Upload
jai-prakash-agarwal
View
217
Download
0
Embed Size (px)
Citation preview
8/14/2019 Isa Module Two
1/26
1. An organization is about to implement a computer network in a new office building. The company has
2000 users located in the same physical area. No external network connection will be required. Whichof the following network configurations would be the most expensive to install
a. BUS
b. Ringc. Star
d. Mesh
Most Appropriate Answer is (D) Mesh as it is the most expensive to install the mesh network
2. IN Wide Area Networks (WANs)
a. Data Flow must be half duplex
b. Communication lines must b dedicated
c. Circuit Structure can be operated only over a fixed distanced. The selection of communication lines will effect reliability
Most Appropriate Answer is (D) the selection of communication lines will effect reliability
Wide Area Network (WAN) is a computer network that covers a broad area (i.e., any network whose
communications links cross metropolitan, regional, or national boundaries [1]). Less formally, a WAN is a networkthat uses routers and public communications links [1]. Contrast with personal area networks (PANs), local area
networks (LANs), campus area networks (CANs), or metropolitan area networks (MANs) which are usuallylimited to a room, building, campus or specific metropolitan area (e.g., a city) respectively. The largest and most
well-known example of a WAN is the Internet.
WANs [a] are used to connect LANs and other types of networks together, so that users and computers in one
location can communicate with users and computers in other locations. Many WANs are built for one particular
organization and are private. Others, built by Internet service providers, provide connections from anorganization's LAN to the Internet. WANs are often built using leased lines. At each end of the leased line, arouter connects to the LAN on one side and a hub within the WAN on the other. Leased lines can be very
expensive. Instead of using leased lines, WANs can also be built using less costly circuit switching orpacket
switching methods. Network protocols includingTCP/IPdeliver transport and addressing functions. Protocols
including Packet over SONET/SDH, MPLS,ATM andFrame relayare often used by service providers to deliverthe links that are used in WANs. X.25 was an important early WAN protocol, and is often considered to be the
"grandfather" of Frame Relay as many of the underlying protocols and functions of X.25 are still in use today
(with upgrades) by Frame Relay.
Academic research into wide area networks can be broken down into three areas: Mathematical models, network
emulation and network simulation.
Performance improvements are sometimes delivered via WAFS or WAN optimization.
Several options are available for WAN connectivity: [2]
http://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Wide_Area_Network#cite_note-Groth-0#cite_note-Groth-0http://en.wikipedia.org/wiki/Communicationhttp://en.wikipedia.org/wiki/Link_(telecommunications)http://en.wikipedia.org/wiki/Link_(telecommunications)http://en.wikipedia.org/wiki/Wide_Area_Network#cite_note-Groth-0#cite_note-Groth-0http://en.wikipedia.org/wiki/Wide_Area_Network#cite_note-Groth-0#cite_note-Groth-0http://en.wikipedia.org/wiki/Personal_area_networkhttp://en.wikipedia.org/wiki/Personal_area_networkhttp://en.wikipedia.org/wiki/Local_area_networkhttp://en.wikipedia.org/wiki/Local_area_networkhttp://en.wikipedia.org/wiki/Campus_area_networkhttp://en.wikipedia.org/wiki/Metropolitan_area_networkhttp://en.wikipedia.org/wiki/Metropolitan_area_networkhttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Internet_service_providerhttp://en.wikipedia.org/wiki/Leased_linehttp://en.wikipedia.org/wiki/Routerhttp://en.wikipedia.org/wiki/Circuit_switchinghttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Communications_protocolhttp://en.wikipedia.org/wiki/Communications_protocolhttp://en.wikipedia.org/wiki/TCP/IPhttp://en.wikipedia.org/wiki/TCP/IPhttp://en.wikipedia.org/wiki/TCP/IPhttp://en.wikipedia.org/wiki/Packet_over_SONET/SDHhttp://en.wikipedia.org/wiki/Multiprotocol_Label_Switchinghttp://en.wikipedia.org/wiki/Multiprotocol_Label_Switchinghttp://en.wikipedia.org/wiki/Asynchronous_Transfer_Modehttp://en.wikipedia.org/wiki/Asynchronous_Transfer_Modehttp://en.wikipedia.org/wiki/Frame_relayhttp://en.wikipedia.org/wiki/Frame_relayhttp://en.wikipedia.org/wiki/Frame_relayhttp://en.wikipedia.org/wiki/X.25http://en.wikipedia.org/wiki/X.25http://en.wikipedia.org/wiki/Mathematical_modelhttp://en.wikipedia.org/wiki/Network_emulationhttp://en.wikipedia.org/wiki/Network_emulationhttp://en.wikipedia.org/wiki/Network_simulationhttp://en.wikipedia.org/wiki/Wide_area_file_serviceshttp://en.wikipedia.org/wiki/WAN_optimizationhttp://en.wikipedia.org/wiki/Wide_Area_Network#cite_note-1#cite_note-1http://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Wide_Area_Network#cite_note-Groth-0#cite_note-Groth-0http://en.wikipedia.org/wiki/Communicationhttp://en.wikipedia.org/wiki/Link_(telecommunications)http://en.wikipedia.org/wiki/Wide_Area_Network#cite_note-Groth-0#cite_note-Groth-0http://en.wikipedia.org/wiki/Personal_area_networkhttp://en.wikipedia.org/wiki/Local_area_networkhttp://en.wikipedia.org/wiki/Local_area_networkhttp://en.wikipedia.org/wiki/Campus_area_networkhttp://en.wikipedia.org/wiki/Metropolitan_area_networkhttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Internet_service_providerhttp://en.wikipedia.org/wiki/Leased_linehttp://en.wikipedia.org/wiki/Routerhttp://en.wikipedia.org/wiki/Circuit_switchinghttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Communications_protocolhttp://en.wikipedia.org/wiki/TCP/IPhttp://en.wikipedia.org/wiki/Packet_over_SONET/SDHhttp://en.wikipedia.org/wiki/Multiprotocol_Label_Switchinghttp://en.wikipedia.org/wiki/Asynchronous_Transfer_Modehttp://en.wikipedia.org/wiki/Frame_relayhttp://en.wikipedia.org/wiki/X.25http://en.wikipedia.org/wiki/X.25http://en.wikipedia.org/wiki/Mathematical_modelhttp://en.wikipedia.org/wiki/Network_emulationhttp://en.wikipedia.org/wiki/Network_emulationhttp://en.wikipedia.org/wiki/Network_simulationhttp://en.wikipedia.org/wiki/Wide_area_file_serviceshttp://en.wikipedia.org/wiki/WAN_optimizationhttp://en.wikipedia.org/wiki/Wide_Area_Network#cite_note-1#cite_note-18/14/2019 Isa Module Two
2/26
Option: Description Advantages DisadvantagesBandwidth
range
Sample
protocols
used
Leased
line
Point-to-Point connection between twocomputers or Local Area Networks
(LANs)
Most secure ExpensivePPP, HDLC,
SDLC,
HNAS
Circuit
switching
A dedicated circuit path is created
between end points. Best example isdialup connections
Less Expensive Call Setup28 kbit/s -
144 kbit/sPPP,ISDN
Packetswitching
Devices transport packets via a shared
single point-to-point or point-to-
multipoint link across a carrierinternetwork. Variable length packets
are transmitted over Permanent Virtual
Circuits (PVC) or Switched Virtual
Circuits (SVC)
Shared mediaacross link
X.25Frame-
Relay
Cell relay
Similar to packet switching, but uses
fixed length cells instead of variablelength packets. Data is divided into
fixed-length cells and then transported
across virtual circuits
best forsimultaneous use
of Voice anddata
Overheadcan be
considerableATM
Transmission rate usually range from 1200 bits/s to 6 Mbit/s, although some connections such as ATM andLeased lines can reach speeds greater than 156 Mbit/s. Typical communication links used in WANs are telephone
lines, microwave links & satellite channels.
Recently with the proliferation of low cost of Internet connectivity many companies and organizations have
turned to VPN to interconnect their networks, creating a WAN in that way. Companies such as Cisco, New Edge
Networks and Check Point offer solutions to create VPN networks.
3. An organization is considering installing a Local; Area Network (LAN) in a site under construction. If asystem availability is the main concern, which of the following is most Appropriate
a. Ring
b. Line
c. Star
d. Bus
Most Appropriate Answer is (C) STAR
http://en.wikipedia.org/wiki/Leased_linehttp://en.wikipedia.org/wiki/Leased_linehttp://en.wikipedia.org/wiki/Point-to-Point_Protocolhttp://en.wikipedia.org/wiki/HDLChttp://en.wikipedia.org/wiki/HDLChttp://en.wikipedia.org/wiki/Synchronous_Data_Link_Controlhttp://en.wikipedia.org/w/index.php?title=HNAS&action=edit&redlink=1http://en.wikipedia.org/wiki/Circuit_switchinghttp://en.wikipedia.org/wiki/Circuit_switchinghttp://en.wikipedia.org/wiki/Dialuphttp://en.wikipedia.org/wiki/Point-to-Point_Protocolhttp://en.wikipedia.org/wiki/ISDNhttp://en.wikipedia.org/wiki/ISDNhttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Permanent_virtual_circuithttp://en.wikipedia.org/wiki/Switched_virtual_circuithttp://en.wikipedia.org/wiki/X.25http://en.wikipedia.org/wiki/Frame-Relayhttp://en.wikipedia.org/wiki/Frame-Relayhttp://en.wikipedia.org/wiki/Cell_relayhttp://en.wikipedia.org/wiki/Overheadhttp://en.wikipedia.org/wiki/Overheadhttp://en.wikipedia.org/wiki/Asynchronous_Transfer_Modehttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/VPNhttp://en.wikipedia.org/wiki/Ciscohttp://en.wikipedia.org/wiki/Ciscohttp://en.wikipedia.org/wiki/Check_Pointhttp://en.wikipedia.org/wiki/Leased_linehttp://en.wikipedia.org/wiki/Leased_linehttp://en.wikipedia.org/wiki/Point-to-Point_Protocolhttp://en.wikipedia.org/wiki/HDLChttp://en.wikipedia.org/wiki/Synchronous_Data_Link_Controlhttp://en.wikipedia.org/w/index.php?title=HNAS&action=edit&redlink=1http://en.wikipedia.org/wiki/Circuit_switchinghttp://en.wikipedia.org/wiki/Circuit_switchinghttp://en.wikipedia.org/wiki/Dialuphttp://en.wikipedia.org/wiki/Point-to-Point_Protocolhttp://en.wikipedia.org/wiki/ISDNhttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Permanent_virtual_circuithttp://en.wikipedia.org/wiki/Switched_virtual_circuithttp://en.wikipedia.org/wiki/X.25http://en.wikipedia.org/wiki/Frame-Relayhttp://en.wikipedia.org/wiki/Frame-Relayhttp://en.wikipedia.org/wiki/Cell_relayhttp://en.wikipedia.org/wiki/Overheadhttp://en.wikipedia.org/wiki/Asynchronous_Transfer_Modehttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/VPNhttp://en.wikipedia.org/wiki/Ciscohttp://en.wikipedia.org/wiki/Check_Point8/14/2019 Isa Module Two
3/26
A ring or loop topology would enable messages to be rerouted should the network cabling be severed at any point
or a hardware element fail. With the correct settings in network hardware, the loss of any link would be
invisible to the users. In line and bus networks, which are essentially the same thing, terminals are connected to
a single cable. If this cable is severed, all terminals beyond the point of severance will be unavailable. A starnetwork clusters terminals around hubs, connected to the server by separate lines in the form of a star. If any
line is severed, all terminals in the cluster at the end of that line would be disconnected.
4. Which of the following is not an element of a LAN environment?
a. Packet Switching Technology
b. Baseband
c. Ring or short Bus topology
d. Public Circuit Switching Technology.
Most Appropriate Answer is (D) Public Circuit Switching Technology
5. Which of the following OSI layers communicates with the user Programs?
a. Physical
b. Applicationc. Presentation
d. Session
Most Appropriate Answer is ( B) Application Layers
8/14/2019 Isa Module Two
4/26
Open Systems Interconnection (OSI) model is a reference model developed by ISO (International Organization
for Standardization) in 1984, as a conceptual framework of standards for communication in the network across
different equipment and applications by different vendors. It is now considered the primary architectural model
for inter-computing and inter-networking communications. Most of the network communication protocols used
today have a structure based on the OSI model. The OSI model defines the communications process into 7
layers, dividing the tasks involved with moving information between networked computers into seven smaller,
more manageable task groups. A task or group of tasks is then assigned to each of the seven OSI layers. Each
layer is reasonably self-contained, so that the tasks assigned to each layer can be implemented independently.
This enables the solutions offered by one layer to be updated without adversely affecting the other layers.
The OSI 7 layers model has clear characteristics at each layer. Basically, layers 7 through 4 deals with end to
end communications between data source and destinations, while layers 3 to 1 deal with communications between
network devices. On the other hand, the seven layers of the OSI model can be divided into two groups: upper
layers (layers 7, 6 & 5) and lower layers (layers 4, 3, 2, 1). The upper layers of the OSI model deal with
application issues and generally are implemented only in software. The highest layer, the application layer, is
closest to the end user. The lower layers of the OSI model handle data transport issues. The physical layer and
the data link layer are implemented in hardware and software. The lowest layer, the physical layer, is closest to
the physical network medium (the wires, for example) and is responsible for placing data on the medium.
The specific description for each layer is as follows:
Layer 7: Application Layer
Defines interface-to-user processes for communication and data transfer in network
Provides standardized services such as virtual terminal, file and job transfer and operations
Layer 6: Presentation Layer
Masks the differences of data formats between dissimilar systems
Specifies architecture-independent data transfer format
Encodes and decodes data; encrypts and decrypts data; compresses and decompresses data
8/14/2019 Isa Module Two
5/26
Layer 5: Session Layer
Manages user sessions and dialogues
Controls establishment and termination of logic links between users
Reports upper layer errors
Layer 4: Transport Layer
Manages end-to-end message delivery in network
Provides reliable and sequential packet delivery through error recovery and flow control mechanisms
Provides connectionless oriented packet delivery
Layer 3: Network Layer
Determines how data are transferred between network devices
Routes packets according to unique network device addresses
Provides flow and congestion control to prevent network resource depletion
Layer 2: Data Link Layer
Defines procedures for operating the communication links
Frames packets
Detects and corrects packets transmit errors
Layer 1: Physical Layer
Defines physical means of sending data over network devices
Interfaces between network medium and devices
Defines optical, electrical and mechanical characteristics
Information being transferred from a software application in one computer to an application in another
proceeds through the OSI layers. For example, if a software application in computer A has information to pass
to a software application in computer B, the application program in computer A needs to pass the information to
the application layer (Layer 7) of computer A, which then passes the information to the presentation layer
(Layer 6), which relays the data to the session layer (Layer 5), and so on all the way down to the physical layer
8/14/2019 Isa Module Two
6/26
(Layer 1). At the physical layer, the data is placed on the physical network medium and is sent across the
medium to computer B. The physical layer of computer B receives the data from the physical medium, and then
its physical layer passes the information up to the data link layer (Layer 2), which relays it to the network layer
(Layer 3), and so on, until it reaches the application layer (Layer 7) of computer B. Finally, the application layer
of computer B passes the information to the recipient application program to complete the communication
process. The following diagram illustrated this process.
OSI Network Architecture 7 Layers Model - 1
The seven OSI layers use various forms of control information to communicate with their peer layers in other
computer systems. This control information consists of specific requests and instructions that are exchanged
between peer OSI layers. Headers and Trailers of data at each layer are the two basic forms to carry the
control information.
Headers are prepended to data that has been passed down from upper layers. Trailers are appended to data
that has been passed down from upper layers. An OSI layer is not required to attach a header or a trailer to
data from upper layers.
Each layer may add a Header and a Trailer to its Data, which consists of the upper layer's Header, Trailer and
Data as it proceeds through the layers. The Headers contain information that specifically addresses layer-to-
layer communication. Headers, trailers and data are relative concepts, depending on the layer that analyzes the
information unit. For example, the Transport Header (TH) contains information that only the Transport layer
sees. All other layers below the Transport layer pass the Transport Header as part of their Data. At the
network layer, an information unit consists of a Layer 3 header (NH) and data. At the data link layer, however,
all the information passed down by the network layer (the Layer 3 header and the data) is treated as data. In
8/14/2019 Isa Module Two
7/26
other words, the data portion of an information unit at a given OSI layer potentially can contain headers,
trailers, and data from all the higher layers. This is known as encapsulation.
OSI Network Architecture 7 Layers Model - 2
For example, if computer A has data from a software application to send to computer B, the data is passed to
the application layer. The application layer in computer A then communicates any control information required by
the application layer in computer B by prepending a header to the data. The resulting message unit, which
includes a header, the data and maybe a trailer, is passed to the presentation layer, which prepends its own
header containing control information intended for the presentation layer in computer B. The message unit
grows in size as each layer prepends its own header and trailer containing control information to be used by its
peer layer in computer B. At the physical layer, the entire information unit is transmitted through the network
medium.
The physical layer in computer B receives the information unit and passes it to the data link layer. The data link
layer in computer B then reads the control information contained in the header prepended by the data link layer
in computer A. The header and the trailer are then removed, and the remainder of the information unit is
passed to the network layer. Each layer performs the same actions: The layer reads the header and trailer from
its peer layer, strips it off, and passes the remaining information unit to the next higher layer. After the
application layer performs these actions, the data is passed to the recipient software application in computer B,
in exactly the form in which it was transmitted by the application in computer A.
8/14/2019 Isa Module Two
8/26
OSI Network Architecture 7 Layers Model - 3
One OSI layer communicates with another layer to make use of the services provided by the second layer. The
services provided by adjacent layers help a given OSI layer communicate with its peer layer in other computer
systems. A given layer in the OSI model generally communicates with three other OSI layers: the layer directly
above it, the layer directly below it and its peer layer in other networked computer systems. The data link layer
in computer A, for example, communicates with the network layer of computer A, the physical layer of computer
A and the data link layer in computer B. The following chart illustrates this example.
6. The advantages of a Ring topology is that
a. It is an easy to install
b. It is an easy to add or replace computers to the networkc. It minimizes network traffic congestion
d. It uses a number of high speed hubs and switchesMost Appropriate Answer is (C) It minimizes network traffic congestion
7. An agreement between two computer systems related to the methods of data transmission that is
picked and interpreted is called
a. Communication Channel
b. Communication Protocol
c. Synchronous mode of transmissiond. Asynchronous mode of transmission
Most Appropriate Answer is (B) Communication Protocol
A communications protocol is the set of standard rules for data representation, signaling, authentication and
error detection required to send information over a communications channel. An example of a simplecommunications protocol adapted to voice communication is the case of a radio dispatcher talking to mobile
stations. The communication protocols for digital computer network communication have many features intended
to ensure reliable interchange of data over an imperfect communication channel. Communication protocol is
basically following certain rules so that the system works p
http://www.answers.com/topic/communications-channelhttp://www.answers.com/topic/communications-channelhttp://www.answers.com/topic/radiohttp://www.answers.com/topic/communications-channelhttp://www.answers.com/topic/radio8/14/2019 Isa Module Two
9/26
8. A session can be defined as
a. A link between two network nodes
b. Series of transmission without any disconnection
c. A specific place in a system
d. Bi-directional data flow between two network nodes
Most Appropriate Answer is (B) Series of transmission without any disconnection
In computer science, in particular networking, a session is a semi-permanent interactive information exchange,
also known as a dialogue, a conversation or a meeting, between two or more communicating devices, or between a
computer and user (see Login session). A session is set up or established at a certain point in time, and torn
down at a later point in time. An established communication session may involve more than one message in eachdirection. A session is typically, but not always,stateful, meaning that at least one of the communicating parts
need to save information about the session history in order to be able to communicate, as opposed to statelesscommunication, where the communication consists of independent requests with responses.
Communication sessions may be implemented as part of protocols and services at the application layer, at the
session layer or at the transport layer in the OSI model.
Application layer examples:
o HTTP sessions, which may allow dynamic web pages, i.e. interactive web pages, as opposed to
static web pages.
o Atelnet remote login session
Session layer example:
o ASession Initiation Protocol(SIP) basedInternet phone call
Transport layer example:
o ATCP session, which is synonymous to a TCP virtual circuit, a TCPconnection, or an established
TCP socket.
In the case of transport protocols which do not implement a formal session layer (e.g., UDP) or wheresessions at the session layer are generally very short-lived (e.g., HTTP), sessions are maintained by a higher
level program using a method defined in the data being exchanged. For example, an HTTP exchange
between a browser and a remote host may include an HTTP cookiewhich identifies state, such as a unique
session ID, information about the user's preferences or authorization level.
9. Which of the following would typically be considered a LAN
a. 10 Computers in your office connected together and hooked up to a printer
b. A connection of one computer in Mumbai to another in Delhi
c. The city-wide connection between ATMs
d. The 3 stand alone PCs in your home
The Most appropriate answer is (A) 10 Computers in your office connected together and hooked up to a
printer.
10. Which network typically demands more knowledgeable users?
a. Server Based Networkb. Peer to Peer Network
c. Local Area Networkd. Wide Area Network
http://en.wikipedia.org/wiki/Computer_sciencehttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Login_sessionhttp://en.wikipedia.org/wiki/Statefulhttp://en.wikipedia.org/wiki/Statefulhttp://en.wikipedia.org/wiki/Statefulhttp://en.wikipedia.org/wiki/Stateless_serverhttp://en.wikipedia.org/wiki/Application_layerhttp://en.wikipedia.org/wiki/Session_layerhttp://en.wikipedia.org/wiki/Transport_layerhttp://en.wikipedia.org/wiki/OSI_modelhttp://en.wikipedia.org/wiki/OSI_modelhttp://en.wikipedia.org/wiki/HTTPhttp://en.wikipedia.org/wiki/Dynamic_web_pagehttp://en.wikipedia.org/wiki/Dynamic_web_pagehttp://en.wikipedia.org/wiki/Static_web_pagehttp://en.wikipedia.org/wiki/Telnethttp://en.wikipedia.org/wiki/Telnethttp://en.wikipedia.org/wiki/Session_layerhttp://en.wikipedia.org/wiki/Session_Initiation_Protocolhttp://en.wikipedia.org/wiki/Session_Initiation_Protocolhttp://en.wikipedia.org/wiki/Session_Initiation_Protocolhttp://en.wikipedia.org/wiki/Internet_phonehttp://en.wikipedia.org/wiki/Internet_phonehttp://en.wikipedia.org/wiki/Transmission_Control_Protocolhttp://en.wikipedia.org/wiki/Transmission_Control_Protocolhttp://en.wikipedia.org/wiki/Virtual_circuithttp://en.wikipedia.org/wiki/Connectivity_(computer_science)http://en.wikipedia.org/wiki/Connectivity_(computer_science)http://en.wikipedia.org/wiki/Sockethttp://en.wikipedia.org/wiki/User_Datagram_Protocolhttp://en.wikipedia.org/wiki/HTTPhttp://en.wikipedia.org/wiki/HTTP_cookiehttp://en.wikipedia.org/wiki/HTTP_cookiehttp://en.wikipedia.org/wiki/Session_IDhttp://en.wikipedia.org/wiki/Session_IDhttp://en.wikipedia.org/wiki/Computer_sciencehttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Login_sessionhttp://en.wikipedia.org/wiki/Statefulhttp://en.wikipedia.org/wiki/Stateless_serverhttp://en.wikipedia.org/wiki/Application_layerhttp://en.wikipedia.org/wiki/Session_layerhttp://en.wikipedia.org/wiki/Transport_layerhttp://en.wikipedia.org/wiki/OSI_modelhttp://en.wikipedia.org/wiki/HTTPhttp://en.wikipedia.org/wiki/Dynamic_web_pagehttp://en.wikipedia.org/wiki/Static_web_pagehttp://en.wikipedia.org/wiki/Telnethttp://en.wikipedia.org/wiki/Session_layerhttp://en.wikipedia.org/wiki/Session_Initiation_Protocolhttp://en.wikipedia.org/wiki/Internet_phonehttp://en.wikipedia.org/wiki/Transmission_Control_Protocolhttp://en.wikipedia.org/wiki/Virtual_circuithttp://en.wikipedia.org/wiki/Connectivity_(computer_science)http://en.wikipedia.org/wiki/Sockethttp://en.wikipedia.org/wiki/User_Datagram_Protocolhttp://en.wikipedia.org/wiki/HTTPhttp://en.wikipedia.org/wiki/HTTP_cookiehttp://en.wikipedia.org/wiki/Session_ID8/14/2019 Isa Module Two
10/26
The Most appropriate answer is (B) Peer to Peer Network
A Peer to Peer (or P2P) computer networkuses diverse connectivity between participants in a network and the
cumulativebandwidth of network participants rather than conventional centralized resources where a relatively
low number of servers provide the core value to a service or application. P2P networks are typically used for
connectingnodesvia largely ad hocconnections. Such networks are useful for many purposes. Sharing content
files (see file sharing) containing audio, video, data or anything in digital format is very common, and realtimedata, such as telephony traffic, is also passed using P2P technology.
A pure P2P network does not have the notion of clientsor servers but only equalpeernodes that simultaneously
function as both "clients" and "servers" to the other nodes on the network. This model of network arrangement
differs from the client-server model where communication is usually to and from a central server. A typicalexample of a file transfer that is not P2P is an FTP server where the client and server programs are quite
distinct, the clients initiate the download/uploads, and the servers react to and satisfy
P2P networks can be classified by what they can be used for:
file sharing
telephony
media streaming (audio, video) discussion forums
Other classification of P2P networks is according to their degree of centralization.
In 'pure' P2P networks:
Peers act as equals, merging the roles of clients and server
There is no central server managing the network
There is no central router
some examples of pure P2P application layer networks designed for file sharing are Gnutella and Freenet.
There also exist countless hybrid P2P systems:
11. All of the following are true relating to the use of Fiber optics Except
a. Data is minimized rapidly
b. Fiber optic cable is small and flexiblec. They are unaffected by electrical interference
d. They provide the highest level of signal attenuation
The Most appropriate answer is (D) they provide the highest level of signal attenuation (Decrease)
12. A major problem in networking is the slow rate of data transfer. Which of the following would help
counter this problem?
a. Data Formatting
b. Allocating adequate Bandwidthc. Centralized Control
d. All of the above
http://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Bandwidth_(computing)http://en.wikipedia.org/wiki/Bandwidth_(computing)http://en.wikipedia.org/wiki/Server_(computing)http://en.wikipedia.org/wiki/Node_(telecommunications)http://en.wikipedia.org/wiki/Node_(telecommunications)http://en.wikipedia.org/wiki/Node_(telecommunications)http://en.wiktionary.org/wiki/ad_hochttp://en.wikipedia.org/wiki/File_sharinghttp://en.wikipedia.org/wiki/Voice_over_IPhttp://en.wikipedia.org/wiki/Client_(Computing)http://en.wikipedia.org/wiki/Client_(Computing)http://en.wikipedia.org/wiki/Peer_group_(computer_networking)http://en.wikipedia.org/wiki/Peer_group_(computer_networking)http://en.wikipedia.org/wiki/Node_(networking)http://en.wikipedia.org/wiki/Client-serverhttp://en.wikipedia.org/wiki/Client-serverhttp://en.wikipedia.org/wiki/File_Transfer_Protocolhttp://en.wikipedia.org/wiki/Application_layerhttp://en.wikipedia.org/wiki/File_sharinghttp://en.wikipedia.org/wiki/Gnutellahttp://en.wikipedia.org/wiki/Freenethttp://en.wikipedia.org/wiki/Freenethttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Bandwidth_(computing)http://en.wikipedia.org/wiki/Server_(computing)http://en.wikipedia.org/wiki/Node_(telecommunications)http://en.wiktionary.org/wiki/ad_hochttp://en.wikipedia.org/wiki/File_sharinghttp://en.wikipedia.org/wiki/Voice_over_IPhttp://en.wikipedia.org/wiki/Client_(Computing)http://en.wikipedia.org/wiki/Peer_group_(computer_networking)http://en.wikipedia.org/wiki/Node_(networking)http://en.wikipedia.org/wiki/Client-serverhttp://en.wikipedia.org/wiki/File_Transfer_Protocolhttp://en.wikipedia.org/wiki/Application_layerhttp://en.wikipedia.org/wiki/File_sharinghttp://en.wikipedia.org/wiki/Gnutellahttp://en.wikipedia.org/wiki/Freenet8/14/2019 Isa Module Two
11/26
The Most appropriate answer is (D) All of the above
13. Which of the following can a LAN administrator use to protect against exposure to illegal or
unlicensed software usage by the network user?
a. Software Metering
b. Virus detection software
c. Software encryptiond. Software decryption
As per book the answer is B Virus detection software which seems wrong but as per question asked in
CISA the q and A is as below
Q). Which of the following can a local area network (LAN) administrator use to protect against exposure toillegal or unlicensed software usage by the network user?
A. Software metering
B. Virus detection software
C. Software encryptionD. Software inventory programs
Answer: LAN Administrators usually take the help of software inventory programsto monitor the usage of
unlicensed software in an organization. The other answers are incorrect.
14. which of the following devices connects two or more dissimilar computer system by interpreting and
translating the different protocols that are used
a. Router
b. Repeater
c. Gateway
d. FirewallThe most appropriate answer is A Router as it may connect two Similar or Dissimilar Computer by
interpreting and translating the different protocols that are used
15. The device primarily used to extend the network must have the ability to act as a storage and
forwarding device is
a. Router
b. Bridge
c. Repeaterd. Gateway
The most appropriate answer is C Repeater
16. Which of the following transmission media would not be affected by cross talk or interferencea. Fiber optic System
b. Twisted Pair Circuitsc. Microwave Radio System
d. Satellite radio-link systems
The most appropriate answer is A Fiber optic System
8/14/2019 Isa Module Two
12/26
Advantages of Fiber Optics
System Performance
Greatly increased bandwidth and capacity
Lower signal attenuation (loss)
Immunity to Electrical Noise
Immune to noise (electromagnetic interference [EMI] and radio-frequency interference [RFI] No crosstalk
Lower bit error rates
Signal Security
Difficult to tap
Nonconductive (does not radiate signals)Electrical Isolation
No common ground required
Freedom from short circuit and sparks
Size and Weight
Reduced size and weight cables
Environmental Protection
Resistant to radiation and corrosion Resistant to temperature variations
Improved ruggedness and flexibility
Less restrictive in harsh environments
Overall System Economy
Low per-channel cost
Lower installation cost
17. Which of the following media would be the most secure in a telecommunication network?
a. Dedicated Lines
b. Base land Networkc. Dial Up
d. Broad Land Network Digital Transmission
The most appropriate answer is A Dedicated Lines
A dedicated line is a telecommunications path between two points that is available 24 hours a day for use by adesignated user (individual or company). It is not shared in common among multiple users as dial-up lines are. A
dedicated line can be a physical path owned by the user or rented from a telephone company, in which case it is
called a leased line. A synonym is nonswitched line(as opposed to a switchedor dial-up line).
18. Which of the following transmission media is most resistant to a sniffing attack?
a. Optical Fiberb. Satellite Microwave
c. Twisted Pair Wire
d. Infrared
The most appropriate answer is A optic fiber
19. A hub is a device that connects
a. Two LAN using Different protocols
b. A LAN with a WAN
c. A LAN with a MAN
http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci211941,00.htmlhttp://searchunifiedcommunications.techtarget.com/sDefinition/0,,sid186_gci212470,00.htmlhttp://searchunifiedcommunications.techtarget.com/sDefinition/0,,sid186_gci212470,00.htmlhttp://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci211941,00.htmlhttp://searchunifiedcommunications.techtarget.com/sDefinition/0,,sid186_gci212470,00.html8/14/2019 Isa Module Two
13/26
d. Two segments of a single LAN
The most appropriate answer is D Two segments of a single LAN
20. Which type of a cable uses a BNC Connector
a. Twisted Pair
b. UTPc. STPd. Coaxial Cable
The most appropriate answer is D Coaxial Cable
BNC is a small device for connecting coaxial cables, used frequently in low-power, radio-frequency and test
applications. Abbreviation for bayonet Neil-Concelman connector.
21. An electronic device that combines data from several low speed communication lines into a high speed
line is calleda. Modem
b. Multiplexer
c. Channeld. Link Editor
The most appropriate answer is B Multiplexer
Multiplexors: combines two or more input signals from several devices into a single stream of high speed signals
22. It is essential to monitor telecommunication processes and ensure that data transmission is complete
and accurate. Which of the following automated processes/reports measure this?a. Turnaround time reports
b. Help desk response monitoring reports
c. Breakdowns/downtime reports
d. Online monitoring tools
The most appropriate answer is D Online Monitoring Report
The Turnaround Time (TAT) Report Spreadsheet contains a list of specimens received into the laboratory for aspecified date range and the time frame in which each was reported. Testing turnaround time is calculated using
a 24-hour clock from the time the specimen is received into the laboratory until the final laboratory result
report is released.Features:
Generated by client request
Report delivery via e-mail or fax (large testing volume may inhibit faxing of reports)
Client-defined single or multiple accounts or contracts
Client-defined report date range
Electronic spreadsheet e-mailed directly from LabCorps mainframe
8/14/2019 Isa Module Two
14/26
23. Which of the following functions cannot be performed using a communications network controls
terminal?
a. Resetting Queue lengths
b. Starting and terminating Line Processesc. Generating a control total for a point of sale device
d. Correcting a hardware error in a modem
The most appropriate answer is D correcting a hardware error in a modem
24. A service provided to businesses by telecommunication companies or long distance carriers thatprovides a permanent direct connections between geographical social separate local area network is
a. Point to point link
b. Message switching
c. Distributed networkd. Packet Switching
The most appropriate answer is A Point to point link
Point-to-point link: A dedicateddata link that connects only two stations
In telecommunications, message switching was the precursor ofpacket switching, where messages were routedin their entirety, one hop at a time. It was first introduced by Leonard Kleinrockin 1961. Message switching
systems are nowadays mostly implemented over packet-switched or circuit-switcheddata networks.
Hop-by-hop Telex forwarding and UUCP are examples of message switching systems. E-mail is another example
of a message switching system.
When this form of switching is used, no physical path is established in advance in between sender and receiver.
Instead, when the sender has a block of data to be sent, it is stored in the first switching office (i.e. router)then forwarded later at one hop at a time. Each block is received in its entity form, inspected for errors and
then forwarded or re-transmitted.
A form of store-and-forward network. Data is transmitted into the network and stored in a switch. The network
transfers the data from switch to switch when it is convenient to do so, as such the data is not transferred in
real-time. Blocking can not occur, however, long delays can happen. The source and destination terminal need not
be compatible, since conversions are done by the message switching networks.
A message switch is transactional. It can store data or change its format and bit rate, then convert the data
back to their original form or an entirely different form at the receive end. Message switching multiplexes datafrom different sources onto a common facility.
25. A transmission technique in which a complete message is sent to a concentration point for storage androuting to the destination point when a communication path is available is called
a. Circuit Switching
b. Message Switching
c. Packet switchingd. Junction switching
The most appropriate answer is B Message Switching
http://www.its.bldrdoc.gov/fs-1037/dir-010/_1428.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-010/_1428.htmhttp://en.wikipedia.org/wiki/Telecommunicationshttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Leonard_Kleinrockhttp://en.wikipedia.org/wiki/Leonard_Kleinrockhttp://en.wikipedia.org/wiki/Data_networkhttp://en.wikipedia.org/wiki/Data_networkhttp://en.wikipedia.org/wiki/Teleprinterhttp://en.wikipedia.org/wiki/UUCPhttp://en.wikipedia.org/wiki/E-mailhttp://en.wikipedia.org/wiki/Routerhttp://www.its.bldrdoc.gov/fs-1037/dir-010/_1428.htmhttp://en.wikipedia.org/wiki/Telecommunicationshttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Leonard_Kleinrockhttp://en.wikipedia.org/wiki/Data_networkhttp://en.wikipedia.org/wiki/Teleprinterhttp://en.wikipedia.org/wiki/UUCPhttp://en.wikipedia.org/wiki/E-mailhttp://en.wikipedia.org/wiki/Router8/14/2019 Isa Module Two
15/26
Message switching: A method of handling messagetraffic through a switching center, either from local users
or from other switching centers, whereby the message traffic is stored and forwarded through the system
Circuit switchingis defined as a mechanism applied in telecommunications (mainly in PSTN) whereby the user is
allocated the full use of the communication channel for the duration of the call.
That is if two parties wish to communicate, the calling party has to first dial the numbers of the called party.Once those numbers are dialed, the originating exchange will find a path to the terminating exchange, which will
in turn find the called party.
After the circuit or channel has been set up, then communication will take place, then once they are through the
channel will be cleared. This mechanism is referred to as being connection-oriented.
Advantages of Circuit Switching:
Once the circuit has been set up, communication is fast and without error.
It is highly reliable
Disadvantages:
Involves a lot of overhead, during channel set up.
Waists a lot of bandwidth, especial in speech whereby a user is sometimes listening, and not talking.
Channel set up may take longer.
To overcome the disadvantages of circuit switching, packet switching was introduced, and instead of dedicating
a channel to only two parties for the duration of the call it routes packets individually as they are available. This
mechanism is referred to as being connectionless.
Packet Switching
Packet switching is similar to message switching using short messages. Any message exceeding a network-
defined maximum length is broken up into shorter units, known as packets, for transmission; the packets, eachwith an associated header, are then transmitted individually through the network. The fundamental difference
in packet communication is that the data is formed into packets with a pre-defined header format (i.e. PCI), and
well-known "idle" patterns which are used to occupy the link when there is no data to be communicated.
A packet network equipment discards the "idle" patterns between packets and processes the entire packet as
one piece of data. The equipment examines the packet header information (PCI) and then either removes the
header (in an end system) or forwards the packet to another system. If the out-going link is not available, thenthe packet is placed in a queue until the link becomes free. A packet network is formed by links which connect
packet network equipment.
http://www.its.bldrdoc.gov/fs-1037/dir-022/_3280.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-022/_3280.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-037/_5524.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-035/_5215.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-035/_5215.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-036/_5255.htmhttp://www.erg.abdn.ac.uk/users/gorry/course/intro-pages/encapsulation.htmlhttp://www.its.bldrdoc.gov/fs-1037/dir-022/_3280.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-037/_5524.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-035/_5215.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-036/_5255.htmhttp://www.erg.abdn.ac.uk/users/gorry/course/intro-pages/encapsulation.html8/14/2019 Isa Module Two
16/26
Communication between A and D using circuits which are shared using packet switching.
Packet-switched communication between systems A and D
(The message in this case has been broken into three parts labeled 1-3)
There are two important benefits from packet switching.
1. The first and most important benefit is that since packets are short, the communication links between
the nodes are only allocated to transferring a single message for a short period of time whiletransmitting each packet. Longer messages require a series of packets to be sent, but do not require the
link to be dedicated between the transmission of each packet. The implication is that packets belonging
to other messages may be sent between the packets of the message being sent from A to D. This
provides a much fairer sharing of the resources of each of the links.2. Another benefit of packet switching is known as "pipelining". Pipelining is visible in the figure above. At
the time packet 1 is sent from B to C, packet 2 is sent from A to B; packet 1 is sent from C to D while
packet 2 is sent from B to C, and packet 3 is sent from A to B, and so forth. This simultaneous use of
communications links represents a gain in efficiency, the total delay for transmission across a packet
network may be considerably less than for message switching, despite the inclusion of a header in each
packet rather than in each message.26. All of the following are considered characteristics of N-Tier Computing architecture Except
a. Distributed Computing
b. Open Industry Standards
c. Thin Client Interfacesd. Monolithic Architecture
The most appropriate answer is D Monolithic architecture
27. Measuring utilization of all important network resources so that individual or group uses on network
can be regulated appropriately is called:a. Performance management
8/14/2019 Isa Module Two
17/26
b. Security Management
c. Accounting Management
d. Configuration Management
The most appropriate answer is C Accounting Management
28. Which of the following is most often used for collecting statistical and configuration information
about network devices such as computers, Hubs, Switches, Routers, etc.?
a. Simple Network management Protocolsb. Online Reports
c. Downtime Reports
d. Help Desk Reports
The most appropriate answer is A Simple Network management Protocols
29. Which of the following would typically be considered the fastest to restore?a. Normal Backup
b. Incremental Backupc. Differential
d. Copy Backup
The most appropriate answer is A Normal Backup
Planning a backup and restoration of files for disaster recovery.
Planning a backup and restoration of files is the most important step to protect data from accidental loss in the
event of data deletion or a hard disk failure. The backup copy can be used to restore lost or damaged data. For
taking backups and restoring files, Microsoft has provided a utility called Backup. The Backup utility creates a
copy of data on a hard disk of a computer and archives data on another storage media. Any storage media such
as removable disks, tapes, and logical drives can be used as a backup storage.
While taking a backup of files, the Backup utility creates a volume shadow copy of the data to create an
accurate copy of the contents. It includes any open files or files that are being used by the system. Users can
continue to access the system while the Backup utility is running without the risk of losing data.
Volume Shadow Copy
Backup provides a feature of taking a backup of files that are opened by a user or system. This feature is known
as volume shadow copy. Volume shadow copy makes a duplicate copy of all files at the start of the backup
process. In this way, files that have changed during the backup process are copied correctly. Due to this
feature, applications can continue writing data to the volume during a backup operation, and backups can be
scheduled at any time without locking out users.
Types of Backups
The Windows Backup utility provides various types of backups. While planning for a backup strategy, it is
important to choose an appropriate type or combination of different types of backups. The backup type
determines which files are transferred to the destination media.
8/14/2019 Isa Module Two
18/26
Each backup type relates to an attribute maintained by every file known as archive (A). The archive attribute is
set when a file is created or changed. When an archive attribute is set, it means that the backup of this file has
not been taken or it is due.
Note: When it is said that "The file is marked as backup", it means that the archive attribute of the file has
been cleared.
Normal Backups
When an administrator chooses to use a normal backup, all selected files and folders are backed up and the
archive attribute of all files are cleared. A normal backup does not use the archive attribute to determine which
files to back up. A normal backup is used as the first step of any backup plan. It is used with the combination of
other backup types for planning a backup strategy of an organization. Normal backups are the most time-
consuming and are resource hungry. Restoration from a normal backup is more efficient than other types of
backups.
Incremental Backups
An incremental backup backs up files that are created or changed since the last normal or incremental backup.
It takes the backup of files of which the archive attribute is set. After taking a backup, it clears the archive
attribute of files. An incremental backup is the fastest backup process. Restoring data from an incremental
backup requires the last normal backup and all subsequent incremental backups. Incremental backups must be
8/14/2019 Isa Module Two
19/26
restored in the same order as they were created.
Note: If any media in the incremental backup set is damaged or data becomes corrupt, the data backed up after
corruption cannot be restored.
Differential Backups
Differential backup backs up files that are created or changed since the last normal backup. It does not clear
the archive attribute of files after taking a backup. The restoration of files from a differential backup is more
efficient than an incremental backup.
Copy Backups
A copy backup copies all selected files and folders. It neither uses nor clears the archive attribute of the files.
It is generally not a part of a planned scheduled backup.
Daily Backups
A daily backup backs up all selected files and folders that have changed during the day. It backs up data by
using the modified date of the files. It neither uses nor clears the archive attribute of the files.
Combining backup types
The easiest backup plan is to take a normal backup every night. A normal backup every night ensures that the
data is restored from a single job the next day. Although the restoration of data from a normal backup is easy,
taking a backup is time consuming. Hence, an administrator is required to make an optimal backup plan. An
administrator must consider the following points before creating a backup plan:
The time involved in taking the backup.
The size of the backup job.
The time required to restore a system in the event of a system failure.
The most common solutions for the needs of different organizations include the combination of normal,
differential, and incremental backups.
Combination of Normal and Differential Backups
An administrator can use a combination of a normal backup and a differential backup to save time in taking a
backup as well as for a restoration of data. In this plan, a normal backup can be taken on Sunday, and
8/14/2019 Isa Module Two
20/26
differential backups can be taken on Monday through Friday every night. If data becomes corrupt at any time,
only a normal and last differential backup are required to be restored. Although this combination is easier and
takes lesser time for restoration, it takes more time to take backup if data changes frequently.
Combination of Normal and Incremental Backups
A combination of normal and incremental backups can be used to save more time for taking backups. In this plan,
a normal backup is taken on Sunday and incremental backups on Monday through Friday every night. If data
becomes corrupt at any time, normal and all incremental backups till date are required to be restored
30. All the following are phases in the establishment of a switched Virtual Circuit Except:a. Circuit Terminal
b. Data Transfer
c. Circuit Expansion
d. Circuit Establishment
The most appropriate answer is A Circuit Expansion
31. Which of the following translates e-mail formats from one network to another so that the message
can travel through all the networks?
a. Gatewaysb. Protocols Convertor
c. Front-end Communication Processor
d. Concentrator Multiplexer
The most appropriate answer is A Gateway
A gateway performs the job of translating e-mail formats from one network to another so messages can make
their way through all the networks. A protocol converter is a hardware device that converts between two
different types of transmissions, such as asynchronous and synchronous transmissions. A front-endcommunication processor connects all network communication lines to a central computer to relieve the central
computer from performing network control, format conversion and message handling tasks. A
concentrator/multiplexor is a device used for combining several lower-speed channels into a higher-speed
channel
32. An IS Auditor performing a telecommunication access control review would focus his/her attention
most on the
a. Maintenance of usage logs of various system resourcesb. Authorization and authentication of the user prior to granting access to system resources
c. Adequate protection of stored data on servers by encryption or other means
d. Accountability system and ability to proper identify any terminal accessing system resources
8/14/2019 Isa Module Two
21/26
The most appropriate answer is B Authorization and authentication of the user prior to granting access to
system resources
33. Which of the following controls would be Most Comprehensive in a remote access network with
multiple and diverse sub-systems?
a. Proxy Serverb. Firewall installation
c. Network administrator
d. Password implementation and administration
The most appropriate answer is D Password implementation and administration
The most comprehensive control in this situation is password implementation and administration. While firewall
installations are the primary line of defense, they cannot protect all access and, therefore, an element of risk
remains. A proxy server is a type of firewall installation and thus the same rules apply. The network
administrator may serve as a control, but typically this would not be comprehensive enough to serve on multipleand diverse systems.
34. A reasonably controlled practice in the distributed executable programs that execute in Background
of a web browser client, like Java applets and Active X controls is:a. Installation of a firewalls
b. Usage of a secure web connection
c. Acceptance of executable only from the established and trusted source
d. Hosting the website as a part of your organization.
The most appropriate answer is C Acceptance of executable only from the established and trusted source
35. When an organizations network is connected with an external net-work in an Intranet client-server
model not under the organizations controls, security becomes a concern. In providing adequate
security in this environment, which of the following assurance levels is Least importanta. Server and Client authenticationb. Data Integrity
c. Data Recovery
d. Data Confidentiality
The most appropriate answer is C Data Recovery
36. In a TCP/IP network, an IP addresses specifies a :
a. Network connection
b. Router/Gateway
c. Computer in the Networkd. Device in the network such as a gateways/router,host,server,etc
The most appropriate answer is A network Connection
An IP address specifies a network connection. An IP address encodes both a network and a host on that
network; it does not specify an individual computer, but a connection to a network. A router/gateway connectstwo networks and will have two IP addresses. Hence, an IP address cannot specify a router. A computer in the
network can be connected to other networks as well. It will then use many IP addresses. Such computers are
8/14/2019 Isa Module Two
22/26
called multi-homed hosts. Here again an IP address cannot refer to the computer. IP addresses do not refer to
individual devices on the network, but refer to the connections by which they are connected to the network
37. In internet architecture, a domain name service(DNS) is most important because it provides the :
a. Addresses of the domain server
b. Addresses of the naming clientc. Resolution of the name of the IP address on the internet
d. Domain name characteristics.
The most appropriate answer is C Resolution of the name of the IP address on the internet
The Domain Name System (DNS) provides the basis for converting the names of machines into IP addresses andback again and provides pointers to other resources such as mail handlers and system aliases. That definition is
perhaps the only thing simple about DNS in today's ever-changing Internet culture. DNS has grown beyond a
simple lookup service to become a major piece of Internet infrastructure-one that has gone well beyond its
original scope. The need to extend the capabilities of the Domain Name System combined with mass adoption ofthe Internet by business and industry has sparked controversy and debate. New forums are popping up to
address DNS-related issues, and discussions on newsgroups like the Internet Legal and Policy Forum (ILPF) andnewdom have become hot and often hostile. The technological, political, and legal issues surrounding DNS have
created confusion and anxiety for systems administrators and operators, users, and businesspeople attemptingto leverage the new technology.
38. In an Internet URL http;//www.infosys.com, what does the com signify?a. Identifies the protocols being usedb. Identifies that the site is on the Internet
c. It is an additional Information and is not needed
d. Identifies the purposes of the site. It stands for commercial
The most appropriate answer is D identifies the purposes of the site. It stands for commercial
39. In which of the following, Tags are placed within to accomplish document formatting, visual features
such as font size, italics and Bold and creation of links:
a. FTTP
b. HTTPc. Telnet
d. ActiveX
Producing hypertext for the Web is accomplished by creating documents with a language called HyperText
Markup Language, or HTML. With HTML, tags are placed within the text to accomplish document formatting,
8/14/2019 Isa Module Two
23/26
visual features such as font size, italics and bold, and the creation of hypertext links. Graphics and multimedia
may also be incorporated into an HTML document.
40. Which of the following allow users on the Internet to communicate with each other by typing text
mode in real timea. IM
b. RFC
c. FYId. FAQ
The most appropriate answer is (A) IM
Instant messaging (IM) is a form of real-time communication between two or more people based on typed text.The text is conveyed via devices connected over a network such as the Internet
Instant messaging (IM) and chat are technologies that create the possibility of real-time text-basedcommunication between two or more participants over the internet or some form of internal network/intranet.
It is important to understand that what separates chat and instant messaging from technologies such as e-mail
is the perceived synchronicity of the communication by the user - Chat happens in real-time before your eyes.Some systems allow the sending of messages to people not currently logged on (offline messages), thus removingmuch of the difference between Instant Messaging and e-mail.
While many services have additional features such as: the immediate receipt of acknowledgment or reply, groupchatting, conference services (including voice and video), conversation logging and file transfer, those functions
are beyond the scope of this article.
IM allows effective and efficient communication, featuring immediate receipt of acknowledgment or reply. In
certain cases Instant Messaging involves additional features, which make it even more popular, i.e. to see theother party, e.g. by usingweb-cams, or to talk directly for free over theInternet.
It is possible to save a conversation for later reference. Instant messages are typically logged in a localmessage history which closes the gap to the persistent nature of e-mails and facilitates quick exchange of
information like URLs or document snippets (which can be unwieldy when communicated via telephone).
41. A firewall access control list may filter access based on each of the following parameters except
a. Port
b. Service Type
c. Network Interface Card(NIC)d. Internet Protocol (IP) address
The most appropriate answer is (C) Network Interface Card (NIC)
42. Which of the following is not provided by a public key infrastructure (PKI)a. Access Controls
b. Network Reliability
c. Authentication
d. Non-Repudiation
http://en.wikipedia.org/wiki/Real-time_computinghttp://en.wikipedia.org/wiki/Peoplehttp://en.wikipedia.org/wiki/Written_languagehttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/E-mailhttp://en.wikipedia.org/wiki/File_transferhttp://en.wikipedia.org/wiki/Receipthttp://en.wikipedia.org/wiki/Web-camhttp://en.wikipedia.org/wiki/Web-camhttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Real-time_computinghttp://en.wikipedia.org/wiki/Peoplehttp://en.wikipedia.org/wiki/Written_languagehttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/E-mailhttp://en.wikipedia.org/wiki/File_transferhttp://en.wikipedia.org/wiki/Receipthttp://en.wikipedia.org/wiki/Web-camhttp://en.wikipedia.org/wiki/Internet8/14/2019 Isa Module Two
24/26
The most appropriate answer is B Network Reliability
43. Secure Socket Layer (SSL) protocol addresses the confidentiality of a message through:
a. Symmetric encryption
b. Message authentication codec. Hash function
d. Digital signatures certificates
SSL uses a symmetric key for message encryption. A message authentication code is used for ensuring data
integrity. Hash function is used for generating a message digest. It does not use public key encryption formessage encryption. Digital signature certificates are used by SSL for server authentication
The most appropriate answer is A Symmetric encryption
44. Electromagnetic emissions from a terminal represent an exposure because they:
a. Affect noise pollutionb. Disrupt processor function
c. Produces dangerous levels of electric currentd. Can be detected and displayed
The most appropriate answer is D Can be detected and displayed
Emissions can be detected by sophisticated equipment and displayed, thus giving access to data to unauthorized
persons. They should not cause disruption of CPUs or effect noise pollution
45. Which of the following would be an IS auditor consider a major risk of using single sign-on in a
networked environmenta. It enables access to multiple applicationsb. It represents a single point of failure
c. It causes an administrative bottleneck
d. It leads to a lockout of valid users
As per a web site Big4Guy.com
The answer is 'A'. The risk with using Single Sign Onis that it can result in access to all applications with a
single password. This can be potentially very harmful as far as security is concerned. Rest all the answers are
incorrect
While as per the book the most appropriate answer is B It represents a single point of failure
Single sign on is the term used to represent a system whereby users need only remember one username andpassword, and authenticated a can be provided for multiple services. Kerberos [1] is an example of a system
where users provide a password and receive a ticket in exchange. The ticket can be used to authenticate users
to different network services. Kerberos single sign on is possible because all of the services are under the same
administrative control. There is a centralized database containing keys that are shared with each service, andtickets can be issued, encrypted under the keys of the target services.
http://big4guy.com/index.php/2006/01/02/information_security_terms_single_sign_ohttp://big4guy.com/index.php/2006/01/02/information_security_terms_single_sign_o8/14/2019 Isa Module Two
25/26
46. all of the following are significant Internet exposures Except:
a. lost of Integrity
b. Denial of Service Attacks
c. Insufficient resources to improve and maintain integrity
d. Unauthorized access
The most appropriate answer is (C) Insufficient resources to improve and maintain integrity
47. A manufacturer has been purchasing material and supplies for its business through an E-Commerce
application. Which of the following should this manufacturer rely on to prove that the transactionswere actually made?
a. Reputation
b. Authentication
c. Encryptiond. Non-Repudiation
The most appropriate answer is (D) Non-Repudiation
Non- repudiation may ensure that a transaction is enforceable. It involves creating proof of the origin ordelivery of data to protect the sender against false denial by the recipient of the data's receipt, or vice versa.
Choice A is incorrect because the company's reputation would not, of itself, prove a deal was made via the
Internet. Choice B is not correct as authentication controls are necessary to establish the Identification of all
parties to a communication. Choice C is incorrect since encryption may protect the data transmitted over theInternet, but may not prove that the transactions were made
48. An IS Auditor who intends to use penetration testing during an audit of Internet Connection woulda. Evaluate configurationb. Examine security Setting
c. Ensure virus-scanning software in use
d. Use tools and techniques that are available to a hacker
The most appropriate answer is (D) Use tools and techniques that are available to a hacker
penetration test is a method of evaluating the security of a computer system or network by simulating an
attack by a malicious user, known as a Black HatHacker, or Cracker. The process involves an active analysis of
the system for any potential vulnerabilities that may result from poor or improper system configuration, knownand/or unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures.
This analysis is carried out from the position of a potential attacker, and can involve active exploitation of
security vulnerabilities. Any security issues that are found will be presented to the system owner together with
an assessment of their impact and often with a proposal for mitigation or a technical solution. The intent of apenetration test is to determine feasibility of an attack and the amount of business impact of a successful
exploit, if discovered. It is a component of a fullsecurity audit.
http://en.wikipedia.org/wiki/Computer_securityhttp://en.wikipedia.org/wiki/Computer_systemhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Hacker_(computing)#Black_Hat_Hackerhttp://en.wikipedia.org/wiki/Hacker_(computer_security)http://en.wikipedia.org/wiki/Hacker_(computer_security)http://en.wikipedia.org/wiki/Information_technology_security_audithttp://en.wikipedia.org/wiki/Information_technology_security_audithttp://en.wikipedia.org/wiki/Information_technology_security_audithttp://en.wikipedia.org/wiki/Computer_securityhttp://en.wikipedia.org/wiki/Computer_systemhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Hacker_(computing)#Black_Hat_Hackerhttp://en.wikipedia.org/wiki/Hacker_(computer_security)http://en.wikipedia.org/wiki/Information_technology_security_audit8/14/2019 Isa Module Two
26/26
49. A sequence of Bits appended to a digital document that is used to authenticate an e-mail sent through
the Internet is called a
a. Digest Signature
b. Encrypted Messagec. Digital Signature
d. Hash Signature
The most appropriate answer is: C Digital Signature
A digital signature through the private cryptographic key authenticates a transmission from a sender throughthe private cryptographic key. It is a string of bits that uniquely represent another string of bits, a digital
document. An electronic signature refers to the string of bits that digitally represents a handwritten signature
captured by a computer system when a human applies it on an electronic pen pad, connected to the system.
50. Which of the following provides the Greatest assurance in achieving message integrity and non-
repudiationa. The recipient uses the senders public Key, verified with a certificate authority, to decrypt the
message digest
b. The recipient uses his private key to decrypt the secret key
c. The encrypted message digest and the message are encrypted using a secret keyd. The encrypted message digest is derived mathematically from the message to be sent
The most appropriate answer is (D) The encrypted message digest is derived mathematically from the message
to be sent
Most encrypted transactions today use a combination of private keys, public keys, secret keys, hash functions
and digital certificates to achieve confidentiality, message integrity and non- repudiation by either sender or
recipient. The recipient uses the sender's public key to decrypt the pre-hash code into a post-hash code whichwhen equaling the pre-hash code verifies the identity of the sender and that the message has not been changed
in route and would provide the greatest assurance. Each sender and recipient has a private key, known only to
him/her and a public key, which can be known by anyone. Each encryption/decryption process requires at leastone public key and one private key and both must be from the same party. A single secret key is used to encrypt
the message, because secret key encryption requires less processing power than using public and private keys. Adigital certificate, signed by a certificate authority, validates senders' and recipients' public keys.