Читаем CISSP Practice полностью

88. a. Groupware is an alternative to intranets, where the former is good for document sharing, mail exchange, and group discussion. On the other hand, intranets facilitate external and internal communications more efficiently. One major advantage of the intranet over GroupWare is the Internet’s inherent platform independence. For example, Web pages written on a Macintosh computer look the same when viewed from a Sun workstation. In addition to being easy to set up, intranets use the concept of layered communication protocols. There are seven layers between the physical network media and the applications running on the host machines.

89. Which of the following characterizes the operation of a Bluetooth device?

a. Content delivery network

b. Local-area network

c. Ad-hoc network

d. Wide-area network

89. c. A Bluetooth device operates under the ad-hoc network standard because it has no fixed network infrastructure, such as base stations or access points as in the wired network or other wireless networks. Bluetooth devices maintain random network configurations formed on-the-fly, relying on mobile routers connected by wireless links that enable devices to communicate with each other. The other three choices have a fixed network infrastructure.

90. All the following are examples of performance measures of quality-of-service (QoS) for a communications network except:

a. Signal-to-noise ratio

b. Mean time between failures

c. Bit error ratio

d. Call blocking probability

90. b. Mean time between failures (MTBF) is an indicator of expected system reliability based on known failure rates, which are expressed in hours. MTBF is mostly applied to equipment whereas QoS is applied to services.

The other three choices, along with message throughput rate, are examples of channel or system performance parameters, measuring QoS. Signal-to-noise ratio is the ratio of the amplitude of the peak signal to the amplitude of peak noise signals at a given point in time in a telecommunications system. Bit error ratio is the number of erroneous bits divided by the total number of bits transmitted, received, or processed over some stipulated time period in a telecommunications system. Call blocking probability is the probability that an unwanted incoming call would be blocked from going forward.

91. Which of the following is not a function of a Web server?

a. Handling requests

b. Supplying documents

c. Securing requests

d. Navigating information

91. d. The Web browser is the most common user interface for accessing an intranet. A Web browser provides navigating information. At the heart of an intranet is the Web server. Because an intranet is based on a system of requests and responses, the server controls and administers that flow of information through TCP/IP. Web servers handle requests and return the information in the form of either Web pages or other media types such as pictures, sound, and video. In addition to supplying documents, the Web server is also responsible for ensuring the security of requests from outside the organization or within.

92. What is the most important element of intranet security?

a. Monitoring

b. Encryption

c. Authentication

d. Filtering

92. a. The basic elements of intranet security tools are encryption, authentication, and filtering. For example, encryption may use pretty good privacy (PGP) for encrypting e-mail, digital certificates for code signing, and site certificates for Secure Socket Layers securing of intranet servers. Authentication deals with user and group-specific access. Firewalls act as filtering devices. In addition to the use of these tools, vigilant monitoring of all network connections is required on a regular basis. Each time a new feature is added to a network, the security implications should be reviewed. These three security tools are highly technical and automated whereas monitoring is a human activity, which is better than automation most of the time.

93. Security mechanisms implement security services. Which of the following security mechanisms do not implement the confidentiality security service?

a. Encryption

b. Access control

c. Traffic padding

d. Routing control

93. b. An access control security mechanism provides access control security service only. This mechanism controls access to authenticated entities to resources. They may be based upon security labels (tags), the time of attempted access, the route of attempted access, and the duration of access.