Mike Chapple - (ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests

43 Ben has deployed a 1000BaseT gigabit network and needs to run a cable across a large building. If Ben is running his link directly from a switch to another switch in that building, what is the maximum distance Ben can cover according to the 1000BaseT specification?2 kilometers500 meters185 meters100 meters

44 What security control does MAC cloning attempt to bypass for wired networks?Port securityVLAN hopping802.1q trunkingEtherkiller prevention

45 The company that Kathleen works for has moved to remote work for most employees and wants to ensure that the multimedia collaboration platform that they use for voice, video, and text-based collaboration is secure. Which of the following security options will provide the best user experience while providing appropriate security for communications?Require software-based VPN to the corporate network for all use of the collaboration platform.Require the use of SIPS and SRTP for all communications.Use TLS for all traffic for the collaboration platform.Deploy secure VPN endpoints to each remote location and use a point-to-point VPN for communications.

46 Chris wants to use a low-power, personal area network wireless protocol for a device he is designing. Which of the following wireless protocols is best suited to creating small, low-power devices that can connect to each other at relatively short distances across buildings or rooms?WiFiZigbeeNFCInfrared

47 Which of the following options includes standards or protocols that exist in layer 6 of the OSI model?NFS, SQL, and RPCTCP, UDP, and TLSJPEG, ASCII, and MIDIHTTP, FTP, and SMTP

48 Cameron is worried about distributed denial-of-service attacks against his company's primary web application. Which of the following options will provide the most resilience against large-scale DDoS attacks?A CDNIncreasing the number of servers in the web application server clusterContract for DDoS mitigation services via the company's ISPIncreasing the amount of bandwidth available from one or more ISPs

49 There are four common VPN protocols. Which group listed contains all of the common VPN protocols?PPTP, LTP, L2TP, IPsecPPP, L2TP, IPsec, VNCPPTP, L2F, L2TP, IPsecPPTP, L2TP, IPsec, SPAP

50 Wayne wants to deploy a secure voice communication network. Which of the following techniques should he consider? (Select all that apply.)Use a dedicated VLAN for VoIP phones and devices.Require the use of SIPS and SRTP.Require the use of VPN for all remote VoIP devices.Implement a VoIP IPS.

51 Which OSI layer includes electrical specifications, protocols, and interface standards?The Transport layerThe Device layerThe Physical layerThe Data Link layer

52 Ben is designing a WiFi network and has been asked to choose the most secure option for the network. Which wireless security standard should he choose?WPA2WPAWEPWPA3

53 Kathleen has two primary locations in a town and wants the two environments to appear like the same local network. Each location has a router, switches, and wireless access points deployed to them. What technology would best work to allow her to have the two facilities appear to be on the same network segment?SDWANVXLAN VMWANiSCSI

54 Segmentation, sequencing, and error checking all occur at what layer of the OSI model that is associated with SSL, TLS, and UDP?The Transport layerThe Network layerThe Session layerThe Presentation layer

55 The Windows ipconfig command displays the following information:BC-5F-F4-7B-4B-7DWhat term describes this, and what information can usually be gathered from it?The IP address, the network location of the systemThe MAC address, the network interface card's manufacturerThe MAC address, the media type in useThe IPv6 client ID, the network interface card's manufacturer

56 Chris has been asked to choose between implementing PEAP and LEAP for wireless authentication. What should he choose, and why?LEAP, because it fixes problems with TKIP, resulting in stronger securityPEAP, because it implements CCMP for securityLEAP, because it implements EAP-TLS for end-to-end session encryptionPEAP, because it can provide a TLS tunnel that encapsulates EAP methods, protecting the entire session

57 Ben is troubleshooting a network and discovers that the NAT router he is connected to has the 192.168.x.x subnet as its internal network and that its external IP is 192.168.1.40. What problem is he encountering?192.168.x.x is a nonroutable network and will not be carried to the internet.192.168.1.40 is not a valid address because it is reserved by RFC 1918.Double NATing is not possible using the same IP range.The upstream system is unable to de-encapsulate his packets, and he needs to use PAT instead.

58 What is the default subnet mask for a Class B network?255.0.0.0255.255.0.0255.254.0.0255.255.255.0

59 Jim's organization uses a traditional PBX for voice communication. What is the most common security issue that its internal communications are likely to face, and what should he recommend to prevent it?Eavesdropping, encryptionMan-in-the-middle attacks, end-to-end encryptionEavesdropping, physical securityWardialing, deploy an IPS

60 What technical difference separates wireless communication via WiFi and LiFi?LiFi is not susceptible to electromagnetic interference.LiFi cannot be used to deliver broadband speeds.WiFi is not susceptible to electromagnetic interference.WiFi cannot be used to deliver broadband speeds.

61 Selah's organization has deployed VoIP phones on the same switches that the desktop PCs are on. What security issue could this create, and what solution would help?VLAN hopping; use physically separate switches.VLAN hopping; use encryption.Caller ID spoofing; MAC filtering.Denial-of-service attacks; use a firewall between networks.For questions 62–65, please refer to the following scenario:Susan is designing her organization's new network infrastructure for a branch office.

62 Susan wants to use a set of nonroutable IP addresses for the location's internal network addresses. Using your knowledge of secure network design principles and IP networking, which of the following IP ranges are usable for that purpose? (Select all that apply.)172.16.0.0/12192.168.0.0/16128.192.0.0/2410.0.0.0/8

63 Susan knows that she will need to implement a WiFi network for her customers and wants to gather information about the customers, such as their email address, without having to provide them with a wireless network password or key. What type of solution would provide this combination of features?NACA captive portalPre-shared keysWPA3's SAE mode

64 With her wireless network set up, Susan moves on to ensuring that her network will remain operational even if disruptions occur. What is the simplest way she can ensure that her network devices, including her router, access points, and network switches, stay on if a brownout or other temporary power issue occurs?Purchase and install a generator with an automatic start.Deploy dual power supplies for all network devices.Install UPS systems to cover all network devices that must remain online.Contract with multiple different power companies for redundant power.

65 Susan wants to provide 10 gigabit network connections to devices in the facility where the new branch will operate. What connectivity options does she have for structured wiring that can meet those speeds? (Select all that apply.)Cat5eFiberCat6Coaxial cable

66 Data streams occur at what three layers of the OSI model?Application, Presentation, and SessionPresentation, Session, and TransportPhysical, Data Link, and NetworkData Link, Network, and Transport

67 Lucca wants to protect endpoints that are in production use but that are no longer supported and cannot be patched from network attacks. What should he do to best protect these devices?Install a firewall on the device.Disable all services and open ports on the devices.Place a hardware network security device in front of the devices.Unplug the devices from the network because they cannot be properly secured.