telecommunications.docx
《telecommunications.docx》由会员分享,可在线阅读,更多相关《telecommunications.docx(14页珍藏版)》请在冰豆网上搜索。
telecommunications
TELECOMMUNICATIONS&NETWORKSECURITY
1.Whatnamewasgiventothedevicethatwasusedtogeneratethesoundsofcoinsdroppingintocoinboxestodefraudthetelephonecompany?
a.Bluebox
b.Redbox
c.Blackbox
d.Whitebox
Answer:
b
(Reference:
Horak,Ray,VoiceNetworkFraud,DataproInformationServices,Delran,NJ)
Bluebox-beforealldigitalswitchesmadeitpossibleforphonecompaniestomovethemoutoftheaudiblerange,onecouldheartheswitchingtonesusedtoroutelong-distancecalls.Earlyphreakersbuiltdevicescalledblueboxesthatcouldreproducethesetones,whichcouldbeusedtocommandeerportionsofthephonenetwork.Ablueboxgeneratesa2600-Hztone.
Redbox-simulatesmoneybeingputintoapayphone.Acombinationof1700Hz&2200Hz.Anickelis1beep,adimeis2beeps,andaquarteris5beeps.
Blackbox-adevicethatishookeduptoaphonethatfixesthephonesothatacallerisnotchargedforthecall-asiftheywerecallingan800number.
Whitebox-usedtochangeanormaltouchtonekeypadtoaportableunit.
2.OneofthesecurityissuesassociatedwiththeuseofInternetbasedfaxservicesis:
a.Faxisstoredinplaintextattheservice.
b.Group2faxdoesnotsupportencryption.
c.Theservicesverifyfaxcontent.
d.Faxtransmissionsareusuallyblockedbyafirewall.
Answer:
a
3.Whichoneofthefollowingcanbeusedtoverifythesourceofafaxtransmission?
a.CallerID
b.RingDifferentialDetector
c.IDbannerstampedoncoverpage
d.Callforwarding
Answer:
a
Reference:
BellcoreCNDTR_-TSY0000302230
BritishTelcomCIDStandardSIN227
EVETSI300
Note:
NewacronymCND=CallingNumberDelivery
Discussion:
Answera-correct-accuratereportofcallingnumber.
Answerb-wrong-thisisasignalingfunction.
Answerc-wrong-thiscanbeforged.
Answerd-wrong-doesn’tprovidesource.
4.Whyarelocalareanetworksmorevulnerabletodatacompromisethanmainframecomputers?
a.Transmissioncapacity
b.Storagecapacity
c.Multiplepointsofaccess
d.Removablemedia
Answer:
c.
5.Howshouldaccesstoalocalareanetworkbecontrolledforoutsidesupport?
a.Obtainthesignatureoftheuser.
b.Issueatemporarypassword.
c.Verifyuseremployment.
d.Requestuseridentification.
Answer:
b.
Reference:
SecurityData&VoiceCommunications;Simonds;McGraw-Hill;1996;pg104.
Outsidesupportreferstoremoteaccessfromavendor’ssiteforsystemmaintenance,etc.Therefore,a.&d.wouldn’tbepracticalunlessdigitalsignatures(certificates)areused.Thismaybeanoptioninthefuture,butnow,b.isthebest.Thethirdanswer,c.,isobviouslyincorrectbecausethequestionisaddressinganon-employeesituation.
6.Whydoesfiberopticcommunicationtechnologyhavesignificantsecurityadvantageoverothertransmissiontechnology?
a.Higherdataratescanbetransmitted.
b.Interceptionofdatatrafficismoredifficult.
c.Trafficanalysisispreventedbymultiplexing.
d.Singleanddouble-biterrorsarecorrectable.
Answer:
b.
Reference:
Voice&DataCommunicationsHandbook;pg631.
Discussion:
Answera-wrong-higherdataratesarenotasecurityadvantage.
Answerb-correct-fiberisresistanttotapping.
Answerc-wrong-multiplexingisnotalwaysusedwithfiber.
Answerd-wrong-errorcorrectingisnotassociatedwithatransmissionmedium,butwithaprotocol.
7.WhichofthefollowingtelecommunicationsmediaisMOSTresistanttotapping?
a.Twistedpair
b.Coaxial
c.Shieldedcoaxial
d.Fiberoptic
Answer:
d.
Reference:
Voice&DatacomHandbook;JRanade;McGraw=Hill;1998;pg878.
Discussion:
Answera-wrong-twistedpaircanbetappedusinginductiveordirectattackconnections.
Answerb-coaxialismoredifficulttotap,butthecablecanbeintrudedwithoutchangingtransmissioncharacteristics.
Answerc-wrong-shieldedcoaxialismoredifficulttotap,butcablecanbeintrudedwithoutchangingtransmissioncharacteristics.
Answerd-correct-fiberopticcan’tbetappedbyinductionorintrusionwithoutalteringtransmissioncharacteristics.
8.Whatisabasicsecurityproblemindistributedsystems?
a.Knowingwhototrust.
b.Knowingwhentoreconnect.
c.Knowinghowtonameresources.
d.Knowingtheorderoftransactions.
Answer:
a.
Reference:
SecureComputing;RitaSurrons;McGraw-Hill;1997;pg535-536.
Discussion:
Answera-correct
Answerb-wrong-reconnectwhat?
Indiscriminate.
Answerc-wrong-namingofresourcesmayfacilitatesecurityimplementationbutwouldalsoapplytomainframePIDs&LIDs.
Answerd-wrong-wouldapplytobothLAN&Mainframe.
9.Whichnetworktopologypassesalltrafficthroughallactivenodes?
a.Broadband
b.HubandSpoke
c.Baseband
d.TokenRing
Answer:
d.
Reference:
Voice&DataCommHandbook;1997;JRanada;McGraw-Hill;pg541.
Broadband-adata-transmissiontechniquethatallowsmultiplesignalstosharethebandwidthofatransmissionmedia.CableTVisabroadbandtransmissioninthatsignalsformultipleTVstationsarecarriedoverseparatechannels.
Hub&Spoke-astartopologywhereallsignalsgothroughthehubbutnottoallnodes.
Baseband-adata-transmissiontechniquethatusestheentirebandwidthofamedia,withoutmodulatingadigitalsignal.Ethernet,TokenRing,&Arcnetusebasebandtransmission.
TokenRing-anetworkarchitecturethatpassesanelectroniccharactercalledatokenamongnodesconnectedinacircular,closed-loopcablingsystem.
10.Layer4oftheOSIstackisknownas
a.thedatalinklayer
b.thetransportlayer
c.thenetworklayer
d.thepresentationlayer
Answer:
b.
Reference:
Voice&DataCommunicationsHandbook;1997;JRanade;McGraw-Hill;pg335.
Thedatalinklayerislayer2.
Thetransportlayerislayer4.
Thenetworklayerislayer3.
Thepresentationlayerislayer6.
11.AnothernameforaVPNisa
a.tunnel
b.one-timepassword
c.pipeline
d.bypass
Answer:
a.
Discussion:
Answera-correct-bydefinition,aVPNprovidesasecuretunnelfromonesitetoanotheroveraninsecureenvironmentsuchastheInternet.
Answerb-wrong-hasnothingtodowithvirtualnetworking.
Answerc-wrong-named-pipeisUNIXinternalmessagingprotocol.
Answerd-wrong-streamisUNIXinternalmessagingprotocol.
12.Whichofthefollowingprotocolsiscommonlyusedtoverifydial-upconnectionsbetweenhosts?
a.Unix-to-UnixCommunicationProtocol(UUCP)
b.ChallengeHandshakeAuthenticationProtocol(CHAP)
c.Point-to-PointTunnelingProtocol(PPTP)
d.SimpleKeymanagementforInternetProtocol(SKIP)
Answer:
b.
Reference:
Simmons,Fred;NetworkSecurity-DataandVoiceCommunications;McGraw-Hill;1997;pg157.
SecureComputing;RitaSummers;McGraw-_Hill;1997;pg529.
UUCP-anapplicationthatallowsoneUnixtimesharingsystemtocopyfilestoorfromanotherUnixtimesharingsystemoverasingleconnection.UUCPprovidesthebasisformanyUnix-basedelectronicmailapplications.
CHAP-usesstrongauthenticationtoprovideautomatedidentification&authenticationofaremoteentity.
PPTP-createstunnelsfortransportingmultiprotocoltrafficovertheInternet.
SKIP-enablesaTCP/IPhosttosendanencryptedIPpackettoanotherhostwithoutrequiringapriormessageexchangetosetupasecurechannel.
13.Whichmethodisoftenusedtoreducetherisktoalocalareanetworkthathasexternalconnections?
a.Passwords
b.Firewall
c.Dial-up
d.Fiberoptics
Answer:
b.
Reference:
InternetSecurity;ProfessionalReference;NewRiders;Varnors;1996;pg197.
Discussion:
Answera-wrong-passwordsareusedforauthentication.
Answerb-correct-firewallsprovidearesistancetoattacksfromtheoutside-noneoftheothersdo.
Answerc-wrong-dial-updoesnotprovideprotection,onlyprovidesremoteaccessthatcanbespoofed.
Answerd-wrong-fiberopticsisatransportmechanism&doesn’tprovideprotection.
14.WhichoneofthefollowingTCP/IPprotocolsusesa“connected”session?
a.TCP
b.ICMP
c.UDP
d.IP
Answer:
a.
(Reference:
Simmons,Fred,NetworkSecurity-DataandVoiceCommunications,1996,McGrawHill,pg218-219andSocolofskiandKale,IETFRFC1180,January1991,pg24)
TCP-TransmissionControlProtocol
ICMP-InternetControlMessageProtocol
UDP-UserDatagramProtocol
IP-InternetProtocol
15.IPSEC(IPSecurity),S-HTTP(Secure-HTTP)andSSL(SecureSocketLayer)areexamplesof
a.SecureMulti-purposeInternetMailExtensions(S/MIME).
b.SecureInternetprotocols.
c.Intranettransactionprotocols.
d.Applicationprotocolinterfaces.
Answer:
b.
Reference:
HISM‘99;Krause/Tipton;Auerbach;1998;pg387.
Discussion:
Answera-wrong-S/MIMEisalsoasecureInternetprotocol.
Answerb-correct-allareusedontheInternettosecuretransmissions.
Answerc-wrong-IPSECisnottransactionrelated;itwillworkwithbothconnection&connectionless.
Answerd-wrong-interfaces(i.e.,API)aretheconnectionpointsintoaprotocol.Theitemsmentionedarefullprotocols.
16.WhichofthefollowingisthePRIMARYobjectiveofafirewall?
a.Protectonenetworkfromanother.
b.PreventIPtrafficfromgoingoutofthenetwork.
c.BlockSNAtraffic.
d.Monitornetworktraffic.
Answer:
a.
Reference:
HISM99;Krause/Tipton;Auerbach;1998;pg96-103.
Discussion:
Answera-correct.
Answerb-wrong-afirewallmaypreventsomeIPtrafficbutifitpreventedalltraffic,itwouldservethesamepurposeasdisconnecting.
Answerc-wrong-SNAtrafficistospecifictobetheprimarypurpose.
Answerd-wrong-thisisasecondaryresultofprocessingdatafortheprotectednetwork.
17.WhichofthefollowingproxiesdoesNOTexamineservicecommands(e.g.F
升级会员 