Which of the following statements pertaining to link encryption is false?
Correct Answer: C
When using link encryption, packets have to be decrypted at each hop and encrypted again. Information staying encrypted from one end of its journey to the other is a characteristic of end-toend encryption, not link encryption. Link Encryption vs. End-to-End Encryption Link encryption encrypts the entire packet, including headers and trailers, and has to be decrypted at each hop. End-to-end encryption does not encrypt the IP Protocol headers, and therefore does not need to be decrypted at each hop. Reference: All in one, Page 735 & Glossary and Source: WALLHOFF, John, CBK#5 Cryptography (CISSP Study Guide), April 2002 (page 6).
CISSP Exam Question 642
Which of the following is the BEST definition of Cross-Site Request Forgery (CSRF) ?
Correct Answer: C
CISSP Exam Question 643
Which of the following is a second optional use of Network Access Control (NAC) technology?
Correct Answer: B
CISSP Exam Question 644
Match the types of e-authentication tokens to their description. Drag each e-authentication token on the left to its corresponding description on the right.
Correct Answer:
Explanation Look-up secret token - A physical or electronic token that stores a set of secrets between the claimant and the credential service provider Out-of-Band Token - A physical token that is uniquely addressable and can receive a verifier-selected secret for one-time use Pre-registered Knowledge Token - A series of responses to a set of prompts or challenges established by the subscriber and credential service provider during the registration process Memorized Secret Token - A secret shared between the subscriber and credential service provider that is typically character strings
CISSP Exam Question 645
All hosts on an IP network have a logical ID called a(n):
Correct Answer: A
An Ethernet address is a 48-bit address that is hard-wired into the Network Interface Cards (NIC) of the network node. A Media Access Control address (MAC address) is a unique identifier assigned to network interfaces for communications on the physical network segment. MAC addresses are used for numerous network technologies and most IEEE 802 network technologies, including Ethernet. Logically, MAC addresses are used in the Media Access Control protocol sub-layer of the OSI reference model. MAC addresses are most often assigned by the manufacturer of a network interface card (NIC) and are stored in its hardware, the card's read-only memory, or some other firmware mechanism. If assigned by the manufacturer, a MAC address usually encodes the manufacturer's registered identification number and may be referred to as the burned-in address. It may also be known as an Ethernet hardware address (EHA), hardware address or physical address. A network node may have multiple NICs and will then have one unique MAC address per NIC. MAC addresses are formed according to the rules of one of three numbering name spaces managed by the Institute of Electrical and Electronics Engineers (IEEE): MAC-48, EUI-48, and EUI-64. The IEEE claims trademarks on the names EUI-48 and EUI-64, in which EUI is an abbreviation for Extended Unique Identifier. Reference(s) used for this question: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 87. and https://en.wikipedia.org/wiki/MAC_address
