Читаем CISSP Practice полностью

134. A peer-to-peer (P2P) networking is similar to which of the following?

a. Content delivery network

b. Value-added network

c. Ad-hoc network

d. Wide-area network

134. c. Ad-hoc networks are similar to peer-to-peer (P2P) networking in that they both use decentralized networking, in which the information is maintained at the end user location rather than in a centralized database. The networks mentioned in the other three choices use centralized networking with centralized databases.

135. Which of the following is not a function of host-based scanners?

a. Identify outdated software versions

b. Identify outdated patches

c. Identify outdated system upgrades

d. Identify open ports

135. d. Network-based scanners identify open ports. The other three choices are incorrect because they are functions of host-based scanners. Another tool is a port scanner, which is a program that attempts to determine remotely which ports on systems are open (i.e., whether systems enable connections through those ports). Port scanners help attackers to identify potential targets.

136. Which of the following system security testing and information gathering tools can produce false positives?

a. Information scanning tool

b. Vulnerability scanning tool

c. Network scanning tool

d. Penetration testing tool

136. b. False positives occur when a tool reports a security weakness when no weakness is present. A vulnerability scanner is a program that looks for vulnerabilities on either the local system or on remote systems. Vulnerability scanners help attackers to find hosts that they can exploit successfully. The automated vulnerability scanning tools is used to scan a group of hosts or a network for known vulnerable services such as use of file transfer protocol (FTP) and sendmail relaying. Some of the vulnerabilities flagged by the automated scanning tool may actually not be vulnerable for a particular site based on its configuration. Thus, this scanning tool can produce false positives, which are warning and alerts that incorrectly indicate that malicious activity is occurring.

The automated information scanning tool does not produce false positives because it is used to collect system information efficiently to build individual profiles of the target IT system. The network scanning tool, which does not produce false positives, lists all active hosts and services operating in the address space scanned by the port-scanning tool. The penetration testing tool is a specific tool for information systems testing and does not produce false positives.

137. From a network data analysis perspective, what do many Web-based applications use?

a. Two-tiered client/server model

b. Three-tiered client/server model

c. Four-tiered client/server model

d. Five-tiered client/server model

137. c. A client/server application is designed to split among multiple systems. Examples of typical client/server applications are medical records systems, e-commerce applications, and inventory systems. Many Web-based applications use four-tier client/server models: Web browser, Web server, application server, and database server. Each tier interacts only with the adjacent tiers, so in three- and four-tier models, the client does not directly interact with the database server.

A two-tiered client/server model is incorrect because the application stores its code, configuration settings, and supporting files on each user’s workstation, and its data on one or more central servers accessed by all users. Programs are stored on a workstation, and data is stored on a central server. Logs are most likely stored on the workstations only. This model includes client workstations and a central server.

A three-tiered client/server model is incorrect because the application separates the user interface from the rest of the application, and also separates the data from the other components. The classic three-tier model places the user interface code on the client workstation, the rest of the application code on an application server, and the data on a database server. This model includes client workstations, application server, and database server. A five-tiered client/server model is incorrect because it is complex to configure, operate, and manage.

138. Which of the following enhances an instant messaging (IM) authentication process?

a. Active directory service

b. Lightweight directory access protocol

c. Two-factor authentication

d. Role-based access permissions