. If he leaves the hot spot connected to his PC while his PC is on his organization's corporate network, what security issue might he cause?Traffic may not be routed properly, exposing sensitive data.His system may act as a bridge from the internet to the local network.His system may be a portal for a reflected DDoS attack.Security administrators may not be able to determine his IP address if a security issue occurs.

35 In her role as an information security professional, Susan has been asked to identify areas where her organization's wireless network may be accessible even though it isn't intended to be. What should Susan do to determine where her organization's wireless network is accessible?A site surveyWarwalkingWardrivingA design map

36 What features can IPsec provide for secure communication?Encryption, access control, nonrepudiation and message authenticationProtocol convergence, content distribution, micro-segmentation, and network virtualizationEncryption, authorization, nonrepudiation, and message integrity checkingMicro-segmentation, network virtualization, encryption, and message authentication

37 Casey has been asked to determine if Zigbee network traffic can be secured in transit. What security mechanism does Zigbee use to protect data traffic?3DES encryptionAES encryption ROT13 encryptionBlowfish encryption

38 Sue modifies her MAC address to one that is allowed on a network that uses MAC filtering to provide security. What is the technique Sue used, and what nonsecurity issue could her actions cause?Broadcast domain exploit, address conflictSpoofing, token lossSpoofing, address conflictSham EUI creation, token loss

39 Joanna wants to deploy 4G LTE as an out-of-band management solution for devices at remote sites. Which of the following security capabilities is not commonly available from 4G service providers?Encryption capabilitiesDevice-based authenticationDedicated towers and antennas for secure service subscribersSIM-based authentication

40 SMTP, HTTP, and SNMP all occur at what layer of the OSI model?Layer 4Layer 5Layer 6Layer 7

41 Melissa uses the ping utility to check whether a remote system is up as part of a penetration testing exercise. If she does not want to see her own ping packets, what protocol should she filter out from her packet sniffer's logs?UDPTCPIPICMP

42 Selah wants to provide port-based authentication on her network to ensure that clients must authenticate before using the network. What technology is an appropriate solution for this requirement?802.11a802.3802.15.1802.1x