When packets are captured and converted to hexadecimal, _______ represents the ICMP protocol in the IP header.
Correct Answer: B
Question 157
A business continuity plan is an example of which of the following?
Correct Answer: A
Section: Risk, Response and Recovery Explanation/Reference: Business Continuity Plans are designed to minimize the damage done by the event, and facilitate rapid restoration of the organization to its full operational capacity. They are for use "after the fact", thus are examples of corrective controls. Reference(s) used for this question: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 8: Business Continuity Planning and Disaster Recovery Planning (page 273). and Conrad, Eric; Misenar, Seth; Feldman, Joshua (2012-09-01). CISSP Study Guide (Kindle Location 8069). Elsevier Science (reference). Kindle Edition. and
Question 158
BIND should be disabled on which of the following?
Correct Answer: B
Question 159
A DMZ is located:
Correct Answer: A
Explanation/Reference: While the purpose of systems in the DMZ is to allow public access to certain internal network resources (EMAIL, DNS, Web), it is a good practice to restrict that access to the minimum necessary to provide those services through use of a firewall. In computer security, a DMZ or Demilitarized Zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external attacker only has direct access to equipment in the DMZ, rather than any other part of the network. The name is derived from the term "demilitarized zone", an area between nation states in which military operation is not permitted. The following are incorrect answers: "Right in front of your first Internet facing firewall" While the purpose of systems in the DMZ is to allow public access to certain internal network resources (EMAIL, DNS, Web), it is a good practice to restrict that access to the minimum necessary to provide those services through use of a firewall. "Right behind your first network active firewall" This is an almost-right-sounding answer meant to distract the unwary. "Right behind your first network passive Internet http firewall" This is an almost-right-sounding answer meant to distract the unwary. References: CBK, p. 434 and AIO3, p. 483 and http://en.wikipedia.org/wiki/DMZ_%28computing%29
Question 160
What is a limitation of TCP Wrappers?
Correct Answer: A
Explanation/Reference: TCP Wrappers can control when a UDP server starts but has little control afterwards because UDP packets can be sent randomly. The following answers are incorrect: It stops packets before they reach the application layer, thus confusing some proxy servers. Is incorrect because the TCP Wrapper acts as an ACL restricting packets so would not confuse a proxy server because the packets would not arrive and would not be a limitation. The hosts. access control system requires a complicated directory tree. Is incorrect because a simple directory tree is involved. They are too expensive. Is incorrect because TCP Wrapper is considered open source with a BSD licensing scheme.
