A tunneling attack is incorrect because it uses one data transfer method to carry data for another method. A salami attack is incorrect because it is an automated form of abuse using the Trojan horse method or secretly executing an unauthorized program that causes the unnoticed or immaterial debiting of small amounts of financial assets from a large number of sources or accounts. An asynchronous attack is incorrect because it takes advantage of the asynchronous functioning of a computer operating system. This may include a programmer (i) penetrating the job queue and modifying the data waiting to be processed or printed or (ii) disrupting the entire system by changing commands so that data is lost or programs crash.
334. Which of the following ISO/OSI layers provide both confidentiality and data integrity services?
a. Data link layer
b. Physical layer
c. Application layer
d. Presentation layer
The data link layer and physical layer are incorrect because they provide confidentiality service only, not data integrity. The data link layer provides a reliable transfer of data across physical links, error flow control, link-level encryption and decryption, and synchronization. It handles the physical transmission of frames over a single data link. The physical layer provides for the transmission of unstructured bit streams over the communications channel.
The presentation layer is incorrect because it provides authentication and confidentiality services but not data integrity and confidentiality. The presentation layer defines and transforms the format of data to make it useful to the receiving application.
335. Wireless local-area networks (WLANs) are connected to wired local-area networks (LANs) through the use of which of the following?
a. Repeaters
b. Bridges
c. Brouters
d. Routers
A repeater is incorrect because it simply extends the range of one LAN. It rebuilds all the signals it hears on one LAN segment and passes them on to the other. A router connects LANs of different hardware types. They examine network addresses for forwarding packets on to another LAN. A brouter is incorrect because it is a combination of bridge and router that operates without protocol restrictions, routes data using a protocol it supports, and bridges data it cannot route.
336. What is an effective security control over an intranet?
a. Callback
b. Static passwords
c. Firewalls
d. Dynamic passwords
A callback is incorrect because it is a security mechanism used mostly on mainframe and mid-range computers. The static passwords are incorrect because they are not changed often, and as such, they are ineffective security controls. The dynamic passwords are not correct because they change each time a user is logged on to the system and are most effective security controls. All the other three choices are incorrect because they are most widely used in a mainframe computer environment. They are not used for intranets.
337. Which of the following ISO/OSI layers provide confidentiality, authentication, and data integrity services?
a. Network layer
b. Presentation layer
c. Session layer
d. Physical layer
The presentation layer is incorrect because it provides authentication and confidentiality services but not data integrity. The presentation layer defines and transforms the format of data to make it useful to the receiving application.
