Session layer is incorrect because it does not provide any security-related services. It establishes, manages, and terminates connections between applications and provides checkpoint recovery services. It helps users interact with the system and other users.
The physical layer is incorrect because it provides confidentiality service only. The physical layer provides for the transmission of unstructured bit streams over the communications channel. It is the innermost software that handles the electrical interface between a terminal and a modem.
338. Which of the following ISO/OSI layers provide nonrepudiation services?
a. Presentation layer
b. Application layer
c. Transport layer
d. Data link layer
The presentation layer is incorrect because it provides authentication and confidentiality services but not nonrepudiation. The presentation layer defines and transforms the format of data to make it useful to the receiving application. It provides a common means of representing a data structure in transit from one end system to another.
The transport layer is incorrect because it provides confidentiality, authentication, data integrity, and access control services but not nonrepudiation. It ensures an error-free, in-sequence exchange of data between end points. It is responsible for transmitting a message between one network user and another.
The data link layer is incorrect because it provides confidentiality service but not nonrepudiation. The data link layer provides a reliable transfer of data across physical links, an error flow control, a link-level encryption and decryption, and synchronization. It handles the physical transmission of frames over a single data link.
Scenario-Based Questions, Answers, and Explanations
Use the following information to answer questions 1 through 7.
The RKG Company is reviewing its virtual private network (VPN) strategy. Its current vendor has a proprietary encryption protocol in place based on the Data Encryption Standard (DES). The one main office has a 1.5Mb connection to the Internet. It has 200 remote users on a variety of operating systems platforms. The primary uses for the remote users are order entry, timesheet reporting, and online meetings. The company has 1,000 clients that connect to the intranet for a custom order entry solution. Clients use the HTTPS protocol and a fixed password per account. They are willing to replace the current solution if a cost-effective alternative is available. The RKG priorities are security of remote connections and client connectivity.
1. Which of the following is used to implement end-to-end VPNs?
a. PPP
b. SSH
c. PPTP
d. SKIP
2. Which of the following supersedes the point-to-point tunneling protocols (PPTP) used in VPNs?
a. L2TP
b. L2F
c. IPsec
d. PPP
3. Which of the following is used for high-speed remote access with VPNs?
a. Calling cards with ISDN
b. Cable modems with ADSL
c. Modem pools with ADSL
d. Toll-free lines with ISDN
4. The Internet Protocol security (IPsec) is usually implemented in which of the following?
a. Bridge
b. Gateway
c. Firewall
d. Backbone
