Читаем CISSP Practice полностью

31. c. Telecommuting is the use of telecommunications to create a virtual office away from the established (physical) office. The telecommuting office can be in an employee’s home, a hotel room or conference center, an employee’s travel site, or a telecommuting center. In planning for secure telecommuting, management must first determine what type of access is needed (i.e., end user, IT user, system/security administrator, permanent/temporary access, guest/contractor access, global/local access, read, write, update add, delete, or change, view, print, or collaborate). The type of access drives most of access control decisions, including the other three choices.

The other three choices come later, although they are important in their own way and support the type of access. What systems and data do employees need? What is the sensitivity of these systems and data? Do they need system administrator privileges? Do they need to share files with other employees? Is the data confidential?

32. The Internet uses which of the following?

a. Mesh topology

b. Star topology

c. Bus topology

d. Ring topology

32. a. The Internet uses the mesh topology with a high degree of fault tolerance. Dial-up telephone services and PBX systems (switched networks) use the star topology, Ethernet mostly uses the bus topology, and FDDI uses the ring topology.

33. Phishing attacks can occur using which of the following?

1. Cell phones

2. Personal digital assistants

3. Traditional computers

4. Websites

a. 3 only

b. 4 only

c. 1 and 2

d. 1, 2, 3, and 4

33. d. Phishing attacks are not limited to traditional computers and websites; they may also target mobile computing devices, such as cell phones and personal digital assistants. To perform a phishing attack, an attacker creates a website or e-mail that looks as if it is from a well-known organization, such as an online business, credit card company, or financial institution in the case of cell phones; it is often the SMS/MMS attack vector or calls with spoofed caller-ID.

34. A sender in a transmission control protocol (TCP) network plans to transmit message packets of sizes 1,024, 2,048, 4,096, and 8,192 bytes to a receiver. The receiver’s granted window size is 16,384 bytes and the timeout size is set at 8,192 bytes. What should be the sender’s congestion window size to avoid network bursts or congestion problems?

a. 2,048 bytes

b. 4,096 bytes

c. 8,192 bytes

d. 16,384 bytes

34. b. As long as the congestion window size remains at 4,096, which is less than the timeout size, no bursts take place, regardless of the receiver’s granted window size. Network bursts can occur at a transmission of 8,192 bytes or higher because 8,192 bytes are the timeout limit. To be safe, the optimum size of the sender’s congestion window must be set at less than the receiver’s granted window size or the timeout size, whichever is smaller.

35. Which of the following network architectures is designed to provide data services using physical networks that are more reliable and offer greater bandwidth?

a. Integrated services digital network (ISDN)

b. Transmission control protocol/Internet Protocol (TCP/IP)

c. File transfer protocol (FTP)

d. The open system interconnection (OSI) protocol

35. a. Integrated services digital network (ISDN) was designed to provide both voice and a wide variety of data services, initially using the existing phone network. Broadband ISDN was designed to provide a more sophisticated set of services using reliable high-speed networks that can be provided using optical fiber physical networks of higher bandwidth. Both the TCP/IP and OSI protocol suites are designed to provide communications between heterogeneous systems. These two platforms support applications, such as file transfer, e-mail, and virtual terminal protocols. Interoperability between TCP/IP and OSI cannot be accomplished without building special software, or gateways, to translate between protocols. However, these architectures were designed to provide data services using physical networks that were not always reliable and offered limited bandwidth.

36. Which of the following is the most important aspect of a remote access?

a. User authentication

b. Media authentication

c. Device authentication

d. Server authentication