Which of the following is an IP address that is private (i.e. reserved for internal networks, and not a valid address to use on the Internet)?
Correct Answer: A
Section: Network and Telecommunications Explanation/Reference: This is a valid Class C reserved address. For Class C, the reserved addresses are 192.168.0.0 - 192.168.255.255. The private IP address ranges are defined within RFC 1918: RFC 1918 private ip address range The following answers are incorrect: 192.166.42.5 Is incorrect because it is not a Class C reserved address. 192.175.42.5 Is incorrect because it is not a Class C reserved address. 192.1.42.5 Is incorrect because it is not a Class C reserved address.
Question 763
Which of the following is an example of a connectionless communication protocol?
Correct Answer: A
Section: Network and Telecommunications Explanation/Reference: UDP is an example of connectionless communication protocol, wherein no connection needs to be established before data can be exchanged. In telecommunications, connectionless describes communication between two network end points in which a message can be sent from one end point to another without prior arrangement. The device at one end of the communication transmits data addressed to the other, without first ensuring that the recipient is available and ready to receive the data. Some protocols allow for error correction by requested retransmission. Internet Protocol (IP) and User Datagram Protocol (UDP) are connectionless protocols. Connectionless protocols are also described as stateless because the endpoints have no protocol-defined way to remember where they are in a "conversation" of message exchanges. List of connectionless protocols Hypertext Transfer Protocol IP UDP ICMP IPX TIPC NetBEUI References: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page 86). and https://secure.wikimedia.org/wikipedia/en/wiki/Connectionless_protocol
Question 764
Which type of firewall can be used to track connectionless protocols such as UDP and RPC?
Correct Answer: A
Packets in a stateful inspection firewall are queued and then analyzed at all OSI layers, providing a more complete inspection of the data. By examining the state and context of the incoming data packets, it helps to track the protocols that are considered "connectionless", such as UDP-based applications and Remote Procedure Calls (RPC). Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page 91).
Question 765
Which of the following rules appearing in an Internet firewall policy is inappropriate?
Correct Answer: B
Explanation/Reference: Unless approved by the Network Services manager, all in-bound services shall be intercepted and processed by the firewall. Allowing unrestricted services inbound and outbound is certainly NOT recommended and very dangerous. Pay close attention to the keyword: all All of the other choices presented are recommended practices for a firewall policy. Reference(s) used for this question: GUTTMAN, Barbara & BAGWILL, Robert, NIST Special Publication 800-xx, Internet Security Policy: A Technical Guide, Draft Version, May 25, 2000 (page 78).
Question 766
How should a doorway of a manned facility with automatic locks be configured?
Correct Answer: B
Explanation/Reference: Access controls are meant to protect facilities and computers as well as people. In some situations, the objectives of physical access controls and the protection of people's lives may come into conflict. In theses situations, a person's life always takes precedence. Many physical security controls make entry into and out of a facility hard, if not impossible. However, special consideration needs to be taken when this could affect lives. In an information processing facility, different types of locks can be used and piggybacking should be prevented, but the issue here with automatic locks is that they can either be configured as fail-safe or fail-secure. Since there should only be one access door to an information processing facility, the automatic lock to the only door to a man-operated room must be configured to allow people out in case of emergency, hence to be fail-safe (sometimes called fail-open), meaning that upon fire alarm activation or electric power failure, the locking device unlocks. This is because the solenoid that maintains power to the lock to keep it in a locked state fails and thus opens or unlocks the electronic lock. Fail Secure works just the other way. The lock device is in a locked or secure state with no power applied. Upon authorized entry, a solinoid unlocks the lock temporarily. Thus in a Fail Secure lock, loss of power of fire alarm activation causes the lock to remain in a secure mode. Reference(s) used for this question: Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 451). McGraw-Hill. Kindle Edition. and Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 20249-20251). Auerbach Publications. Kindle Edition.