Читаем CISSP Practice полностью

a. The time between the flaw identification and the flaw remediation process

b. The time between the vulnerability identification and the vulnerability remediation process

c. The time between the vulnerability identification and the vulnerability exploitation

d. The time between the weaknesses is discovered and the time to eliminate the weaknesses

71. c. One of the goals of penetration testing is to determine exploitability of identified vulnerability. It is called time-to-exploitation, where the penetration testers (i.e., red team and blue team) determine the time to exploit. The other three choices require a corrective action in terms of a plan of action and milestones.

72. The basic protocols would not address which of the following?

a. Message size, sequence, and format

b. Message routing instructions

c. Error detection and correction

d. Message authentication

72. d. A basic protocol is a set of rules governing a specific time sequence of events. It defines the method of formatting bits of data and messages for transmission, routing, and identification of messages including error detection and correction. However, it does not address a message authentication, which is a security feature.

73. The least effective control in mitigating communication network failures would be which of the following?

a. Network contingency plans

b. Network capacity planning

c. Network application system

d. Network performance monitoring

73. c. A network application system that collects traffic statistics and provides reports to alert the network management does not help in minimizing communication network failures.

The other three choices are important to minimize losses from a network failure. Network contingency plans deal with redundant switching equipment, parallel physical circuits, and standby power supplies to address network disasters. Network capacity plans assist in forecasting computer resource requirements to ensure that adequate capacity exists when needed. For example, the capacity studies may call for higher bandwidth to accommodate newer technologies such as multimedia and videoconferencing. Capacity planning activities use current system performance data as a starting point to predict future resource needs. Network performance monitoring involves analyzing the performance of a computer system to determine how resources are currently utilized and how such utilization can be improved.

74. Conducting a periodic network monitoring to verify proper operations does not normally include:

a. Detecting network layers

b. Detecting line errors

c. Detecting terminal errors

d. Detecting modem errors

74. a. A network is composed of distinct layers, which is a network design issue, with each layer providing a specific function for the network. Periodic monitoring of the network does not normally include detection of the network layers where covert channels in ICMP or DNS can be found. For example, the ISO/OSI reference model has seven layers: application layer, presentation layer, session layer, transport layer, network layer, data link layer, and physical layer. Detecting line errors, terminal errors, and modem errors are routinely detected and monitored to ensure proper network operations.

75. Which of the following actions is not true about prohibiting remote activation for collaborative computing devices?

a. Block inbound and outbound traffic between instant messaging clients configured by end users.

b. Block inbound and outbound traffic between instant messaging clients configured by external providers.

c. Disconnect all unneeded collaborative computing devices physically.

d. Block inbound and outbound traffic between instant messaging clients configured by the IT security.

75. d. Collaborative computing devices are networked white boards and cameras. It is a good security practice to block the inbound and outbound network traffic configured by end users and external service providers, and not block the configurations established by the IT security function.

76. For worldwide interoperability for microwave access (WiMAX) security, when an adversary drains a client node’s battery by sending a constant series of management messages to the subscriber station/mobile subscriber (SS/MS), what is it called?

a. Man-in-the-middle attack

b. Water torture attack

c. Radio frequency jamming attack