Читаем CISSP Practice полностью

129. In sliding window protocols, a protocol is said to be in the stop-and-wait mode under which of the following conditions?

a. When the sequence number for a sender’s window is greater than 1, a receiver can discard all data frames.

b. When the sequence number for a sender’s window and a receiver’s window is equal to 1.

c. When the sequence number for a sender’s window is greater than 1, a receiver can buffer out-of-order data frames.

d. When two separate physical circuits are used for forward channel and reverse channel.

129. b. Sliding window protocols are bit-oriented and bidirectional protocols that use the same physical circuit for data frame transmission in both directions. When the sequence number for a sender’s window and a receiver’s window is equal to 1, the protocol is said to be in the stop-and-wait mode.

The other three choices do not operate in a stop-and-wait mode. When the sequence number for a sender’s window is greater than 1, the receiver can either discard all data frames or buffer out-of-order data frames. When two separate physical circuits are used for forward channel and reverse channel, it represents a full-duplex data transmission, which is inefficient because only once circuit is used for the forward channel and the circuit for the reverse channel is not used. The full-duplex transmission uses two circuits and wastes resources whereas the sliding window protocol uses only one circuit.

130. Which of the following is not a solution to the network congestion problems in terms of increasing the system resources?

a. Splitting traffic over multiple routes

b. Having spare routers available online

c. Having users schedule their work at nonpeak times

d. Increasing the transmission power for satellite systems

130. c. The presence of network congestion problems means that the network load is temporarily greater than the system resources can handle. Solutions include either increasing the system resources or decreasing the network load. Having users schedule their work at nonpeak times is a solution to decrease the network load, which may not go well with the good principles of customer service. The other three choices are solutions to increase the system resources.

131. Which of the following does not cause false positives and false negatives?

a. Antivirus software

b. Spyware detection and removal utility software

c. Host-based intrusion detection systems

d. Firewalls

131. d. False positives occur when a tool reports a security weakness when no weakness is present. False negatives occur when a tool does not report a security weakness when one is present. Firewalls do not cause false positives and false negatives due to use of rulesets and the practice of deny-by-default privileges.

Antivirus software is incorrect because it has the capability to cause false positives and false negatives due to use of heuristic techniques to detect new malware. Spyware detection and removal utility software is incorrect because it can cause false positives and false negatives. Host-based intrusion detection systems are incorrect because they can cause false positives and false negatives (false warnings and alerts in the form of alarms) due to malfunctioning sensors and that network activity is not visible to host-based sensors.

132. Which of the following are the primary security goals of a domain name system (DNS)?

1. Source authentication

2. Confidentiality

3. Integrity

4. Availability

a. 1 and 2

b. 2 and 3

c. 1 and 3

d. 3 and 4

132. c. Ensuring information authenticity and maintaining information integrity in transit is critical for efficient functioning of the Internet, for which DNS provides the name resolution service. Hence, integrity and source authentication are the primary DNS security goals. Confidentiality is not one of the security goals of DNS, and availability is a secondary security goal.

133. Transmission control protocol (TCP) packet is associated with which of the following when sending domain name system (DNS) queries?

1. Truncation

2. Little or no truncation

3. Higher overhead

4. Lower overhead

a. 1 only

b. 4 only

c. 1 and 4

d. 2 and 3

133. d. TCP is used when DNS queries result in little or no truncation, but it is subjected to higher overhead of resources. On the other hand, DNS requests using UDP result in truncation and utilizes a lower overhead of resources.