Let's see how well you did on this test ...
1.
DNS, FTP, TFTP, SNMP are provided at what level of the OSI / ISO model?
Answer: Application
Sorry - you had a wrong answer, please review details below.
Reference: OSI/ISO.
2.
The International Standards Organization / Open Systems Interconnection (ISO/OSI) Layers 6 is
which of the following?
Answer: Presentation Layer
Sorry - you had a wrong answer, please review details below.
International Standards Organization / Open Systems Interconnection (ISO/OSI) Layers and
Characteristics:
Physical Layer
Data Link Layer
Network Layer
Transport Layer
Session Layer
Presentation Layer
Applications Layer
Here's a great mnemonicfor the OSI model: "Please Do Not Trow Sausage Pizza Away".
Source: STEINER, Kurt, Telecommunications and Network Security, Version 1, May 2002,
CISSP Open Study Group (Domain Leader: skottikus), Page 12. Available at www.cccure.org.
Thanks to Rakesh Sud for providing this question and to Don Murdoch for providing extra
information.
3.
Which of the following OSI layers does not provide confidentiality?
Answer: Transport
Sorry - you had a wrong answer, please review details below.
The transport layer provides end-to-end data transport services and establishes the logical
connection between two communicating computers but it does not provide any confidentiality.
The presentation layer provides authentication and authorization services. The network layer
provides confidentiality, authentication, data integrity, and access control services. The session
layer provides confidentiality services through SSL and establishes the connections between
applications and allows checkpoint for restart/recovery.
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne,
2002, chapter 7: Telecommunications and Network Security (page 351).
Thanks to Rhonda Farrell-Oller for reviewing this question.
4.
You are running a packet sniffer on a network and see a packet with a long string of "90 90 90
90...." in the middle of it traveling to an x86-based machine. This could be indicative of what?
Answer: A buffer overflow
Sorry - you had a wrong answer, please review details below.
The Intel x86 processors use the hexadecimal number 90 to represent NOP (no operation). Most of
the buffer overflow exploits designed since 11/8/1996 use a long string of NOPs to write past the
base pointer and down into the stack to overwrite a return code. newer buffer overflows may not
have this characteristic.
Source: The LISA documentation for snort describes these packets.
5.
Which of the following OSI layers provides non-repudiation services?
Answer: application
Sorry - you had a wrong answer, please review details below.
Layer 7 of the OSI model allows applications (users) to use the network in a distributed processing
environment. Non-repudiation is a user (application) function. Therefore, non-repudiation is
considered to be at the application layer of the OSI model, level 7.
Source: The OSI Reference Model.
Thanks to Peter Mosmans for providing a reference for this question.
6.
Both TCP and UDP use port numbers of what length?
Answer: 16 bits
Sorry - you had a wrong answer, please review details below.
The port numbers range from 1 to 65535.
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, AddisonWesley Pub Co., pg. 10.
7.
The IP header contains a protocol field. If this field contains the value of 2, what type of data is
contained within the IP datagram?
Answer: IGMP
Sorry - you had a wrong answer, please review details below.
TCP=6, ICMP=1, UDP=17, IGMP=2
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, AddisonWesley Pub Co., pg. 10.
8.
The IP header contains a protocol field. If this field contains the value of 6, what type of data is
contained within the ip datagram?
Answer: TCP
Sorry - you had a wrong answer, please review details below.
TCP=6, ICMP=1, UDP=17, IGMP=2
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, AddisonWesley Pub Co., pg. 10.
9.
Fast Ethernet operates at which of the following?
Answer: 100 MBps
Sorry - you had a wrong answer, please review details below.
Fast Ethernet operates at 100 MBps.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, page 108.
Thanks to George Wood for providing this question.
10. Which of the following is an ipaddress that is private (i.e. reserved for internal networks, and not a
valid address to use on the Internet)?
Answer: 192.168.42.5
Sorry - you had a wrong answer, please review details below.
Each class of addresses contains a block that are reserved for private networks and which are not
routable across the public Internet. For class A, the reserved addresses are 10.0.0.0 10.255.255.255. For class B networks, the reserved addresses are 172.16.0.0 - 172.31.255.255. For
class C, the reserved addresses are 192.168.0.0 - 192.168.255.255.
Source: The Linux Net-HOWTO.
Also ensure that you take a look at RFC 1918, which is THE reference for private address space.
11. Telnet and rlogin use which protocol?
Answer: TCP
Sorry - you had a wrong answer, please review details below.
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, AddisonWesley Pub Co., pg. 25.
12. In the OSI / ISO model, at what level are TCP and UDP provided?
Answer: Transport
Sorry - you had a wrong answer, please review details below.
The Transport layer of the OSI/ISO model supports the TCP and UDP protocol.
13. The connection using fiber optics from the phone company's branch office to local customers is
which of the following?
Answer: local loop
Sorry - you had a wrong answer, please review details below.
Transmission on fiber optic wire requires repeating at distance intervals. The glass fiber requires
more protection within an outer cable than copper. For these reasons and because the installation
of any new wiring is labor-intensive, few communities yet have fiber optic wires or cables from
the phone company's branch office to local customers (local loop).
Source: STEINER, Kurt, Telecommunications and Network Security, Version 1, May 2002,
CISSP Open Study Group (Domain Leader: skottikus), Page 14. Available at www.cccure.org.
Thanks to Rakesh Sud for providing this question.
14. A packet containing a long string of NOP's followed by a command is usually indicative of what?
Answer: A buffer overflow
Sorry - you had a wrong answer, please review details below.
Most of the buffer overflow exploits designed since 11/8/1996 use a long string of NOPs to write
past the base pointer and down into the stack to overwrite a return code. newer buffer overflows
may not have this characteristic.
Source: The LISA documentation for snort describes these packets.
15. Which of the following is an ipaddress that is private (i.e. reserved for internal networks, and not a
valid address to use on the Internet)?
Answer: 10.0.42.5
Sorry - you had a wrong answer, please review details below.
Each class of addresses contains a block that are reserved for private networks and which are not
routable across the public Internet. For class A, the reserved addresses are 10.0.0.0 10.255.255.255. For class B networks, the reserved addresses are 172.16.0.0 - 172.31.255.255. For
class C, the reserved addresses are 192.168.0.0 - 192.168.255.255.
Source: The Linux Net-HOWTO.
Also ensure that you take a look at RFC 1918, which is THE reference for private address space.
16. Which of the following statements about the "Intranet" is NOT true?
Answer: It is unrestricted and publicly available.
Sorry - you had a wrong answer, please review details below.
Details and reference for this question are not yet available. This question is a new question that
was submitted by one of the member of the site and I have to find a reference for it. If you do have
a reference to this question, please send it to Christian at cvezina@noos.fr with the question
above. Thanks. Clement.
17. Which of the following OSI layers provides routing and related services?
Answer: Network
Sorry - you had a wrong answer, please review details below.
The network layer provides routing and related functions that enable multiple data links to be
combined into an Internetwork.
Reference: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne,
2002, chapter 7: Telecommunications and Network Security (page 351).
Thanks to Christian Vezina for providing a reference for this question.
18. What is the proper term to refer to a single unit of IP data?
Answer: IP datagram
Sorry - you had a wrong answer, please review details below.
The proper terms are TCP segment, IP datagram, and Ethernet frame.
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, AddisonWesley Pub Co., pg. 10.
19. ICMP and IGMP belong to which layer of the OSI model?
Answer: Network
Sorry - you had a wrong answer, please review details below.
Although ICMP and IGMP are moved across the network within IP datagrams like TCP, do not
provide end-to-end transport so they cannot be part of the transport layer like TCP.
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, AddisonWesley Pub Co., pg. 2.
20. Which of the following is true related to network sniffing?
Answer: Sniffers allow an attacker to monitor data passing across a network.
Sorry - you had a wrong answer, please review details below.
Sniffers allow an attacker to monitor data passing across a network ... Sniffers exploit
characteristics of several data-link technologies, including Token Ring and especially Ethernet. IP
Spoofing is a network-based attack, which involves altering the source address of a computer to
disguise the attacker and exploit weak authentication methods. Session Hijacking tools allow an
attacker to take over network connections, kicking off the legitimate user or sharing a login.
Malformed Packer attacks are a type of DoS attack that involves one or two packets that are
formatted in an unexpected way. Many vendor product implementations do not take into account
all variations of user entries or packet types. If software handles such errors poorly, the system
may crash when it receives such packets. A classic example of this type of attack involves sending
IP fragments to a system that overlap with each other (the fragment offset values are incorrectly
set. Some unpatched Windows and Linux systems will crash when the encounter such packets.
Source: TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook,
4th Edition, Volume 2, Auerbach, NY, NY 2001, Chapter 22, Hacker Tools and Techniques by Ed
Skoudis.
21. Which of the following provide network redundancy in a local network environment?
Answer: Dual backbones
Sorry - you had a wrong answer, please review details below.
Growth in data traffic, coupled with the requirement to utilize bandwidth more efficiently, has in
many cases resulted in organizations setting up dedicated data networks. In the meantime, the
TDM backbone remained in place to service voice requirements. The result is dual backbones one for voice, the other for data.
Thanks to Rakesh Sud for providing details to this question.
22. How do you distinguish between a bridge and a router?
Answer: The bridge connects two networks at the link layer, while router connects two networks
at the network layer.
Sorry - you had a wrong answer, please review details below.
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, AddisonWesley Pub Co., pg. 6.
23. The International Standards Organization / Open Systems Interconnection (ISO/OSI) Layers are in
which of the following order (1 to 7) ?
Answer: Physical Layer, Data Link Layer, Network Layer, Transport Layer, Session Layer,
Presentation Layer, Application Layer
Sorry - you had a wrong answer, please review details below.
International Standards Organization / Open Systems Interconnection (ISO/OSI) Layers and
Characteristics:
Physical Layer
Data Link Layer
Network Layer
Transport Layer
Session Layer
Presentation Layer
Applications Layer
Mnemonics: Please Do Not Throw Sausage Pizza Away (bottom to top layer)
All People Seem To Need Data Processing (top to bottom layer).
Source: STEINER, Kurt, Telecommunications and Network Security, Version 1, May 2002,
CISSP Open Study Group (Domain Leader: skottikus), Page 10. Available at www.cccure.org.
Thanks to Rakesh Sud for providing this question and to Arlen Fletcher for reviewing it.
24. The International Standards Organization / Open Systems Interconnection (ISO/OSI) Layers does
NOT have which of the following characteristics?
Answer: Used to gain information from network devices such as count of packets received and
routing tables
Sorry - you had a wrong answer, please review details below.
The International Standards Organization / Open Systems Interconnection (ISO/OSI) Layers and
Characteristics Standard model for network communications allows dissimilar networks to
communicate, Defines 7 protocol layers (a.k.a. protocol stack) Each layer on one workstation
communicates with its respective layer on another workstation using protocols (i.e. agreed-upon
communication formats) "Mapping" each protocol to the model is useful for comparing protocols.
Mnemonics: Please Do Not Throw Sausage Pizza Away (bottom to top layer)
All People Seem To Need Data Processing (top to bottom layer).
Source: STEINER, Kurt, Telecommunications and Network Security, Version 1, May 2002,
CISSP Open Study Group (Domain Leader: skottikus), Page 12. Available at www.cccure.org.
Thanks to Rakesh Sud for providing this question.
25. ARP and RARP map between which of the following?
Answer: 32-bit addresses in IPv4 and 48-bit hardware addresses
Sorry - you had a wrong answer, please review details below.
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, AddisonWesley Pub Co., pg. 22.
26. Which of the following layers provides end-to-end service?
Answer: Transport Layer
Sorry - you had a wrong answer, please review details below.
Both TCP and UDP are transport layer protocols
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, AddisonWesley Pub Co., pg. 19.
27. In the days before CIDR (Classless Internet Domain Routing), networks were commonly
organized by classes. Which of the following would have been true of a Class B network?
Answer: The first bit of the ipaddress would be set to one and the second bit set to zero.
Sorry - you had a wrong answer, please review details below.
Source: SEMERIA, Chuck, Understanding IP Addressing: Everything You Ever Wanted To
Know, 3Com Corporation.
28. Which of the following access methods is used by Ethernet?
Answer: CSMA/CD
Sorry - you had a wrong answer, please review details below.
CSMA/CD is an acronym for "Carrier Sense, Multiple Access with Collision Detection".
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, AddisonWesley Pub Co., pg. 21.
29. What is the proper term to refer to a single unit of TCP data at the transport layer?
Answer: TCP segment
Sorry - you had a wrong answer, please review details below.
The proper terms is TCP segment.
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, AddisonWesley Pub Co., pg. 10.
30. In the days before CIDR (Classless Internet Domain Routing), networks were commonly
organized by classes. Which of the following would have been true of a Class C network?
Answer: The first two bits of the ip address would be set to one, and the third bit set to zero.
Sorry - you had a wrong answer, please review details below.
Each class of addresses contains a block that are reserved for private networks and which are not
routable across the public Internet. For class A, the reserved addresses are 10.0.0.0 10.255.255.255. For class B networks, the reserved addresses are 172.16.0.0 - 172.31.255.255. For
class C, the reserved addresses are 192.168.0.0 - 192.168.255.255.
Source: SEMERIA, Chuck, Understanding IP Addressing: Everything You Ever Wanted To
Know, 3Com Corporation.
31. What is the proper term to refer to a single unit of Ethernet data?
Answer: Ethernet frame
Sorry - you had a wrong answer, please review details below.
The proper terms is Ethernet frame.
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, AddisonWesley Pub Co., pg. 10.
32. Which of the following is an ipaddress that is private (i.e. reserved for internal networks, and not a
valid address to use on the Internet)?
Answer: 172.31.42.5
Sorry - you had a wrong answer, please review details below.
Each class of addresses contains a block that are reserved for private networks and which are not
routable across the public Internet. For class A, the reserved addresses are 10.0.0.0 10.255.255.255. For class B networks, the reserved addresses are 172.16.0.0 - 172.31.255.255. For
class C, the reserved addresses are 192.168.0.0 - 192.168.255.255.
Source: The Linux Net-HOWTO.
Also ensure that you take a look at RFC 1918, which is THE reference for private address space.
33. In The OSI / ISO model, at what layer are some of the SLIP, CSLIP, PPP control functions are
provided?
Answer: Link
Sorry - you had a wrong answer, please review details below.
The Data Link layer of the OSI/ISO model provides SLIP, CSLIP and PPP protocol.
RFC 1661 - The Point-to-Point Protocol (PPP) specifies that the Point-to-Point Protocol (PPP)
provides a standard method for transporting multi-protocol datagrams over point-to-point links.
PPP is comprised of three main components:
1 A method for encapsulating multi-protocol datagrams.
2 A Link Control Protocol (LCP) for establishing, configuring, and testing the data-link
connection.
3 A family of Network Control Protocols (NCPs) for establishing and configuring different
network-layer protocols.
34. Which of the following is TRUE?
Answer: TCP is connection-oriented. UDP is not.
Sorry - you had a wrong answer, please review details below.
TCP is a connection-oriented transport for guaranteed delivery of data.
UDP does not provide for error correction
UDP is useful for shorter messages
Reference: Understanding the Difference between TCP/IP and IPX/SPX.
James's TCP-IP FAQ - Understanding Port Numbers.
35. The IP header contains a protocol field. If this field contains the value of 1, what type of data is
contained within the IP datagram?
Answer: ICMP
Sorry - you had a wrong answer, please review details below.
TCP=6, ICMP=1, UDP=17, IGMP=2
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, AddisonWesley Pub Co., pg. 10.
36. The IP header contains a protocol field. If this field contains the value of 17, what type of data is
contained within the ip datagram?
Answer: UDP
Sorry - you had a wrong answer, please review details below.
TCP=6, ICMP=1, UDP=17, IGMP=2
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, AddisonWesley Pub Co., pg. 10.
37. Frame relay and X.25 networks are part of which of the following?
Answer: Packet-switched services
Sorry - you had a wrong answer, please review details below.
Reference: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne,
2002, chapter 7: Telecommunications and Network Security (pages 451-461).
Thanks to Don Murdoch for providing a reference to this question.
38. Which of the following is an ipaddress that is private (i.e. reserved for internal networks, and not a
valid address to use on the Internet)?
Answer: 172.16.42.5
Sorry - you had a wrong answer, please review details below.
Each class of addresses contains a block that are reserved for private networks and which are not
routable across the public Internet. For class A, the reserved addresses are 10.0.0.0 10.255.255.255. For class B networks, the reserved addresses are 172.16.0.0 - 172.31.255.255. For
class C, the reserved addresses are 192.168.0.0 - 192.168.255.255.
Source: The Linux Net-HOWTO.
Also ensure that you take a look at RFC 1918, which is THE reference for private address space.
You scored 0 out of 38 (0 %).
Thanks! for using the CISSP OSG test facility
Submit your own questions to improve the test!
Questions and comments can be sent to: cvezina@noos.fr