CISSP Official ISC2 practice tests (Questions and Correct Answers A+ Graded 100% Verified)

CISSP Official ISC2 practice tests (Questions and Correct Answers A+ Graded 100% Verified) 1. What important factor listed below differentiates Frame Relay from X.25? A. Frame Relay supports multiple PVCs over a single WAN carrier connection. B. Frame Relay is a cell-switching technology instead of a packet-switching technology like X.25. C. Frame Relay does not provide a Committed Information Rate (CIR). D. Frame Relay only requires a DTE on the provider side. CORRECT ANSWER: A. Frame Relay supports multiple private virtual circuits (PVCs), unlike X.25. It is a packet-switching technology that provides a Committed Information Rate (CIR), which is a minimum bandwidth guarantee provided by the service provider to customers. Finally, Frame Relay requires a DTE/DCE at each connection point, with the DTE providing access to the Frame Relay network, and a provider-supplied DCE, which transmits the data over the network. 2. During a security assessment of a wireless network, Jim discovers that LEAP is in use on a network using WPA. What recommendation should Jim make? A. Continue to use LEAP. It provides better security than TKIP for WPA networks. B. Use an alternate protocol like PEAP or EAP-TLS and implement WPA2 if supported. C. Continue to use LEAP to avoid authentication issues, but move to WPA2. D. Use an alternate protocol like PEAP or EAP-TLS, and implement Wired Equivalent Privacy to avoid wireless security issues. CORRECT ANSWER: B. LEAP, the Lightweight Extensible Authentication Protocol. is a Cisco proprietary protocol designed to handle problems with TKIP. Unfortunately, LEAP has significant security issues as well and should not be used. Any modern hardware should support WPA2 and technologies like PEAP or EAP-TLS. Using WEP, the predecessor to WPA and WPA2, would be a major step back in security for any network. 3. Ben has connected his laptop to his tablet PC using an 802.11g connection. What wireless network mode has he used to connect these devices? A. Infrastructure mode B. Wired extension mode C. Ad hoc mode D. Stand-alone mode CORRECT ANSWER: C. Ben is using ad hoc mode, which directly connects two clients. It can be easy to confuse this with stand-alone mode, which connects clients using a wireless access point, but not to wired resources like a central network. Infrastructure mode connects endpoints to a central network, not directly to each other. Finally, wired extension mode uses a wireless access point to link wireless clients to a wired network. 4. Lauren's and Nick's PCs simultaneously send traffic by transmitting at the same time. What network term describes the range of systems on a network that could be affected by this same issue? A. The subnet B. The supernet C. A collision domain D. A broadcast domain CORRECT ANSWER: C. A collision domain is the set of systems that could cause a collision if they transmitted at the same time. Systems outside of a collision domain cannot cause a collision if they send at the same time. This is important, as the number of systems in a collision domain increases the likelihood of network congestion due to an increase in collisions. A broadcast domain is the set of systems that can receive a broadcast from each other. A subnet is a logical division of a network, while a supernet is made up of two or more networks. 5. Sarah is manually reviewing a packet capture of TCP traffic and finds that a system is setting the RST flag in the TCP packets it sends repeatedly during a short period of time. What does this flag mean in the TCP packet header? A. RST flags mean "Rest." The server needs traffic to briefly pause. B. RST flags mean "Relay-set." The packets will be forwarded to the address set in the packet. C. RST flags mean "Resume Standard." Communications will resume in their normal format. D. RST means "Reset." The TCP session will be disconnected. CORRECT ANSWER: D. The RST flag is used to reset or disconnect a session. It can be resumed by restarting the connection via a new three-way handshake. 6. Gary is deploying a wireless network and wants to deploy the fastest possible wireless technology. Of the 802.11 standards listed below, which is the fastest 2.4 GHz option he has? A. 802.11a B. 802.11g C. 802.11n D. 802.11ac CORRECT ANSWER: C. He should choose 802.11n, which supports 200+ Mbps in the 2.4 GHz or the 5 GHz frequency range. 802.11a and 802.11ac are both 5 GHz only, while 802.11g is only capable of 54 Mbps. 7. What common applications are associated with each of the following TCP ports: 23, 25, 143, and 515? A. Telnet, SFTP, NetBIOS, and LPD B. SSH, SMTP, POP3, and ICMP C. Telnet, SMTP, IMAP, and LPD D. Telnet, SMTP, POP3, and X Windows CORRECT ANSWER: C. These common ports are important to know, although some of the protocols are becoming less common. TCP 23 is used for Telnet; TCP 25 is used for SMTP (the Simple Mail Transfer Protocol); 143 is used for IMAP, the Internet Message Access Protocol; and 515 is associated with LPD, the Line Printer Daemon protocol used to send print jobs to printers. POP3 operates on TCP 110, SSH operates on TCP 22 (and SFTP operates over SSH), and X Windows operates on a range of ports between 6000 and 6063. 8. Chris is configuring IDS to monitor for unencrypted FTP traffic. What ports should Chris use in his configuration? A. TCP 20 and 21 B. TCP 21 only C. UDP port 69 D. TCP port 21 and UDP port 21 CORRECT ANSWER: A. The File Transfer Protocol (FTP) operates on TCP ports 20 and 21. UDP port 69 is used for the Trivial File Transfer Protocol, or TFTP, while UDP port 21 is not used for any common file transfer protocol. 9. FHSS, DSSS, and OFDM all use what wireless communication method that occurs over multiple frequencies simultaneously? A. Wi-Fi B. Spread Spectrum C. Multiplexing D. Orthogonal modulation CORRECT ANSWER: B. Frequency Hopping Spread Spectrum (FHSS), Direct Sequence Spread Spectrum (DSSS), and Orthogonal Frequency-Division Multiplexing (OFDM) all use spread spectrum techniques to transmit on more than one frequency at the same time. Neither FHSS nor DHSS uses orthogonal modulation, while multiplexing describes combining multiple signals over a shared medium of any sort. Wi-Fi may receive interference from FHSS systems but doesn't use it. 10. Which authentication protocol commonly used for PPP links encrypts both the username and password and uses a challenge/response dialog that cannot be replayed and periodically re-authenticates remote systems throughout its use in a session? A. PAP B. CHAP C. EAP D. LEAP CORRECT ANSWER: B. The Challenge-Handshake Authentication Protocol, or CHAP, is used by PPP servers to authenticate remote clients. It encrypts both the username and password and performs periodic reauthentication while connected using techniques to prevent replay attacks. LEAP provides reauthentication but was designed for WEP, while PAP sends passwords unencrypted. EAP is extensible and was used for PPP connections, but it doesn't directly address the listed items. 11. Which of the following options is not a common best practice for securing a wireless network? A. Turn on WPA2. B. Enable MAC filtering if used for a relatively small group of clients. C. Enable SSID broadcast. D. Separate the access point from the wired network using a firewall, thus treating it as external access. CORRECT ANSWER: C. SSID broadcast is typically disabled for secure networks. While this won't stop a determined attacker, it will stop casual attempts to connect. Separating the network from other wired networks, turning on the highest level of encryption supported (like WPA2), and using MAC filtering for small groups of clients that can reasonably be managed by hand are all common best practices for wireless networks. 12. What network topology is shown in the image below (6 workstations 1 server in a ring)? A. A ring B. A bus C. A star D. A mesh CORRECT ANSWER: A. A ring connects all systems like points on a circle. A ring topology was used with Token Ring networks, and a token was passed between systems around the ring to allow each system to communicate. More modern networks may be described as a ring but are only physically a ring and not logically using a ring topology. Chris is designing layered network security for his organization. Using the diagram below (Internet via -A- to Firewall then router then switch then 5 workstations, Web server connected to firewall via -B-, VPN concentrator connected to router via -C-) 13. What type of firewall design is shown in the diagram? A. A single-tier firewall B. A two-tier firewall C. A three-tier firewall D. A four-tier firewall CORRECT ANSWER: B. The firewall in the diagram has two protected zones behind it, making it a two-tier firewall design. Chris is designing layered network security for his organization. Using the diagram below 14. If the VPN grants remote users the same access to network and system resources as local workstations have, what security issue should Chris raise? A. VPN users will not be able to access the web server. B. There is no additional security issue; the VPN concentrator's logical network location matches the logical network location of the workstations. C. VPN bypasses the firewall, creating additional risks. D. VPN users should only connect from managed PCs. CORRECT ANSWER: D. Remote PCs that connect to a protected network need to comply with securitybsettings and standards that match those required for the internal network. The VPN concentrator logically places remote users in the protected zone behind the firewall, but that means that user workstations (and users) must be trusted in the same way that local workstations are. Chris is designing layered network security for his organization. Using the diagram below 15. If Chris wants to stop cross-site scripting attacks against the web server, what is the best device for this purpose, and where should he put it? A. A firewall, location A B. An IDS, location A C. An IPS, location B D. A WAF, location C CORRECT ANSWER: C. An intrusion protection system can scan traffic and stop both known and unknown attacks. A web application firewall, or WAF, is also a suitable technology, but placing it at location C would only protect from attacks via the organization's VPN, which should only be used by trusted users. A firewall typically won't have the ability to identify and stop cross-site scripting attacks, and IDS systems only monitor and don't stop attacks. 16. Susan is deploying a routing protocol that maintains a list of destination networks with metrics that include the distance in hops to them and the direction traffic should be sent to them. What type of protocol is she using? A. A link-state protocol B. A link-distance protocol C. A destination metric protocol D. A distance-vector protocol CORRECT ANSWER: D. Distance-vector protocols use metrics including the direction and distance in hops to remote networks to make decisions. A link-state routing protocol considers the shortest dist