Читаем CISSP Practice полностью

b. Finger table and routing table

c. Fault tree and decision tree

d. Decision table and truth table

4. a. A sink tree shows the set of optimal routes from all sources to a given destination, rooted at the destination. A sink tree does not contain any loops, so each packet is delivered within a finite and bounded number of hops. The goal of all routing algorithms is to identify and use the sink trees for all routers. A spanning tree uses the sink tree for the router initiating the broadcast. A spanning tree is a subset of the subnet that includes all the routers but does not contain any loops.

A finger table is used for node lookup in peer-to-peer (P2P) networks. Routers use routing tables to route messages and packets. A fault tree is used in analyzing errors and problems in computer software. A decision tree is a graphical representation of the conditions, actions, and rules in making a decision with the use of probabilities in calculating outcomes. A decision table presents a tabular representation of the conditions, actions, and rules in making a decision. A truth table is used in specifying computer logic blocks by defining the values of the outputs for each possible set of input values.

5. Enforcing effective data communications security requires other types of security such as physical security. Which of the following can easily compromise such an objective?

a. Smart cards with PINs

b. Nonreusable passwords

c. Network cabling

d. Last login messages

5. c. Data communications security requires physical security and password controls. The network cables that carry data are vulnerable to intruders. It is a simple matter to tap into cabling and relatively easy to cut the wiring. Therefore, a basic physical security control such as locking up the wiring closet is important.

Smart cards with PINs are incorrect because they do not compromise data communications. They enhance security by using cryptographic keys. Nonreusable passwords are used only once. A series of passwords are generated by a cryptographic secure algorithm and given to the user for use at the time of login. Each password expires after its initial use and is not repeated or stored anywhere. Last login messages are incorrect because they alert unauthorized uses of a user’s password and ID combination.

6. Which of the following refers to closed-loop control to handle network congestion problems?

1. Mid-course corrections are not made.

2. Current state of the network is ignored.

3. Feedback loop is provided.

4. Mid-course corrections are made.

a. 1 only

b. 1 and 2

c. 4 only

d. 3 and 4

6. d. With the open-loop control, when the system is up and running, mid-course corrections are not made, thus ignoring the current states of the network. On the other hand, the closed-loop control is based on the concept of feedback loop with mid-course corrections allowed.

7. Which of the following security threats is not applicable to wireless local-area networks (WLANs)?

a. Message interception

b. System unavailability

c. System unreliability

d. Theft of equipment

7. c. Even with wireless local-area networks (WLANs), message interception is possible, the system can go down, thus making it unavailable, and equipment can be stolen. However, the wireless LAN is more reliable than the wired LAN due to lack of wiring problems. Cable cuts and wire jams are the most common problems with the wired LANs. Therefore, system unreliability is not a threat for wireless LANs. This is because of the overlapping coverage of wireless access points (APs) provides some level of network redundancy from an end user standpoint; that is, if one AP goes down, the other one’s wireless coverage may make the reliability failure seem minimal.

8. Wireless local-area networks (LANs) have greater risks than wired LANs in which of the following areas?

a. Masquerading and modification/substitution

b. Modification/substitution of messages and theft of equipment

c. Eavesdropping and masquerading

d. Eavesdropping and theft of equipment