CISSP - Question Bank 03

Test your knowledge of CISSP with these multiple choice questions. Each Question Bank includes 20 practice questions that have been designed to measure your knowledge of key ideas.

A key factor to keep in mind is that guessing is better than not answering a question.

Every single question on the CISSP exam is a four-option multiple choice question with a single correct answer. Some are straightforward, such as asking you to select a definition. Some are a bit more involved, such as asking you to select the appropriate concept or best practice. And some questions present you with a scenario or situation and ask you to select the best response.

Start

Q1. What is layer 4 of the OSI model?

A. Presentation
B. Network
C. Data Link
D. Transport

View Answer
The Correct Answer is D.
Explanation: The Transport layer is layer 4. The Presentation layer is layer 6, the Data Link layer is layer 2, and the Network layer is layer 3.
Q2. What is encapsulation?

A. Changing the source and destination addresses of a packet
B. Adding a header and footer to data as it moves down the OSI stack
C. Verifying a person’s identity
D. Protecting evidence until it has been properly collected

View Answer
The Correct Answer is B.
Explanation: Encapsulation is adding a header and footer to data as it moves through the Presentation layer down the OSI stack.
Q3. Which OSI model layer manages communications in simplex, half-duplex, and full-duplex modes?

A. Application
B. Session
C. Transport
D. Physical

View Answer
The Correct Answer is B.
Explanation: Layer 5, Session, manages simplex (one-direction), half-duplex (two-way, but only one direction can send data at a time), and full-duplex (two-way, in which data can be sent in both directions simultaneously) communications.
Q4. Which of the following is the least resistant to EMI?

A. Thinnet
B. 10Base-T UTP
C. 10Base5
D. Coaxial cable

View Answer
The Correct Answer is B.
Explanation: 10Base-T UTP is the least resistant to EMI because it is unshielded. Thinnet (10Base2) and thicknet (10Base5) are both a type of coaxial cable, which is shielded against EMI.
Q5. Which of the following cables has the most twists per inch?

A. STP
B. UTP
C. 100Base-T
D. 1000Base-T

View Answer
The Correct Answer is D.
Explanation: 1000Base-T offers 1000Mbps throughput and thus must have the greatest number of twists per inch. The tighter the twist (i.e., the number of twists per inch), the more resistant the cable is to internal and external interference and crosstalk and thus the greater the capacity is for throughput (i.e., higher bandwidth).
Q6. Which of the following is not true?

A. Fiber-optic cable offers very high throughput rates.
B. Fiber-optic cable is difficult to install.
C. Fiber-optic cable is expensive.
D. Communications over fiber-optic cable can be tapped easily.

View Answer
The Correct Answer is D.
Explanation: Fiber-optic cable is difficult to tap.
Q7. Which of the following is not one of the most common LAN technologies?

A. Ethernet
B. ATM
C. Token Ring
D. FDDI

View Answer
The Correct Answer is B.
Explanation: Ethernet, Token Ring, and FDDI are common LAN technologies. ATM is more common in a WAN environment.
Q8. Which networking technology is based on the IEEE 802.3 standard?

A. Ethernet
B. Token Ring
C. FDDI
D. HDLC

View Answer
The Correct Answer is A.
Explanation: Ethernet is based on the IEEE 802.3 standard.
Q9. What is a TCP wrapper?

A. An encapsulation protocol used by switches
B. An application that can serve as a basic firewall by restricting access based on user IDs or system IDs
C. A security protocol used to protect TCP/IP traffic over WAN links
D. A mechanism to tunnel TCP/IP through non-IP networks

View Answer
The Correct Answer is B.
Explanation: A TCP wrapper is an application that can serve as a basic firewall by restricting access based on user IDs or system IDs.
Q10. Which of the following protocols is connectionless?

A. TCP
B. UDP
C. IP
D. FTP

View Answer
The Correct Answer is B.
Explanation: UDP is a connectionless protocol.
Q11. By examining source and destination address, application usage, source of origin, and the relationship between current packets with the previous packets of the same session, ____________ firewalls are able to grant a broader range of access for authorized users and activities and actively watch for and block unauthorized users and activities.

A. Static packet-filtering
B. Application-level gateway
C. Stateful inspection
D. Circuit-level gateway

View Answer
The Correct Answer is C.
Explanation: Stateful inspection firewalls are able to grant a broader range of access for authorized users and activities and actively watch for and block unauthorized users and activities.
Q12. _________________ firewalls are known as third-generation firewalls.

A. Application-level gateway
B. Stateful inspection
C. Circuit-level gateway
D. Static packet-filtering

View Answer
The Correct Answer is B.
Explanation: Stateful inspection firewalls are known as third-generation firewalls.
Q13. Which of the following is not true regarding firewalls?

A. They are able to log traffic information.
B. They are able to block viruses.
C. They are able to issue alarms based on suspected attacks.
D. They are unable to prevent internal attacks.

View Answer
The Correct Answer is B.
Explanation: Most firewalls offer extensive logging, auditing, and monitoring capabilities as well as alarms and even basic IDS functions. Firewalls are unable to block viruses or malicious code transmitted through otherwise authorized communication channels, prevent unauthorized but accidental or intended disclosure of information by users, prevent attacks by malicious users already behind the firewall, or protect data after it passed out of or into the private network.
Q14. Which of the following is not a routing protocol?

A. OSPF
B. BGP
C. RPC
D. RIP

View Answer
The Correct Answer is C.
Explanation: There are numerous dynamic routing protocols, including RIP, OSPF, and BGP, but RPC is not a routing protocol.
Q15. A ___________________ is an intelligent hub because it knows the addresses of the systems connected on each outbound port. Instead of repeating traffic on every outbound port, it repeats only traffic out of the port on which the destination is known to exist.

A. Repeater
B. Switch
C. Bridge
D. Router

View Answer
The Correct Answer is B.
Explanation: A switch is an intelligent hub. It is considered to be intelligent because it knows the addresses of the systems connected on each outbound port.
Q16. ___________________ is a standards-based mechanism for providing encryption for point-topoint TCP/IP traffic.

A. UDP
B. SSL
C. IPSec
D. SDLC

View Answer
The Correct Answer is C.
Explanation: IPSec, or IP Security, is a standards-based mechanism for providing encryption for point-topoint TCP/IP traffic.
Q17. Which public-private key security system was developed independently of industry standards but has wide Internet grassroots support?

A. SLIP
B. PGP
C. PPTP
D. PAP

View Answer
The Correct Answer is B.
Explanation: Pretty Good Privacy (PGP) is a public-private key system that uses the IDEA algorithm to encrypt files and e-mail messages. PGP is not a standard but rather an independently developed product that has wide Internet grassroots support.
Q18. What authentication protocol offers no encryption or protection for logon credentials?

A. PAP
B. CHAP
C. SSL
D. RADIUS

View Answer
The Correct Answer is A.
Explanation: PAP, or Password Authentication Protocol, is a standardized authentication protocol for PPP. PAP transmits usernames and passwords in the clear. It offers no form of encryption. It simply provides a means to transport the logon credentials from the client to the authentication server.
Q19. ___________________ is a layer 2 connection mechanism that uses packet-switching technology to establish virtual circuits between the communication endpoints.

A. ISDN
B. Frame Relay
C. SMDS
D. ATM

View Answer
The Correct Answer is B.
Explanation: Frame Relay is a layer 2 connection mechanism that uses packet-switching technology to establish virtual circuits between the communication endpoints. The Frame Relay network is a shared medium across which virtual circuits are created to provide point-to-point communications. All virtual circuits are independent of and invisible to each other.
Q20. Which of the following IP addresses is not a private IP address as defined by RFC 1918?

A. 10.0.0.18
B. 169.254.1.119
C. 172.31.8.204
D. 192.168.6.43

View Answer
The Correct Answer is B.
Explanation: The 169.254.x.x. subnet is in the APIPA range, which is not part of RFC 1918. The addresses in RFC 1917 are 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, and 192.168.0.0– 192.168.255.255.

Copyright © 2018 | All Rights Reserved | Designed & Developed by Yeahhub.com