isa module two

8/14/2019 Isa Module Two

1/26

1. An organization is about to implement a computer network in a new office building. The company has

2000 users located in the same physical area. No external network connection will be required. Whichof the following network configurations would be the most expensive to install

a. BUS

b. Ringc. Star

d. Mesh

Most Appropriate Answer is (D) Mesh as it is the most expensive to install the mesh network

2. IN Wide Area Networks (WANs)

a. Data Flow must be half duplex

b. Communication lines must b dedicated

c. Circuit Structure can be operated only over a fixed distanced. The selection of communication lines will effect reliability

Most Appropriate Answer is (D) the selection of communication lines will effect reliability

Wide Area Network (WAN) is a computer network that covers a broad area (i.e., any network whose

communications links cross metropolitan, regional, or national boundaries [1]). Less formally, a WAN is a networkthat uses routers and public communications links [1]. Contrast with personal area networks (PANs), local area

networks (LANs), campus area networks (CANs), or metropolitan area networks (MANs) which are usuallylimited to a room, building, campus or specific metropolitan area (e.g., a city) respectively. The largest and most

well-known example of a WAN is the Internet.

WANs [a] are used to connect LANs and other types of networks together, so that users and computers in one

location can communicate with users and computers in other locations. Many WANs are built for one particular

organization and are private. Others, built by Internet service providers, provide connections from anorganization's LAN to the Internet. WANs are often built using leased lines. At each end of the leased line, arouter connects to the LAN on one side and a hub within the WAN on the other. Leased lines can be very

expensive. Instead of using leased lines, WANs can also be built using less costly circuit switching orpacket

switching methods. Network protocols includingTCP/IPdeliver transport and addressing functions. Protocols

including Packet over SONET/SDH, MPLS,ATM andFrame relayare often used by service providers to deliverthe links that are used in WANs. X.25 was an important early WAN protocol, and is often considered to be the

"grandfather" of Frame Relay as many of the underlying protocols and functions of X.25 are still in use today

(with upgrades) by Frame Relay.

Academic research into wide area networks can be broken down into three areas: Mathematical models, network

emulation and network simulation.

Performance improvements are sometimes delivered via WAFS or WAN optimization.

Several options are available for WAN connectivity: [2]
http://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Wide_Area_Network#cite_note-Groth-0#cite_note-Groth-0http://en.wikipedia.org/wiki/Communicationhttp://en.wikipedia.org/wiki/Link_(telecommunications)http://en.wikipedia.org/wiki/Link_(telecommunications)http://en.wikipedia.org/wiki/Wide_Area_Network#cite_note-Groth-0#cite_note-Groth-0http://en.wikipedia.org/wiki/Wide_Area_Network#cite_note-Groth-0#cite_note-Groth-0http://en.wikipedia.org/wiki/Personal_area_networkhttp://en.wikipedia.org/wiki/Personal_area_networkhttp://en.wikipedia.org/wiki/Local_area_networkhttp://en.wikipedia.org/wiki/Local_area_networkhttp://en.wikipedia.org/wiki/Campus_area_networkhttp://en.wikipedia.org/wiki/Metropolitan_area_networkhttp://en.wikipedia.org/wiki/Metropolitan_area_networkhttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Internet_service_providerhttp://en.wikipedia.org/wiki/Leased_linehttp://en.wikipedia.org/wiki/Routerhttp://en.wikipedia.org/wiki/Circuit_switchinghttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Communications_protocolhttp://en.wikipedia.org/wiki/Communications_protocolhttp://en.wikipedia.org/wiki/TCP/IPhttp://en.wikipedia.org/wiki/TCP/IPhttp://en.wikipedia.org/wiki/TCP/IPhttp://en.wikipedia.org/wiki/Packet_over_SONET/SDHhttp://en.wikipedia.org/wiki/Multiprotocol_Label_Switchinghttp://en.wikipedia.org/wiki/Multiprotocol_Label_Switchinghttp://en.wikipedia.org/wiki/Asynchronous_Transfer_Modehttp://en.wikipedia.org/wiki/Asynchronous_Transfer_Modehttp://en.wikipedia.org/wiki/Frame_relayhttp://en.wikipedia.org/wiki/Frame_relayhttp://en.wikipedia.org/wiki/Frame_relayhttp://en.wikipedia.org/wiki/X.25http://en.wikipedia.org/wiki/X.25http://en.wikipedia.org/wiki/Mathematical_modelhttp://en.wikipedia.org/wiki/Network_emulationhttp://en.wikipedia.org/wiki/Network_emulationhttp://en.wikipedia.org/wiki/Network_simulationhttp://en.wikipedia.org/wiki/Wide_area_file_serviceshttp://en.wikipedia.org/wiki/WAN_optimizationhttp://en.wikipedia.org/wiki/Wide_Area_Network#cite_note-1#cite_note-1http://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Wide_Area_Network#cite_note-Groth-0#cite_note-Groth-0http://en.wikipedia.org/wiki/Communicationhttp://en.wikipedia.org/wiki/Link_(telecommunications)http://en.wikipedia.org/wiki/Wide_Area_Network#cite_note-Groth-0#cite_note-Groth-0http://en.wikipedia.org/wiki/Personal_area_networkhttp://en.wikipedia.org/wiki/Local_area_networkhttp://en.wikipedia.org/wiki/Local_area_networkhttp://en.wikipedia.org/wiki/Campus_area_networkhttp://en.wikipedia.org/wiki/Metropolitan_area_networkhttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Internet_service_providerhttp://en.wikipedia.org/wiki/Leased_linehttp://en.wikipedia.org/wiki/Routerhttp://en.wikipedia.org/wiki/Circuit_switchinghttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Communications_protocolhttp://en.wikipedia.org/wiki/TCP/IPhttp://en.wikipedia.org/wiki/Packet_over_SONET/SDHhttp://en.wikipedia.org/wiki/Multiprotocol_Label_Switchinghttp://en.wikipedia.org/wiki/Asynchronous_Transfer_Modehttp://en.wikipedia.org/wiki/Frame_relayhttp://en.wikipedia.org/wiki/X.25http://en.wikipedia.org/wiki/X.25http://en.wikipedia.org/wiki/Mathematical_modelhttp://en.wikipedia.org/wiki/Network_emulationhttp://en.wikipedia.org/wiki/Network_emulationhttp://en.wikipedia.org/wiki/Network_simulationhttp://en.wikipedia.org/wiki/Wide_area_file_serviceshttp://en.wikipedia.org/wiki/WAN_optimizationhttp://en.wikipedia.org/wiki/Wide_Area_Network#cite_note-1#cite_note-1


2/26

Option: Description Advantages DisadvantagesBandwidth

range

Sample

protocols

used

Leased

line

Point-to-Point connection between twocomputers or Local Area Networks

(LANs)

Most secure ExpensivePPP, HDLC,

SDLC,

HNAS

Circuit

switching

A dedicated circuit path is created

between end points. Best example isdialup connections

Less Expensive Call Setup28 kbit/s -

144 kbit/sPPP,ISDN

Packetswitching

Devices transport packets via a shared

single point-to-point or point-to-

multipoint link across a carrierinternetwork. Variable length packets

are transmitted over Permanent Virtual

Circuits (PVC) or Switched Virtual

Circuits (SVC)

Shared mediaacross link

X.25Frame-

Relay

Cell relay

Similar to packet switching, but uses

fixed length cells instead of variablelength packets. Data is divided into

fixed-length cells and then transported

across virtual circuits

best forsimultaneous use

of Voice anddata

Overheadcan be

considerableATM

Transmission rate usually range from 1200 bits/s to 6 Mbit/s, although some connections such as ATM andLeased lines can reach speeds greater than 156 Mbit/s. Typical communication links used in WANs are telephone

lines, microwave links & satellite channels.

Recently with the proliferation of low cost of Internet connectivity many companies and organizations have

turned to VPN to interconnect their networks, creating a WAN in that way. Companies such as Cisco, New Edge

Networks and Check Point offer solutions to create VPN networks.

3. An organization is considering installing a Local; Area Network (LAN) in a site under construction. If asystem availability is the main concern, which of the following is most Appropriate

a. Ring

b. Line

c. Star

d. Bus

Most Appropriate Answer is (C) STAR
http://en.wikipedia.org/wiki/Leased_linehttp://en.wikipedia.org/wiki/Leased_linehttp://en.wikipedia.org/wiki/Point-to-Point_Protocolhttp://en.wikipedia.org/wiki/HDLChttp://en.wikipedia.org/wiki/HDLChttp://en.wikipedia.org/wiki/Synchronous_Data_Link_Controlhttp://en.wikipedia.org/w/index.php?title=HNAS&action=edit&redlink=1http://en.wikipedia.org/wiki/Circuit_switchinghttp://en.wikipedia.org/wiki/Circuit_switchinghttp://en.wikipedia.org/wiki/Dialuphttp://en.wikipedia.org/wiki/Point-to-Point_Protocolhttp://en.wikipedia.org/wiki/ISDNhttp://en.wikipedia.org/wiki/ISDNhttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Permanent_virtual_circuithttp://en.wikipedia.org/wiki/Switched_virtual_circuithttp://en.wikipedia.org/wiki/X.25http://en.wikipedia.org/wiki/Frame-Relayhttp://en.wikipedia.org/wiki/Frame-Relayhttp://en.wikipedia.org/wiki/Cell_relayhttp://en.wikipedia.org/wiki/Overheadhttp://en.wikipedia.org/wiki/Overheadhttp://en.wikipedia.org/wiki/Asynchronous_Transfer_Modehttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/VPNhttp://en.wikipedia.org/wiki/Ciscohttp://en.wikipedia.org/wiki/Ciscohttp://en.wikipedia.org/wiki/Check_Pointhttp://en.wikipedia.org/wiki/Leased_linehttp://en.wikipedia.org/wiki/Leased_linehttp://en.wikipedia.org/wiki/Point-to-Point_Protocolhttp://en.wikipedia.org/wiki/HDLChttp://en.wikipedia.org/wiki/Synchronous_Data_Link_Controlhttp://en.wikipedia.org/w/index.php?title=HNAS&action=edit&redlink=1http://en.wikipedia.org/wiki/Circuit_switchinghttp://en.wikipedia.org/wiki/Circuit_switchinghttp://en.wikipedia.org/wiki/Dialuphttp://en.wikipedia.org/wiki/Point-to-Point_Protocolhttp://en.wikipedia.org/wiki/ISDNhttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Permanent_virtual_circuithttp://en.wikipedia.org/wiki/Switched_virtual_circuithttp://en.wikipedia.org/wiki/X.25http://en.wikipedia.org/wiki/Frame-Relayhttp://en.wikipedia.org/wiki/Frame-Relayhttp://en.wikipedia.org/wiki/Cell_relayhttp://en.wikipedia.org/wiki/Overheadhttp://en.wikipedia.org/wiki/Asynchronous_Transfer_Modehttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/VPNhttp://en.wikipedia.org/wiki/Ciscohttp://en.wikipedia.org/wiki/Check_Point


3/26

A ring or loop topology would enable messages to be rerouted should the network cabling be severed at any point

or a hardware element fail. With the correct settings in network hardware, the loss of any link would be

invisible to the users. In line and bus networks, which are essentially the same thing, terminals are connected to

a single cable. If this cable is severed, all terminals beyond the point of severance will be unavailable. A starnetwork clusters terminals around hubs, connected to the server by separate lines in the form of a star. If any

line is severed, all terminals in the cluster at the end of that line would be disconnected.

4. Which of the following is not an element of a LAN environment?

a. Packet Switching Technology

b. Baseband

c. Ring or short Bus topology

d. Public Circuit Switching Technology.

Most Appropriate Answer is (D) Public Circuit Switching Technology

5. Which of the following OSI layers communicates with the user Programs?

a. Physical

b. Applicationc. Presentation

d. Session

Most Appropriate Answer is ( B) Application Layers


4/26

Open Systems Interconnection (OSI) model is a reference model developed by ISO (International Organization

for Standardization) in 1984, as a conceptual framework of standards for communication in the network across

different equipment and applications by different vendors. It is now considered the primary architectural model

for inter-computing and inter-networking communications. Most of the network communication protocols used

today have a structure based on the OSI model. The OSI model defines the communications process into 7

layers, dividing the tasks involved with moving information between networked computers into seven smaller,

more manageable task groups. A task or group of tasks is then assigned to each of the seven OSI layers. Each

layer is reasonably self-contained, so that the tasks assigned to each layer can be implemented independently.

This enables the solutions offered by one layer to be updated without adversely affecting the other layers.

The OSI 7 layers model has clear characteristics at each layer. Basically, layers 7 through 4 deals with end to

end communications between data source and destinations, while layers 3 to 1 deal with communications between

network devices. On the other hand, the seven layers of the OSI model can be divided into two groups: upper

layers (layers 7, 6 & 5) and lower layers (layers 4, 3, 2, 1). The upper layers of the OSI model deal with

application issues and generally are implemented only in software. The highest layer, the application layer, is

closest to the end user. The lower layers of the OSI model handle data transport issues. The physical layer and

the data link layer are implemented in hardware and software. The lowest layer, the physical layer, is closest to

the physical network medium (the wires, for example) and is responsible for placing data on the medium.

The specific description for each layer is as follows:

Layer 7: Application Layer

Defines interface-to-user processes for communication and data transfer in network

Provides standardized services such as virtual terminal, file and job transfer and operations

Layer 6: Presentation Layer

Masks the differences of data formats between dissimilar systems

Specifies architecture-independent data transfer format

Encodes and decodes data; encrypts and decrypts data; compresses and decompresses data


5/26

Layer 5: Session Layer

Manages user sessions and dialogues

Controls establishment and termination of logic links between users

Reports upper layer errors

Layer 4: Transport Layer

Manages end-to-end message delivery in network

Provides reliable and sequential packet delivery through error recovery and flow control mechanisms

Provides connectionless oriented packet delivery

Layer 3: Network Layer

Determines how data are transferred between network devices

Routes packets according to unique network device addresses

Provides flow and congestion control to prevent network resource depletion

Layer 2: Data Link Layer

Defines procedures for operating the communication links

Frames packets

Detects and corrects packets transmit errors

Layer 1: Physical Layer

Defines physical means of sending data over network devices

Interfaces between network medium and devices

Defines optical, electrical and mechanical characteristics

Information being transferred from a software application in one computer to an application in another

proceeds through the OSI layers. For example, if a software application in computer A has information to pass

to a software application in computer B, the application program in computer A needs to pass the information to

the application layer (Layer 7) of computer A, which then passes the information to the presentation layer

(Layer 6), which relays the data to the session layer (Layer 5), and so on all the way down to the physical layer


6/26

(Layer 1). At the physical layer, the data is placed on the physical network medium and is sent across the

medium to computer B. The physical layer of computer B receives the data from the physical medium, and then

its physical layer passes the information up to the data link layer (Layer 2), which relays it to the network layer

(Layer 3), and so on, until it reaches the application layer (Layer 7) of computer B. Finally, the application layer

of computer B passes the information to the recipient application program to complete the communication

process. The following diagram illustrated this process.

OSI Network Architecture 7 Layers Model - 1

The seven OSI layers use various forms of control information to communicate with their peer layers in other

computer systems. This control information consists of specific requests and instructions that are exchanged

between peer OSI layers. Headers and Trailers of data at each layer are the two basic forms to carry the

control information.

Headers are prepended to data that has been passed down from upper layers. Trailers are appended to data

that has been passed down from upper layers. An OSI layer is not required to attach a header or a trailer to

data from upper layers.

Each layer may add a Header and a Trailer to its Data, which consists of the upper layer's Header, Trailer and

Data as it proceeds through the layers. The Headers contain information that specifically addresses layer-to-

layer communication. Headers, trailers and data are relative concepts, depending on the layer that analyzes the

information unit. For example, the Transport Header (TH) contains information that only the Transport layer

sees. All other layers below the Transport layer pass the Transport Header as part of their Data. At the

network layer, an information unit consists of a Layer 3 header (NH) and data. At the data link layer, however,

all the information passed down by the network layer (the Layer 3 header and the data) is treated as data. In


7/26

other words, the data portion of an information unit at a given OSI layer potentially can contain headers,

trailers, and data from all the higher layers. This is known as encapsulation.


For example, if computer A has data from a software application to send to computer B, the data is passed to

the application layer. The application layer in computer A then communicates any control information required by

the application layer in computer B by prepending a header to the data. The resulting message unit, which

includes a header, the data and maybe a trailer, is passed to the presentation layer, which prepends its own

header containing control information intended for the presentation layer in computer B. The message unit

grows in size as each layer prepends its own header and trailer containing control information to be used by its

peer layer in computer B. At the physical layer, the entire information unit is transmitted through the network

medium.

The physical layer in computer B receives the information unit and passes it to the data link layer. The data link

layer in computer B then reads the control information contained in the header prepended by the data link layer

in computer A. The header and the trailer are then removed, and the remainder of the information unit is

passed to the network layer. Each layer performs the same actions: The layer reads the header and trailer from

its peer layer, strips it off, and passes the remaining information unit to the next higher layer. After the

application layer performs these actions, the data is passed to the recipient software application in computer B,

in exactly the form in which it was transmitted by the application in computer A.


8/26


One OSI layer communicates with another layer to make use of the services provided by the second layer. The

services provided by adjacent layers help a given OSI layer communicate with its peer layer in other computer

systems. A given layer in the OSI model generally communicates with three other OSI layers: the layer directly

above it, the layer directly below it and its peer layer in other networked computer systems. The data link layer

in computer A, for example, communicates with the network layer of computer A, the physical layer of computer

A and the data link layer in computer B. The following chart illustrates this example.

6. The advantages of a Ring topology is that

a. It is an easy to install

b. It is an easy to add or replace computers to the networkc. It minimizes network traffic congestion

d. It uses a number of high speed hubs and switchesMost Appropriate Answer is (C) It minimizes network traffic congestion

7. An agreement between two computer systems related to the methods of data transmission that is

picked and interpreted is called

a. Communication Channel

b. Communication Protocol

c. Synchronous mode of transmissiond. Asynchronous mode of transmission

Most Appropriate Answer is (B) Communication Protocol

A communications protocol is the set of standard rules for data representation, signaling, authentication and

error detection required to send information over a communications channel. An example of a simplecommunications protocol adapted to voice communication is the case of a radio dispatcher talking to mobile

stations. The communication protocols for digital computer network communication have many features intended

to ensure reliable interchange of data over an imperfect communication channel. Communication protocol is

basically following certain rules so that the system works p
http://www.answers.com/topic/communications-channelhttp://www.answers.com/topic/communications-channelhttp://www.answers.com/topic/radiohttp://www.answers.com/topic/communications-channelhttp://www.answers.com/topic/radio


9/26

8. A session can be defined as

a. A link between two network nodes

b. Series of transmission without any disconnection

c. A specific place in a system

d. Bi-directional data flow between two network nodes

Most Appropriate Answer is (B) Series of transmission without any disconnection

In computer science, in particular networking, a session is a semi-permanent interactive information exchange,

also known as a dialogue, a conversation or a meeting, between two or more communicating devices, or between a

computer and user (see Login session). A session is set up or established at a certain point in time, and torn

down at a later point in time. An established communication session may involve more than one message in eachdirection. A session is typically, but not always,stateful, meaning that at least one of the communicating parts

need to save information about the session history in order to be able to communicate, as opposed to statelesscommunication, where the communication consists of independent requests with responses.

Communication sessions may be implemented as part of protocols and services at the application layer, at the

session layer or at the transport layer in the OSI model.

Application layer examples:

o HTTP sessions, which may allow dynamic web pages, i.e. interactive web pages, as opposed to

static web pages.

o Atelnet remote login session

Session layer example:

o ASession Initiation Protocol(SIP) basedInternet phone call

Transport layer example:

o ATCP session, which is synonymous to a TCP virtual circuit, a TCPconnection, or an established

TCP socket.

In the case of transport protocols which do not implement a formal session layer (e.g., UDP) or wheresessions at the session layer are generally very short-lived (e.g., HTTP), sessions are maintained by a higher

level program using a method defined in the data being exchanged. For example, an HTTP exchange

between a browser and a remote host may include an HTTP cookiewhich identifies state, such as a unique

session ID, information about the user's preferences or authorization level.

9. Which of the following would typically be considered a LAN

a. 10 Computers in your office connected together and hooked up to a printer

b. A connection of one computer in Mumbai to another in Delhi

c. The city-wide connection between ATMs

d. The 3 stand alone PCs in your home

The Most appropriate answer is (A) 10 Computers in your office connected together and hooked up to a

printer.

10. Which network typically demands more knowledgeable users?

a. Server Based Networkb. Peer to Peer Network

c. Local Area Networkd. Wide Area Network
http://en.wikipedia.org/wiki/Computer_sciencehttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Login_sessionhttp://en.wikipedia.org/wiki/Statefulhttp://en.wikipedia.org/wiki/Statefulhttp://en.wikipedia.org/wiki/Statefulhttp://en.wikipedia.org/wiki/Stateless_serverhttp://en.wikipedia.org/wiki/Application_layerhttp://en.wikipedia.org/wiki/Session_layerhttp://en.wikipedia.org/wiki/Transport_layerhttp://en.wikipedia.org/wiki/OSI_modelhttp://en.wikipedia.org/wiki/OSI_modelhttp://en.wikipedia.org/wiki/HTTPhttp://en.wikipedia.org/wiki/Dynamic_web_pagehttp://en.wikipedia.org/wiki/Dynamic_web_pagehttp://en.wikipedia.org/wiki/Static_web_pagehttp://en.wikipedia.org/wiki/Telnethttp://en.wikipedia.org/wiki/Telnethttp://en.wikipedia.org/wiki/Session_layerhttp://en.wikipedia.org/wiki/Session_Initiation_Protocolhttp://en.wikipedia.org/wiki/Session_Initiation_Protocolhttp://en.wikipedia.org/wiki/Session_Initiation_Protocolhttp://en.wikipedia.org/wiki/Internet_phonehttp://en.wikipedia.org/wiki/Internet_phonehttp://en.wikipedia.org/wiki/Transmission_Control_Protocolhttp://en.wikipedia.org/wiki/Transmission_Control_Protocolhttp://en.wikipedia.org/wiki/Virtual_circuithttp://en.wikipedia.org/wiki/Connectivity_(computer_science)http://en.wikipedia.org/wiki/Connectivity_(computer_science)http://en.wikipedia.org/wiki/Sockethttp://en.wikipedia.org/wiki/User_Datagram_Protocolhttp://en.wikipedia.org/wiki/HTTPhttp://en.wikipedia.org/wiki/HTTP_cookiehttp://en.wikipedia.org/wiki/HTTP_cookiehttp://en.wikipedia.org/wiki/Session_IDhttp://en.wikipedia.org/wiki/Session_IDhttp://en.wikipedia.org/wiki/Computer_sciencehttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Login_sessionhttp://en.wikipedia.org/wiki/Statefulhttp://en.wikipedia.org/wiki/Stateless_serverhttp://en.wikipedia.org/wiki/Application_layerhttp://en.wikipedia.org/wiki/Session_layerhttp://en.wikipedia.org/wiki/Transport_layerhttp://en.wikipedia.org/wiki/OSI_modelhttp://en.wikipedia.org/wiki/HTTPhttp://en.wikipedia.org/wiki/Dynamic_web_pagehttp://en.wikipedia.org/wiki/Static_web_pagehttp://en.wikipedia.org/wiki/Telnethttp://en.wikipedia.org/wiki/Session_layerhttp://en.wikipedia.org/wiki/Session_Initiation_Protocolhttp://en.wikipedia.org/wiki/Internet_phonehttp://en.wikipedia.org/wiki/Transmission_Control_Protocolhttp://en.wikipedia.org/wiki/Virtual_circuithttp://en.wikipedia.org/wiki/Connectivity_(computer_science)http://en.wikipedia.org/wiki/Sockethttp://en.wikipedia.org/wiki/User_Datagram_Protocolhttp://en.wikipedia.org/wiki/HTTPhttp://en.wikipedia.org/wiki/HTTP_cookiehttp://en.wikipedia.org/wiki/Session_ID


10/26

The Most appropriate answer is (B) Peer to Peer Network

A Peer to Peer (or P2P) computer networkuses diverse connectivity between participants in a network and the

cumulativebandwidth of network participants rather than conventional centralized resources where a relatively

low number of servers provide the core value to a service or application. P2P networks are typically used for

connectingnodesvia largely ad hocconnections. Such networks are useful for many purposes. Sharing content

files (see file sharing) containing audio, video, data or anything in digital format is very common, and realtimedata, such as telephony traffic, is also passed using P2P technology.

A pure P2P network does not have the notion of clientsor servers but only equalpeernodes that simultaneously

function as both "clients" and "servers" to the other nodes on the network. This model of network arrangement

differs from the client-server model where communication is usually to and from a central server. A typicalexample of a file transfer that is not P2P is an FTP server where the client and server programs are quite

distinct, the clients initiate the download/uploads, and the servers react to and satisfy

P2P networks can be classified by what they can be used for:

file sharing

telephony

media streaming (audio, video) discussion forums

Other classification of P2P networks is according to their degree of centralization.

In 'pure' P2P networks:

Peers act as equals, merging the roles of clients and server

There is no central server managing the network

There is no central router

some examples of pure P2P application layer networks designed for file sharing are Gnutella and Freenet.

There also exist countless hybrid P2P systems:

11. All of the following are true relating to the use of Fiber optics Except

a. Data is minimized rapidly

b. Fiber optic cable is small and flexiblec. They are unaffected by electrical interference

d. They provide the highest level of signal attenuation

The Most appropriate answer is (D) they provide the highest level of signal attenuation (Decrease)

12. A major problem in networking is the slow rate of data transfer. Which of the following would help

counter this problem?

a. Data Formatting

b. Allocating adequate Bandwidthc. Centralized Control

d. All of the above
http://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Bandwidth_(computing)http://en.wikipedia.org/wiki/Bandwidth_(computing)http://en.wikipedia.org/wiki/Server_(computing)http://en.wikipedia.org/wiki/Node_(telecommunications)http://en.wikipedia.org/wiki/Node_(telecommunications)http://en.wikipedia.org/wiki/Node_(telecommunications)http://en.wiktionary.org/wiki/ad_hochttp://en.wikipedia.org/wiki/File_sharinghttp://en.wikipedia.org/wiki/Voice_over_IPhttp://en.wikipedia.org/wiki/Client_(Computing)http://en.wikipedia.org/wiki/Client_(Computing)http://en.wikipedia.org/wiki/Peer_group_(computer_networking)http://en.wikipedia.org/wiki/Peer_group_(computer_networking)http://en.wikipedia.org/wiki/Node_(networking)http://en.wikipedia.org/wiki/Client-serverhttp://en.wikipedia.org/wiki/Client-serverhttp://en.wikipedia.org/wiki/File_Transfer_Protocolhttp://en.wikipedia.org/wiki/Application_layerhttp://en.wikipedia.org/wiki/File_sharinghttp://en.wikipedia.org/wiki/Gnutellahttp://en.wikipedia.org/wiki/Freenethttp://en.wikipedia.org/wiki/Freenethttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Bandwidth_(computing)http://en.wikipedia.org/wiki/Server_(computing)http://en.wikipedia.org/wiki/Node_(telecommunications)http://en.wiktionary.org/wiki/ad_hochttp://en.wikipedia.org/wiki/File_sharinghttp://en.wikipedia.org/wiki/Voice_over_IPhttp://en.wikipedia.org/wiki/Client_(Computing)http://en.wikipedia.org/wiki/Peer_group_(computer_networking)http://en.wikipedia.org/wiki/Node_(networking)http://en.wikipedia.org/wiki/Client-serverhttp://en.wikipedia.org/wiki/File_Transfer_Protocolhttp://en.wikipedia.org/wiki/Application_layerhttp://en.wikipedia.org/wiki/File_sharinghttp://en.wikipedia.org/wiki/Gnutellahttp://en.wikipedia.org/wiki/Freenet


11/26

The Most appropriate answer is (D) All of the above

13. Which of the following can a LAN administrator use to protect against exposure to illegal or

unlicensed software usage by the network user?

a. Software Metering

b. Virus detection software

c. Software encryptiond. Software decryption

As per book the answer is B Virus detection software which seems wrong but as per question asked in

CISA the q and A is as below

Q). Which of the following can a local area network (LAN) administrator use to protect against exposure toillegal or unlicensed software usage by the network user?

A. Software metering

B. Virus detection software

C. Software encryptionD. Software inventory programs

Answer: LAN Administrators usually take the help of software inventory programsto monitor the usage of

unlicensed software in an organization. The other answers are incorrect.

14. which of the following devices connects two or more dissimilar computer system by interpreting and

translating the different protocols that are used

a. Router

b. Repeater

c. Gateway

d. FirewallThe most appropriate answer is A Router as it may connect two Similar or Dissimilar Computer by

interpreting and translating the different protocols that are used

15. The device primarily used to extend the network must have the ability to act as a storage and

forwarding device is

a. Router

b. Bridge

c. Repeaterd. Gateway

The most appropriate answer is C Repeater

16. Which of the following transmission media would not be affected by cross talk or interferencea. Fiber optic System

b. Twisted Pair Circuitsc. Microwave Radio System

d. Satellite radio-link systems

The most appropriate answer is A Fiber optic System


12/26

Advantages of Fiber Optics

System Performance

Greatly increased bandwidth and capacity

Lower signal attenuation (loss)

Immunity to Electrical Noise

Immune to noise (electromagnetic interference [EMI] and radio-frequency interference [RFI] No crosstalk

Lower bit error rates

Signal Security

Difficult to tap

Nonconductive (does not radiate signals)Electrical Isolation

No common ground required

Freedom from short circuit and sparks

Size and Weight

Reduced size and weight cables

Environmental Protection

Resistant to radiation and corrosion Resistant to temperature variations

Improved ruggedness and flexibility

Less restrictive in harsh environments

Overall System Economy

Low per-channel cost

Lower installation cost

17. Which of the following media would be the most secure in a telecommunication network?

a. Dedicated Lines

b. Base land Networkc. Dial Up

d. Broad Land Network Digital Transmission

The most appropriate answer is A Dedicated Lines

A dedicated line is a telecommunications path between two points that is available 24 hours a day for use by adesignated user (individual or company). It is not shared in common among multiple users as dial-up lines are. A

dedicated line can be a physical path owned by the user or rented from a telephone company, in which case it is

called a leased line. A synonym is nonswitched line(as opposed to a switchedor dial-up line).

18. Which of the following transmission media is most resistant to a sniffing attack?

a. Optical Fiberb. Satellite Microwave

c. Twisted Pair Wire

d. Infrared

The most appropriate answer is A optic fiber

19. A hub is a device that connects

a. Two LAN using Different protocols

b. A LAN with a WAN

c. A LAN with a MAN
http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci211941,00.htmlhttp://searchunifiedcommunications.techtarget.com/sDefinition/0,,sid186_gci212470,00.htmlhttp://searchunifiedcommunications.techtarget.com/sDefinition/0,,sid186_gci212470,00.htmlhttp://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci211941,00.htmlhttp://searchunifiedcommunications.techtarget.com/sDefinition/0,,sid186_gci212470,00.html


13/26

d. Two segments of a single LAN

The most appropriate answer is D Two segments of a single LAN

20. Which type of a cable uses a BNC Connector

a. Twisted Pair

b. UTPc. STPd. Coaxial Cable

The most appropriate answer is D Coaxial Cable

BNC is a small device for connecting coaxial cables, used frequently in low-power, radio-frequency and test

applications. Abbreviation for bayonet Neil-Concelman connector.

21. An electronic device that combines data from several low speed communication lines into a high speed

line is calleda. Modem

b. Multiplexer

c. Channeld. Link Editor

The most appropriate answer is B Multiplexer

Multiplexors: combines two or more input signals from several devices into a single stream of high speed signals

22. It is essential to monitor telecommunication processes and ensure that data transmission is complete

and accurate. Which of the following automated processes/reports measure this?a. Turnaround time reports

b. Help desk response monitoring reports

c. Breakdowns/downtime reports

d. Online monitoring tools

The most appropriate answer is D Online Monitoring Report

The Turnaround Time (TAT) Report Spreadsheet contains a list of specimens received into the laboratory for aspecified date range and the time frame in which each was reported. Testing turnaround time is calculated using

a 24-hour clock from the time the specimen is received into the laboratory until the final laboratory result

report is released.Features:

Generated by client request

Report delivery via e-mail or fax (large testing volume may inhibit faxing of reports)

Client-defined single or multiple accounts or contracts

Client-defined report date range

Electronic spreadsheet e-mailed directly from LabCorps mainframe


14/26

23. Which of the following functions cannot be performed using a communications network controls

terminal?

a. Resetting Queue lengths

b. Starting and terminating Line Processesc. Generating a control total for a point of sale device

d. Correcting a hardware error in a modem

The most appropriate answer is D correcting a hardware error in a modem

24. A service provided to businesses by telecommunication companies or long distance carriers thatprovides a permanent direct connections between geographical social separate local area network is

a. Point to point link

b. Message switching

c. Distributed networkd. Packet Switching

The most appropriate answer is A Point to point link

Point-to-point link: A dedicateddata link that connects only two stations

In telecommunications, message switching was the precursor ofpacket switching, where messages were routedin their entirety, one hop at a time. It was first introduced by Leonard Kleinrockin 1961. Message switching

systems are nowadays mostly implemented over packet-switched or circuit-switcheddata networks.

Hop-by-hop Telex forwarding and UUCP are examples of message switching systems. E-mail is another example

of a message switching system.

When this form of switching is used, no physical path is established in advance in between sender and receiver.

Instead, when the sender has a block of data to be sent, it is stored in the first switching office (i.e. router)then forwarded later at one hop at a time. Each block is received in its entity form, inspected for errors and

then forwarded or re-transmitted.

A form of store-and-forward network. Data is transmitted into the network and stored in a switch. The network

transfers the data from switch to switch when it is convenient to do so, as such the data is not transferred in

real-time. Blocking can not occur, however, long delays can happen. The source and destination terminal need not

be compatible, since conversions are done by the message switching networks.

A message switch is transactional. It can store data or change its format and bit rate, then convert the data

back to their original form or an entirely different form at the receive end. Message switching multiplexes datafrom different sources onto a common facility.

25. A transmission technique in which a complete message is sent to a concentration point for storage androuting to the destination point when a communication path is available is called

a. Circuit Switching

b. Message Switching

c. Packet switchingd. Junction switching

The most appropriate answer is B Message Switching
http://www.its.bldrdoc.gov/fs-1037/dir-010/_1428.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-010/_1428.htmhttp://en.wikipedia.org/wiki/Telecommunicationshttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Leonard_Kleinrockhttp://en.wikipedia.org/wiki/Leonard_Kleinrockhttp://en.wikipedia.org/wiki/Data_networkhttp://en.wikipedia.org/wiki/Data_networkhttp://en.wikipedia.org/wiki/Teleprinterhttp://en.wikipedia.org/wiki/UUCPhttp://en.wikipedia.org/wiki/E-mailhttp://en.wikipedia.org/wiki/Routerhttp://www.its.bldrdoc.gov/fs-1037/dir-010/_1428.htmhttp://en.wikipedia.org/wiki/Telecommunicationshttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Leonard_Kleinrockhttp://en.wikipedia.org/wiki/Data_networkhttp://en.wikipedia.org/wiki/Teleprinterhttp://en.wikipedia.org/wiki/UUCPhttp://en.wikipedia.org/wiki/E-mailhttp://en.wikipedia.org/wiki/Router


15/26

Message switching: A method of handling messagetraffic through a switching center, either from local users

or from other switching centers, whereby the message traffic is stored and forwarded through the system

Circuit switchingis defined as a mechanism applied in telecommunications (mainly in PSTN) whereby the user is

allocated the full use of the communication channel for the duration of the call.

That is if two parties wish to communicate, the calling party has to first dial the numbers of the called party.Once those numbers are dialed, the originating exchange will find a path to the terminating exchange, which will

in turn find the called party.

After the circuit or channel has been set up, then communication will take place, then once they are through the

channel will be cleared. This mechanism is referred to as being connection-oriented.

Advantages of Circuit Switching:

Once the circuit has been set up, communication is fast and without error.

It is highly reliable

Disadvantages:

Involves a lot of overhead, during channel set up.

Waists a lot of bandwidth, especial in speech whereby a user is sometimes listening, and not talking.

Channel set up may take longer.

To overcome the disadvantages of circuit switching, packet switching was introduced, and instead of dedicating

a channel to only two parties for the duration of the call it routes packets individually as they are available. This

mechanism is referred to as being connectionless.

Packet Switching

Packet switching is similar to message switching using short messages. Any message exceeding a network-

defined maximum length is broken up into shorter units, known as packets, for transmission; the packets, eachwith an associated header, are then transmitted individually through the network. The fundamental difference

in packet communication is that the data is formed into packets with a pre-defined header format (i.e. PCI), and

well-known "idle" patterns which are used to occupy the link when there is no data to be communicated.

A packet network equipment discards the "idle" patterns between packets and processes the entire packet as

one piece of data. The equipment examines the packet header information (PCI) and then either removes the

header (in an end system) or forwards the packet to another system. If the out-going link is not available, thenthe packet is placed in a queue until the link becomes free. A packet network is formed by links which connect

packet network equipment.
http://www.its.bldrdoc.gov/fs-1037/dir-022/_3280.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-022/_3280.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-037/_5524.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-035/_5215.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-035/_5215.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-036/_5255.htmhttp://www.erg.abdn.ac.uk/users/gorry/course/intro-pages/encapsulation.htmlhttp://www.its.bldrdoc.gov/fs-1037/dir-022/_3280.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-037/_5524.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-035/_5215.htmhttp://www.its.bldrdoc.gov/fs-1037/dir-036/_5255.htmhttp://www.erg.abdn.ac.uk/users/gorry/course/intro-pages/encapsulation.html


16/26

Communication between A and D using circuits which are shared using packet switching.

Packet-switched communication between systems A and D

(The message in this case has been broken into three parts labeled 1-3)

There are two important benefits from packet switching.

1. The first and most important benefit is that since packets are short, the communication links between

the nodes are only allocated to transferring a single message for a short period of time whiletransmitting each packet. Longer messages require a series of packets to be sent, but do not require the

link to be dedicated between the transmission of each packet. The implication is that packets belonging

to other messages may be sent between the packets of the message being sent from A to D. This

provides a much fairer sharing of the resources of each of the links.2. Another benefit of packet switching is known as "pipelining". Pipelining is visible in the figure above. At

the time packet 1 is sent from B to C, packet 2 is sent from A to B; packet 1 is sent from C to D while

packet 2 is sent from B to C, and packet 3 is sent from A to B, and so forth. This simultaneous use of

communications links represents a gain in efficiency, the total delay for transmission across a packet

network may be considerably less than for message switching, despite the inclusion of a header in each

packet rather than in each message.26. All of the following are considered characteristics of N-Tier Computing architecture Except

a. Distributed Computing

b. Open Industry Standards

c. Thin Client Interfacesd. Monolithic Architecture

The most appropriate answer is D Monolithic architecture

27. Measuring utilization of all important network resources so that individual or group uses on network

can be regulated appropriately is called:a. Performance management


17/26

b. Security Management

c. Accounting Management

d. Configuration Management

The most appropriate answer is C Accounting Management

28. Which of the following is most often used for collecting statistical and configuration information

about network devices such as computers, Hubs, Switches, Routers, etc.?

a. Simple Network management Protocolsb. Online Reports

c. Downtime Reports

d. Help Desk Reports

The most appropriate answer is A Simple Network management Protocols

29. Which of the following would typically be considered the fastest to restore?a. Normal Backup

b. Incremental Backupc. Differential

d. Copy Backup

The most appropriate answer is A Normal Backup

Planning a backup and restoration of files for disaster recovery.

Planning a backup and restoration of files is the most important step to protect data from accidental loss in the

event of data deletion or a hard disk failure. The backup copy can be used to restore lost or damaged data. For

taking backups and restoring files, Microsoft has provided a utility called Backup. The Backup utility creates a

copy of data on a hard disk of a computer and archives data on another storage media. Any storage media such

as removable disks, tapes, and logical drives can be used as a backup storage.

While taking a backup of files, the Backup utility creates a volume shadow copy of the data to create an

accurate copy of the contents. It includes any open files or files that are being used by the system. Users can

continue to access the system while the Backup utility is running without the risk of losing data.

Volume Shadow Copy

Backup provides a feature of taking a backup of files that are opened by a user or system. This feature is known

as volume shadow copy. Volume shadow copy makes a duplicate copy of all files at the start of the backup

process. In this way, files that have changed during the backup process are copied correctly. Due to this

feature, applications can continue writing data to the volume during a backup operation, and backups can be

scheduled at any time without locking out users.

Types of Backups

The Windows Backup utility provides various types of backups. While planning for a backup strategy, it is

important to choose an appropriate type or combination of different types of backups. The backup type

determines which files are transferred to the destination media.


18/26

Each backup type relates to an attribute maintained by every file known as archive (A). The archive attribute is

set when a file is created or changed. When an archive attribute is set, it means that the backup of this file has

not been taken or it is due.

Note: When it is said that "The file is marked as backup", it means that the archive attribute of the file has

been cleared.

Normal Backups

When an administrator chooses to use a normal backup, all selected files and folders are backed up and the

archive attribute of all files are cleared. A normal backup does not use the archive attribute to determine which

files to back up. A normal backup is used as the first step of any backup plan. It is used with the combination of

other backup types for planning a backup strategy of an organization. Normal backups are the most time-

consuming and are resource hungry. Restoration from a normal backup is more efficient than other types of

backups.

Incremental Backups

An incremental backup backs up files that are created or changed since the last normal or incremental backup.

It takes the backup of files of which the archive attribute is set. After taking a backup, it clears the archive

attribute of files. An incremental backup is the fastest backup process. Restoring data from an incremental

backup requires the last normal backup and all subsequent incremental backups. Incremental backups must be


19/26

restored in the same order as they were created.

Note: If any media in the incremental backup set is damaged or data becomes corrupt, the data backed up after

corruption cannot be restored.

Differential Backups

Differential backup backs up files that are created or changed since the last normal backup. It does not clear

the archive attribute of files after taking a backup. The restoration of files from a differential backup is more

efficient than an incremental backup.

Copy Backups

A copy backup copies all selected files and folders. It neither uses nor clears the archive attribute of the files.

It is generally not a part of a planned scheduled backup.

Daily Backups

A daily backup backs up all selected files and folders that have changed during the day. It backs up data by

using the modified date of the files. It neither uses nor clears the archive attribute of the files.

Combining backup types

The easiest backup plan is to take a normal backup every night. A normal backup every night ensures that the

data is restored from a single job the next day. Although the restoration of data from a normal backup is easy,

taking a backup is time consuming. Hence, an administrator is required to make an optimal backup plan. An

administrator must consider the following points before creating a backup plan:

The time involved in taking the backup.

The size of the backup job.

The time required to restore a system in the event of a system failure.

The most common solutions for the needs of different organizations include the combination of normal,

differential, and incremental backups.

Combination of Normal and Differential Backups

An administrator can use a combination of a normal backup and a differential backup to save time in taking a

backup as well as for a restoration of data. In this plan, a normal backup can be taken on Sunday, and


20/26

differential backups can be taken on Monday through Friday every night. If data becomes corrupt at any time,

only a normal and last differential backup are required to be restored. Although this combination is easier and

takes lesser time for restoration, it takes more time to take backup if data changes frequently.

Combination of Normal and Incremental Backups

A combination of normal and incremental backups can be used to save more time for taking backups. In this plan,

a normal backup is taken on Sunday and incremental backups on Monday through Friday every night. If data

becomes corrupt at any time, normal and all incremental backups till date are required to be restored

30. All the following are phases in the establishment of a switched Virtual Circuit Except:a. Circuit Terminal

b. Data Transfer

c. Circuit Expansion

d. Circuit Establishment

The most appropriate answer is A Circuit Expansion

31. Which of the following translates e-mail formats from one network to another so that the message

can travel through all the networks?

a. Gatewaysb. Protocols Convertor

c. Front-end Communication Processor

d. Concentrator Multiplexer

The most appropriate answer is A Gateway

A gateway performs the job of translating e-mail formats from one network to another so messages can make

their way through all the networks. A protocol converter is a hardware device that converts between two

different types of transmissions, such as asynchronous and synchronous transmissions. A front-endcommunication processor connects all network communication lines to a central computer to relieve the central

computer from performing network control, format conversion and message handling tasks. A

concentrator/multiplexor is a device used for combining several lower-speed channels into a higher-speed

channel

32. An IS Auditor performing a telecommunication access control review would focus his/her attention

most on the

a. Maintenance of usage logs of various system resourcesb. Authorization and authentication of the user prior to granting access to system resources

c. Adequate protection of stored data on servers by encryption or other means

d. Accountability system and ability to proper identify any terminal accessing system resources


21/26

The most appropriate answer is B Authorization and authentication of the user prior to granting access to

system resources

33. Which of the following controls would be Most Comprehensive in a remote access network with

multiple and diverse sub-systems?

a. Proxy Serverb. Firewall installation

c. Network administrator

d. Password implementation and administration

The most appropriate answer is D Password implementation and administration

The most comprehensive control in this situation is password implementation and administration. While firewall

installations are the primary line of defense, they cannot protect all access and, therefore, an element of risk

remains. A proxy server is a type of firewall installation and thus the same rules apply. The network

administrator may serve as a control, but typically this would not be comprehensive enough to serve on multipleand diverse systems.

34. A reasonably controlled practice in the distributed executable programs that execute in Background

of a web browser client, like Java applets and Active X controls is:a. Installation of a firewalls

b. Usage of a secure web connection

c. Acceptance of executable only from the established and trusted source

d. Hosting the website as a part of your organization.

The most appropriate answer is C Acceptance of executable only from the established and trusted source

35. When an organizations network is connected with an external net-work in an Intranet client-server

model not under the organizations controls, security becomes a concern. In providing adequate

security in this environment, which of the following assurance levels is Least importanta. Server and Client authenticationb. Data Integrity

c. Data Recovery

d. Data Confidentiality

The most appropriate answer is C Data Recovery

36. In a TCP/IP network, an IP addresses specifies a :

a. Network connection

b. Router/Gateway

c. Computer in the Networkd. Device in the network such as a gateways/router,host,server,etc

The most appropriate answer is A network Connection

An IP address specifies a network connection. An IP address encodes both a network and a host on that

network; it does not specify an individual computer, but a connection to a network. A router/gateway connectstwo networks and will have two IP addresses. Hence, an IP address cannot specify a router. A computer in the

network can be connected to other networks as well. It will then use many IP addresses. Such computers are


22/26

called multi-homed hosts. Here again an IP address cannot refer to the computer. IP addresses do not refer to

individual devices on the network, but refer to the connections by which they are connected to the network

37. In internet architecture, a domain name service(DNS) is most important because it provides the :

a. Addresses of the domain server

b. Addresses of the naming clientc. Resolution of the name of the IP address on the internet

d. Domain name characteristics.

The most appropriate answer is C Resolution of the name of the IP address on the internet

The Domain Name System (DNS) provides the basis for converting the names of machines into IP addresses andback again and provides pointers to other resources such as mail handlers and system aliases. That definition is

perhaps the only thing simple about DNS in today's ever-changing Internet culture. DNS has grown beyond a

simple lookup service to become a major piece of Internet infrastructure-one that has gone well beyond its

original scope. The need to extend the capabilities of the Domain Name System combined with mass adoption ofthe Internet by business and industry has sparked controversy and debate. New forums are popping up to

address DNS-related issues, and discussions on newsgroups like the Internet Legal and Policy Forum (ILPF) andnewdom have become hot and often hostile. The technological, political, and legal issues surrounding DNS have

created confusion and anxiety for systems administrators and operators, users, and businesspeople attemptingto leverage the new technology.

38. In an Internet URL http;//www.infosys.com, what does the com signify?a. Identifies the protocols being usedb. Identifies that the site is on the Internet

c. It is an additional Information and is not needed

d. Identifies the purposes of the site. It stands for commercial

The most appropriate answer is D identifies the purposes of the site. It stands for commercial

39. In which of the following, Tags are placed within to accomplish document formatting, visual features

such as font size, italics and Bold and creation of links:

a. FTTP

b. HTTPc. Telnet

d. ActiveX

Producing hypertext for the Web is accomplished by creating documents with a language called HyperText

Markup Language, or HTML. With HTML, tags are placed within the text to accomplish document formatting,


23/26

visual features such as font size, italics and bold, and the creation of hypertext links. Graphics and multimedia

may also be incorporated into an HTML document.

40. Which of the following allow users on the Internet to communicate with each other by typing text

mode in real timea. IM

b. RFC

c. FYId. FAQ

The most appropriate answer is (A) IM

Instant messaging (IM) is a form of real-time communication between two or more people based on typed text.The text is conveyed via devices connected over a network such as the Internet

Instant messaging (IM) and chat are technologies that create the possibility of real-time text-basedcommunication between two or more participants over the internet or some form of internal network/intranet.

It is important to understand that what separates chat and instant messaging from technologies such as e-mail

is the perceived synchronicity of the communication by the user - Chat happens in real-time before your eyes.Some systems allow the sending of messages to people not currently logged on (offline messages), thus removingmuch of the difference between Instant Messaging and e-mail.

While many services have additional features such as: the immediate receipt of acknowledgment or reply, groupchatting, conference services (including voice and video), conversation logging and file transfer, those functions

are beyond the scope of this article.

IM allows effective and efficient communication, featuring immediate receipt of acknowledgment or reply. In

certain cases Instant Messaging involves additional features, which make it even more popular, i.e. to see theother party, e.g. by usingweb-cams, or to talk directly for free over theInternet.

It is possible to save a conversation for later reference. Instant messages are typically logged in a localmessage history which closes the gap to the persistent nature of e-mails and facilitates quick exchange of

information like URLs or document snippets (which can be unwieldy when communicated via telephone).

41. A firewall access control list may filter access based on each of the following parameters except

a. Port

b. Service Type

c. Network Interface Card(NIC)d. Internet Protocol (IP) address

The most appropriate answer is (C) Network Interface Card (NIC)

42. Which of the following is not provided by a public key infrastructure (PKI)a. Access Controls

b. Network Reliability

c. Authentication

d. Non-Repudiation
http://en.wikipedia.org/wiki/Real-time_computinghttp://en.wikipedia.org/wiki/Peoplehttp://en.wikipedia.org/wiki/Written_languagehttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/E-mailhttp://en.wikipedia.org/wiki/File_transferhttp://en.wikipedia.org/wiki/Receipthttp://en.wikipedia.org/wiki/Web-camhttp://en.wikipedia.org/wiki/Web-camhttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Real-time_computinghttp://en.wikipedia.org/wiki/Peoplehttp://en.wikipedia.org/wiki/Written_languagehttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/E-mailhttp://en.wikipedia.org/wiki/File_transferhttp://en.wikipedia.org/wiki/Receipthttp://en.wikipedia.org/wiki/Web-camhttp://en.wikipedia.org/wiki/Internet


24/26

The most appropriate answer is B Network Reliability

43. Secure Socket Layer (SSL) protocol addresses the confidentiality of a message through:

a. Symmetric encryption

b. Message authentication codec. Hash function

d. Digital signatures certificates

SSL uses a symmetric key for message encryption. A message authentication code is used for ensuring data

integrity. Hash function is used for generating a message digest. It does not use public key encryption formessage encryption. Digital signature certificates are used by SSL for server authentication

The most appropriate answer is A Symmetric encryption

44. Electromagnetic emissions from a terminal represent an exposure because they:

a. Affect noise pollutionb. Disrupt processor function

c. Produces dangerous levels of electric currentd. Can be detected and displayed

The most appropriate answer is D Can be detected and displayed

Emissions can be detected by sophisticated equipment and displayed, thus giving access to data to unauthorized

persons. They should not cause disruption of CPUs or effect noise pollution

45. Which of the following would be an IS auditor consider a major risk of using single sign-on in a

networked environmenta. It enables access to multiple applicationsb. It represents a single point of failure

c. It causes an administrative bottleneck

d. It leads to a lockout of valid users

As per a web site Big4Guy.com

The answer is 'A'. The risk with using Single Sign Onis that it can result in access to all applications with a

single password. This can be potentially very harmful as far as security is concerned. Rest all the answers are

incorrect

While as per the book the most appropriate answer is B It represents a single point of failure

Single sign on is the term used to represent a system whereby users need only remember one username andpassword, and authenticated a can be provided for multiple services. Kerberos [1] is an example of a system

where users provide a password and receive a ticket in exchange. The ticket can be used to authenticate users

to different network services. Kerberos single sign on is possible because all of the services are under the same

administrative control. There is a centralized database containing keys that are shared with each service, andtickets can be issued, encrypted under the keys of the target services.
http://big4guy.com/index.php/2006/01/02/information_security_terms_single_sign_ohttp://big4guy.com/index.php/2006/01/02/information_security_terms_single_sign_o


25/26

46. all of the following are significant Internet exposures Except:

a. lost of Integrity

b. Denial of Service Attacks

c. Insufficient resources to improve and maintain integrity

d. Unauthorized access

The most appropriate answer is (C) Insufficient resources to improve and maintain integrity

47. A manufacturer has been purchasing material and supplies for its business through an E-Commerce

application. Which of the following should this manufacturer rely on to prove that the transactionswere actually made?

a. Reputation

b. Authentication

c. Encryptiond. Non-Repudiation

The most appropriate answer is (D) Non-Repudiation

Non- repudiation may ensure that a transaction is enforceable. It involves creating proof of the origin ordelivery of data to protect the sender against false denial by the recipient of the data's receipt, or vice versa.

Choice A is incorrect because the company's reputation would not, of itself, prove a deal was made via the

Internet. Choice B is not correct as authentication controls are necessary to establish the Identification of all

parties to a communication. Choice C is incorrect since encryption may protect the data transmitted over theInternet, but may not prove that the transactions were made

48. An IS Auditor who intends to use penetration testing during an audit of Internet Connection woulda. Evaluate configurationb. Examine security Setting

c. Ensure virus-scanning software in use

d. Use tools and techniques that are available to a hacker

The most appropriate answer is (D) Use tools and techniques that are available to a hacker

penetration test is a method of evaluating the security of a computer system or network by simulating an

attack by a malicious user, known as a Black HatHacker, or Cracker. The process involves an active analysis of

the system for any potential vulnerabilities that may result from poor or improper system configuration, knownand/or unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures.

This analysis is carried out from the position of a potential attacker, and can involve active exploitation of

security vulnerabilities. Any security issues that are found will be presented to the system owner together with

an assessment of their impact and often with a proposal for mitigation or a technical solution. The intent of apenetration test is to determine feasibility of an attack and the amount of business impact of a successful

exploit, if discovered. It is a component of a fullsecurity audit.
http://en.wikipedia.org/wiki/Computer_securityhttp://en.wikipedia.org/wiki/Computer_systemhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Hacker_(computing)#Black_Hat_Hackerhttp://en.wikipedia.org/wiki/Hacker_(computer_security)http://en.wikipedia.org/wiki/Hacker_(computer_security)http://en.wikipedia.org/wiki/Information_technology_security_audithttp://en.wikipedia.org/wiki/Information_technology_security_audithttp://en.wikipedia.org/wiki/Information_technology_security_audithttp://en.wikipedia.org/wiki/Computer_securityhttp://en.wikipedia.org/wiki/Computer_systemhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Hacker_(computing)#Black_Hat_Hackerhttp://en.wikipedia.org/wiki/Hacker_(computer_security)http://en.wikipedia.org/wiki/Information_technology_security_audit


26/26

49. A sequence of Bits appended to a digital document that is used to authenticate an e-mail sent through

the Internet is called a

a. Digest Signature

b. Encrypted Messagec. Digital Signature

d. Hash Signature

The most appropriate answer is: C Digital Signature

A digital signature through the private cryptographic key authenticates a transmission from a sender throughthe private cryptographic key. It is a string of bits that uniquely represent another string of bits, a digital

document. An electronic signature refers to the string of bits that digitally represents a handwritten signature

captured by a computer system when a human applies it on an electronic pen pad, connected to the system.

50. Which of the following provides the Greatest assurance in achieving message integrity and non-

repudiationa. The recipient uses the senders public Key, verified with a certificate authority, to decrypt the

message digest

b. The recipient uses his private key to decrypt the secret key

c. The encrypted message digest and the message are encrypted using a secret keyd. The encrypted message digest is derived mathematically from the message to be sent

The most appropriate answer is (D) The encrypted message digest is derived mathematically from the message

to be sent

Most encrypted transactions today use a combination of private keys, public keys, secret keys, hash functions

and digital certificates to achieve confidentiality, message integrity and non- repudiation by either sender or

recipient. The recipient uses the sender's public key to decrypt the pre-hash code into a post-hash code whichwhen equaling the pre-hash code verifies the identity of the sender and that the message has not been changed

in route and would provide the greatest assurance. Each sender and recipient has a private key, known only to

him/her and a public key, which can be known by anyone. Each encryption/decryption process requires at leastone public key and one private key and both must be from the same party. A single secret key is used to encrypt

the message, because secret key encryption requires less processing power than using public and private keys. Adigital certificate, signed by a certificate authority, validates senders' and recipients' public keys.

isa module two

Documents