Page 1540 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1540
Chapter 12: Secure Communications and
Network Attacks
1. B. Frame Relay is a layer 2 connection mechanism that uses
packet-switching technology to establish virtual circuits between
the communication endpoints. The Frame Relay network is a
shared medium across which virtual circuits are created to provide
point-to-point communications. All virtual circuits are
independent of and invisible to each other.
2. D. A stand-alone system has no need for tunneling because no
communications between systems are occurring and no
intermediary network is present.
3. C. IPsec, or IP Security, is a standards-based mechanism for
providing encryption for point-to-point TCP/IP traffic.
4. B. The 169.254.x.x subnet is in the APIPA range, which is not part
of RFC 1918. The addresses in RFC 1918 are 10.0.0.0–
10.255.255.255, 172.16.0.0–172.31.255.255, and 192.168.0.0–
192.168.255.255.
5. D. An intermediary network connection is required for a VPN link
to be established.
6. B. Static mode NAT is needed to allow an outside entity to initiate
communications with an internal system behind a NAT proxy.
7. A, B, D. L2F, L2TP, and PPTP all lack native data encryption. Only
IPsec includes native data encryption.
8. D. IPsec operates at the Network layer (layer 3).
9. B. Voice over IP (VoIP) allows for phone conversations to occur
over an existing TCP/IP network and internet connection.
10. D. NAT does not protect against or prevent brute-force attacks.
11. B. When transparency is a characteristic of a service, security
control, or access mechanism it is unseen by users.
