[计算机类试卷]CISSP认证考试(通信安全与网络安全)模拟试卷1及答案与解析.doc
《[计算机类试卷]CISSP认证考试(通信安全与网络安全)模拟试卷1及答案与解析.doc》由会员分享,可在线阅读,更多相关《[计算机类试卷]CISSP认证考试(通信安全与网络安全)模拟试卷1及答案与解析.doc(36页珍藏版)》请在麦多课文档分享上搜索。
1、CISSP认证考试(通信安全与网络安全)模拟试卷 1及答案与解析 1 Layer 2 of the OSI model has two sublayers. What are those sublayers, and what are two IEEE standards that describe technologies at that layer? ( A) LCL and MAC; IEEE 802.2 and 802.3 ( B) LCL and MAC; IEEE 802.1 and 802.3 ( C) Network and MAC; IEEE 802.1 and 802.3
2、( D) LLC and MAC; IEEE 802.2 and 802.3 2 Which of the following is not an effective countermeasure against spam? ( A) Open mail relay servers ( B) Properly configured mail relay servers ( C) Filtering on an e-mail gateway ( D) Filtering on the client 3 Robert is responsible for implementing a common
3、 architecture used when customers need to access confidential information through Internet connections. Which of the following best describes this type of architecture? ( A) Two-tiered model ( B) Screened subnet ( C) Three-tiered model ( D) Public and private DNS zones 4 Two commonly used networking
4、 protocols are TCP and UPD. Which of the following correctly describes the two? ( A) TCP provides best-effort delivery, and UDP sets up a virtual connection with the destination. ( B) TCP provides more services and is more reliable in data transmission, whereas UDP takes less resources and overhead
5、to transmit data. ( C) TCP provides more services and is more reliable, but UDP provides more security services. ( D) TCP is reliable, and UDP deals with flow control and ACKs. 5 Which of the following indicates to a packet where to go and how to communicate with the right service or protocol on the
6、 destination computer? ( A) Socket ( B) IP address ( C) Port ( D) Frame 6 Several different tunneling protocols can be used in dial-up situations. Which of the following would be best to use as a VPN tunneling solution? ( A) L2P ( B) PPTP ( C) IPSec ( D) L2TP 7 Which of the following correctly descr
7、ibes Bluejacking? ( A) Bluejacking is a harmful, malicious attack. ( B) It is the process of taking over another portable device via a Bluetoothenabled device. ( C) It is commonly used to send contact information. ( D) The term was coined by the use of a Bluetooth device and the act of hijacking ano
8、ther device. 8 DNS is a popular target for attackers due to its strategic role on the Internet. What type of attack uses recursive queries to poison the cache of a DNS server? ( A) DNS spoofing ( B) Manipulation of the hosts file ( C) Social engineering ( D) Domain litigation 9 IP telephony networks
9、 require the same security measures as those implemented on an IP data network. Which of the following is unique to IP telephony? ( A) Limiting IP sessions going through media gateways ( B) Identification of rogue devices ( C) Implementation of authentication ( D) Encryption of packets containing se
10、nsitive information 10 Cross-site scripting (XSS) is an application security vulnerability usually found in Web applications. What type of XSS vulnerability occurs when a victim is tricked into opening a URL programmed with a rogue script to steal sensitive information? ( A) Persistent XSS vulnerabi
11、lity ( B) Nonpersistent XSS vulnerability ( C) Second-order vulnerability ( D) DOM-based vulnerability 11 Angela wants to group together computers by department to make it easier for them to share network resources. Which of the following will allow her to group computers logically? ( A) VLAN ( B) O
12、pen network architecture ( C) Intranet ( D) VAN 12 Which of the following incorrectly describes how routing commonly takes place on the Internet? ( A) EGP is used in the areas “between“ each AS. ( B) Regions of nodes that share characteristics and behaviors are called ASs. ( C) CAs are specific node
13、s that are responsible for routing to nodes outside of their region. ( D) Each AS uses IGP to perform routing functionality. 13 Both de facto and proprietary interior protocols are in use today. Which of the following is a proprietary interior protocol that chooses the best path between the source a
14、nd destination? ( A) IGRP ( B) RIP ( C) BGP ( D) OSPF 14 Which of the following categories of routing protocols builds a topology database of the network? ( A) Dynamic ( B) Distance-vector ( C) Link-state ( D) Static 15 Which of the following does not describe IP telephony security? ( A) VoIP networ
15、ks should be protected with the same security controls used on a data network. ( B) Softphones are more secure than IP phones. ( C) As endpoints, IP phones can become the target of attacks. ( D) The current Internet architecture over which voice is transmitted is less secure than physical phone line
16、s. 16 When an organization splits naming zones, the names of its hosts that are only accessible from an intranet are hidden from the Internet. Which of the following best describes why this is done? ( A) To prevent attackers from accessing servers ( B) To prevent the manipulation of the hosts file (
17、 C) To avoid providing attackers with valuable information that can be used to prepare an attack ( D) To avoid providing attackers with information needed for cybersquatting 17 Which of the following best describes why e-mail spoofing is easily executed? ( A) SMTP lacks an adequate authentication me
18、chanism. ( B) Administrators often forget to configure an SMTP server to prevent inbound SMTP connections for domains it doesnt serve. ( C) Keyword filtering is technically obsolete. ( D) Blacklists are undependable. 18 Which of the following is not a benefit of VoIP? ( A) Cost ( B) Convergence ( C)
19、 Flexibility ( D) Security 19 Today, satellites are used to provide wireless connectivity between different locations. What two prerequisites are needed for two different locations to communicate via satellite links? ( A) They must be connected via a phone line and have access to a modem. ( B) They
20、must be within the satellites line of site and footprint. ( C) They must have broadband and a satellite in low Earth orbit. ( D) They must have a transponder and be within the satellites footprint. 20 Brad is a security manager at Thingamabobs Inc. He is preparing a presentation for his companys exe
21、cutives on the risks of using instant messaging (IM) and his reasons for wanting to prohibit its use on the company network. Which of the following should not be included in his presentation? ( A) Sensitive data and files can be transferred from system to system over IM. ( B) Users can receive infor
22、mation including malware from an attacker posing as a legitimate sender. ( C) IM use can be stopped by simply blocking specific ports on the network firewalls. ( D) A security policy is needed specifying IM usage restrictions. 21 There are several different types of authentication technologies. Whic
23、h type is being shown in the graphic that follows?( A) 802. lx ( B) Extensible Authentication Protocol ( C) Frequency hopping spread spectrum ( D) Orthogonal frequency-division multiplexing 22 What type of security encryption component is missing from the table that follows?( A) Service Set ID ( B)
24、Temporal Key Integrity Protocol ( C) Ad hoc WLAN ( D) Open system authentication 23 What type of technology is represented in the graphic that follows? ( A) Asynchronous Transfer Mode ( B) Synchronous Optical Networks ( C) Frequency-division multiplexing ( D) Multiplexing 24 What type of telecommuni
- 1.请仔细阅读文档,确保文档完整性,对于不预览、不比对内容而直接下载带来的问题本站不予受理。
- 2.下载的文档,不会出现我们的网址水印。
- 3、该文档所得收入(下载+内容+预览)归上传者、原创作者;如果您是本文档原作者,请点此认领!既往收益都归您。
下载文档到电脑,查找使用更方便
2000 积分 0人已下载
下载 | 加入VIP,交流精品资源 |
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 计算机 试卷 CISSP 认证 考试 通信 安全 网络安全 模拟 答案 解析 DOC
