Читаем CISSP Practice полностью

Voice over Internet Protocol (VoIP) is incorrect because it is a technology that enables network managers to route phone calls and facsimile transmissions over the same network they use for data. Electronic signature is incorrect because it is an electronic sound, symbol, or process attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record. Firewalls are incorrect because a firewall is software whose purpose is to block access to computing resources.

226. Which of the following are more efficient and secure for use in wireless technologies?

a. Spread spectrum

b. Radio spectrum

c. Radio signals

d. Radio carriers

226. a. New digital communications systems such as time division multiple access (TDMA) or code division multiple access (CDMA) use spread spectrum much more efficiently than analog cellular and other traditional radio systems. The spread spectrum technology uses a wide band of frequencies to send radio signals. The other three choices are not relevant here.

227. Which of the following is inherently efficient and difficult to intercept in the use of wireless technologies?

a. Code division multiple access (CDMA)

b. Time division multiple access (TDMA)

c. Public-switched telephone network (PSTN)

d. Very small aperture terminal (VSAT)

227. a. Code division multiple access (CDMA) is more efficient and secure than time division multiple access (TDMA) because it uses spread spectrum technology more efficiently. Instead of assigning a time slot on a single channel, CDMA uses many different channels simultaneously. CDMA is also inherently more difficult to crack because the coding scheme changes with each conversation and is given only once at the beginning of the transmission.

228. Voice encryption in cell/mobile phones uses which of the following algorithms?

a. RSA

b. 3DES

c. IDEA

d. DES

228. a. Voice encryption schemes are based on Rivest, Shamir, and Adelman (RSA) algorithm to provide privacy protection over mobile or cellular phones. The main constraints with encryption are the slow speed of processing and the lag that occurs if signals take too long to pass through the system. The other three choices (i.e., 3DES, IDEA, and DES) are not used in voice encryption because they are used in transaction encryption.

229. Which of the following network connectivity devices require in-band and out-of-band management services such as administrative access to distributed local-area networks (LANs)?

a. Firewalls and gateways

b. Switches and routers

c. Sensors and bridges

d. Repeaters and modems

229. b. Switches and routers require in-band and out-of-band management services. In in-band management, a secure shell (SSH) session is established with the connectivity device (e.g., switches and routers) in a distributed local-area network (LAN). This method is fast and convenient but less secure due to use of Telnet, line sniffing, and interception of privileged passwords.

In out-of-band management, the communications device is accessed via a dial-up circuit with a modem, directly connected terminal device, or LANs dedicated to managing traffic. Whether in-band or out-of-band, network paths and sessions used to access the device should be protected. The other three choices do not require in-band and out-of-band management services such as administrative access because they have their own access methods.

230. For information system monitoring, which of the following anomaly within an information system is most risky?

a. Large file transfers

b. Unusual protocols and ports in use

c. Attempted communications with suspected external addresses

d. Long-time persistent connections

230. c. Anomalies at selected interior points within a system (e.g., subnets and subsystems) include large file transfers, unusual protocols and ports in use, long-time persistent connections, and attempted communications with suspected external addresses. Of these, the attempted communications with suspected (malicious) external addresses is most risky. The other three choices are less risky.

231. Which of the following are especially needed to provide a trustworthy cloud computing infrastructure?

1. ISO/IEC 27001 certification

2. AICPA/SAS 70 attestation

3. Security training