CISSP Official Practice Tests by Mike Chapple, David Seidl

Chapter 12: Practice Test 4 457

116. D. Ed’s best option is to install an IPv6 to IPv4 gateway that can translate traffic between
     the networks. A bridge would be appropriate for different types of networks, whereas a
     router would make sense if the networks were similar. A modern switch might be able
     to carry both types of traffic but wouldn’t be much help translating between the two
     protocols.


117. C. The Rijndael block cipher was selected as the winner and is the cryptographic
     algorithm underlying the Advanced Encryption Standard (AES).


118. The services match with the network ports as follows:


119. DNS: D. UDP port 53.


120. HTTPS: A. TCP port 443.


121. SSH: E. TCP port 22.


122. RDP: B. TCP port 3389.


123. MSSQL: C. TCP port 1433.


124. B. The EU General Data Protection Regulation does not require that organizations
     provide individuals with employee lists.


125. B. Tammy should choose a warm site. This type of facility meets her requirements for
     a good balance between cost and recovery time. It is less expensive than a hot site but
     facilitates faster recovery than a cold site. A red site is not a type of disaster recovery
     facility.


126. B. When data reaches the Transport layer, it is sent as segments (TCP) or datagrams
     (UDP). Above the Transport layer, data becomes a data stream, while below the Transport
     layer they are converted to packets at the Network layer, frames at the Data Link layer,
     and bits at the Physical layer.


127. D. The Advanced Encryption Standard supports encryption with 128-bit keys, 192-bit
     keys, and 256-bit keys.


128. D. An application programming interface (API) allows developers to create a direct
     method for other users to interact with their systems through an abstraction that does
     not require knowledge of the implementation details. Access to object models, source
     code, and data dictionaries also indirectly facilitate interaction but do so in a manner that
     provides other developers with implementation details.


129. D. The PGP email system, invented by Phil Zimmerman, uses the “web of trust”
     approach to secure email. The commercial version uses RSA for key exchange, IDEA for
     encryption/decryption, and MD5 for message digest production. The freeware version uses
     Diffie-Hellman key exchange, the Carlisle Adams/Stafford Tavares (CAST) encryption/
     decryption, and SHA hashing.


130. B. The permissions granted on files in Linux designate what authorized users can do
     with those files—read, write, or execute. In the image shown, all users can read, write,
     and execute index.html, whereas the owner can read, write, and execute example.txt, the
     group cannot, and everyone can write and execute it.