How would an IP spoofing attack be best classified?
Correct Answer: A
Explanation/Reference: IP spoofing is used to convince a system that it is communicating with a known entity that gives an intruder access. IP spoofing attacks is a common session hijacking attack. Source: KRUTZ, Ronald L & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page 77).
Question 17
Which of the following protection devices is used for spot protection within a few inches of the object, rather than for overall room security monitoring?
Correct Answer: B
Section: Access Control Explanation/Reference: Capacitance detectors monitor an electrical field surrounding the object being monitored. They are used for spot protection within a few inches of the object, rather than for overall room security monitoring used by wave detectors. Penetration of this field changes the electrical capacitance of the field enough to generate and alarm. Wave pattern motion detectors generate a frequency wave pattern and send an alarm if the pattern is disturbed as it is reflected back to its receiver. Field-powered devices are a type of personnel access control devices. Audio detectors simply monitor a room for any abnormal sound wave generation and trigger an alarm. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 10: Physical security (page 344).
Question 18
Which of the following is TRUE regarding Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)?
Correct Answer: A
Section: Network and Telecommunications Explanation/Reference: TCP is a reliable connection-oriented transport for guaranteed delivery of data. Protocols represent certain rules and regulations that are essential in order to have data communication between two entities. Internet Protocols work in sending and receiving data packets. This type of communication may be either connection-less or connection-oriented. In a connection-oriented scenario, an acknowledgement is being received by the sender from the receiver in support of a perfect transfer. Transmission Control Protocol or TCP is such a protocol. On the other hand, UDP or User Datagram Protocol is of the connection-less type where no feedback is being forwarded to the sender after delivery and the data transfer have taken place or not. Though, it's not a guaranteed method, but, once a connection is established, UDP works much faster than TCP as TCP has to rely on a feedback and accordingly, the entire 3-way handshaking takes place. The following answers are incorrect: UDP provides for Error Correction, TCP does not: UDP does not provide for error correction, while TCP does. UDP is useful for longer messages, rather than TCP: UDP is useful for shorter messages due to its connectionless nature. TCP does not guarantee delivery of data, while UDP does guarantee data delivery: The opposite is true. References Used for this question: http://www.cyberciti.biz/faq/key-differences-between-tcp-and-udp-protocols/ http://www.skullbox.net/tcpudp.php James's TCP-IP FAQ - Understanding Port Numbers.
Question 19
Why are clipping levels used?
Correct Answer: A
Clipping is used to reduce the amount to be evaluated.
Question 20
Which of the following statements pertaining to link encryption is false?
Correct Answer: C
Section: Network and Telecommunications Explanation/Reference: When using link encryption, packets have to be decrypted at each hop and encrypted again. Information staying encrypted from one end of its journey to the other is a characteristic of end-to-end encryption, not link encryption. Link Encryption vs. End-to-End Encryption Link encryption encrypts the entire packet, including headers and trailers, and has to be decrypted at each hop. End-to-end encryption does not encrypt the IP Protocol headers, and therefore does not need to be decrypted at each hop. Reference: All in one, Page 735 & Glossary and Source: WALLHOFF, John, CBK#5 Cryptography (CISSP Study Guide), April 2002 (page 6).
