CISSP Practice полностью

28. d. In denial-of-service (DoS) attacks, some users prevent other legitimate users from using the network. Signal grounding, which is located in wiring closets, can be used to disable a network. This can prevent users from transmitting or receiving messages until the problem is fixed. Signal grounding is the least common in occurrence as compared to other choices because it requires physical access.

Service overloading occurs when floods of network requests are made to a server daemon on a single computer. It cannot process regular tasks in a timely manner.

Message flooding occurs when a user slows down the processing of a system on the network, to prevent the system from processing its normal workload, by “flooding” the machine with network messages addressed to it. The system spends most of its time responding to these messages.

Connection clogging occurs when users make connection requests with forged source addresses that specify nonexistent or unreachable hosts that cannot be contacted. Thus, there is no way to trace the connection back; they remain until they time out or reset. The goal is to use up the limit of partially open connections.

29. Smurf is an example of which of the following?

a. IP address spoofing attack

b. Denial-of-service attack

c. Redirect attack

d. TCP sequence number attack

29. b. Smurf attacks use a network that accepts broadcast ping packets to flood the target computer with ping reply packets. The goal of a smurf attack is to deny service.

Internet Protocol (IP) address spoofing attack and transmission control protocol (TCP) sequence number attack are examples of session hijacking attacks. The IP address spoofing is falsifying the identity of a computer system. In a redirect attack, a hacker redirects the TCP stream through the hacker’s computer. The TCP sequence number attack is a prediction of the sequence number needed to carry out an unauthorized handshake.

30. The demand for reliable computing is increasing. Reliable computing has which of the following desired elements in computer systems?

a. Data integrity and availability

b. Data security and privacy

c. Confidentiality and modularity

d. Portability and feasibility

30. a. Data integrity and availability are two important elements of reliable computing. Data integrity is the concept of ensuring that data can be maintained in an unimpaired condition and is not subject to unauthorized modification, whether intentional or inadvertent. Products such as backup software, antivirus software, and disk repair utility programs help protect data integrity in personal computers (PCs) and workstations. Availability is the property that a given resource will be usable during a given time period. PCs and servers are becoming an integral part of complex networks with thousands of hardware and software components (for example, hubs, routers, bridges, databases, and directory services) and the complex nature of client/server networks drives the demand for availability. System availability is increased when system downtime or outages are decreased and when fault tolerance hardware and software are used.

Data security, privacy, and confidentiality are incorrect because they deal with ensuring that data is disclosed only to authorized individuals and have nothing to do with reliable computing. Modularity deals with the breaking down of a large system into small modules. Portability deals with the ability of application software source code and data to be transported without significant modification to more than one type of computer platform or more than one type of operating system. Portability has nothing to do with reliable computing. Feasibility deals with the degree to which the requirements can be implemented under existing constraints.

31. Which of the following is not a part of implementation of incident response support resources in an organization?

a. Help desk

b. Assistance group

c. Forensics services

d. Simulated events

31. d. An organization incorporates simulated events into incident response training to facilitate effective response by individuals in crisis situations. The other three choices are possible implementations of incident response support resources in an organization.

32. Software flaw remediation is best when it is incorporated into which of the following?

a. Configuration management process

b. Security assessments

c. Continuous monitoring

d. Incident response activities