Isa Module Two

An organization is about to implement a computer network in a new office building. The company has 2000 users located in the same physical area. No external network connection will be required. Which of the following network configurations would be the most expensive to install

1.

a. b. c. d.

BUS Ring Star Mesh

Most Appropriate Answer is (D) Mesh as it is the most expensive to install the mesh network 2.

IN Wide Area Networks (WANs) a. b. c. d.

Data Flow must be half duplex Communication lines must b dedicated Circuit Structure can be operated only over a fixed distance The selection of communication lines will effect reliability

Most Appropriate Answer is (D) the selection of communication lines will effect reliability

Wide Area Network (WAN) is a computer network that covers a broad area (i.e., any network whose communications links cross metropolitan, regional, or national boundaries [1]). Less formally, a WAN is a network that uses routers and public communications links [1]. Contrast with personal area networks (PANs), local area networks (LANs), campus area networks (CANs), or metropolitan area networks (MANs) which are usually limited to a room, building, campus or specific metropolitan area (e.g., a city) respectively. The largest and most well-known example of a WAN is the Internet. WANs [a] are used to connect LANs and other types of networks together, so that users and computers in one location can communicate with users and computers in other locations. Many WANs are built for one particular organization and are private. Others, built by Internet service providers, provide connections from an organization's LAN to the Internet. WANs are often built using leased lines. At each end of the leased line, a router connects to the LAN on one side and a hub within the WAN on the other. Leased lines can be very expensive. Instead of using leased lines, WANs can also be built using less costly circuit switching or packet switching methods. Network protocols including TCP/IP deliver transport and addressing functions. Protocols including Packet over SONET/SDH, MPLS, ATM and Frame relay are often used by service providers to deliver the links that are used in WANs. X.25 was an important early WAN protocol, and is often considered to be the "grandfather" of Frame Relay as many of the underlying protocols and functions of X.25 are still in use today (with upgrades) by Frame Relay. Academic research into wide area networks can be broken down into three areas: Mathematical models, network emulation and network simulation. Performance improvements are sometimes delivered via WAFS or WAN optimization. Several options are available for WAN connectivity:

[2]

Bandwidth range

Sample protocols used

Option:

Description

Advantages

Disadvantages

Leased line

Point-to-Point connection between two computers or Local Area Networks (LANs)

Most secure

Expensive

PPP, HDLC, SDLC, HNAS

Circuit switching

A dedicated circuit path is created between end points. Best example is dialup connections

Less Expensive

Call Setup

28 kbit/s PPP, ISDN 144 kbit/s

Packet switching

Devices transport packets via a shared single point-to-point or point-tomultipoint link across a carrier internetwork. Variable length packets are transmitted over Permanent Virtual Circuits (PVC) or Switched Virtual Circuits (SVC)

Shared media across link

Similar to packet switching, but uses best for fixed length cells instead of variable simultaneous use Overhead can be Cell relay length packets. Data is divided into of Voice and considerable fixed-length cells and then transported data across virtual circuits

X.25 FrameRelay

ATM

Transmission rate usually range from 1200 bits/s to 6 Mbit/s, although some connections such as ATM and Leased lines can reach speeds greater than 156 Mbit/s. Typical communication links used in WANs are telephone lines, microwave links & satellite channels. Recently with the proliferation of low cost of Internet connectivity many companies and organizations have turned to VPN to interconnect their networks, creating a WAN in that way. Companies such as Cisco, New Edge Networks and Check Point offer solutions to create VPN networks. 3.

An organization is considering installing a Local; Area Network (LAN) in a site under construction. If a system availability is the main concern, which of the following is most Appropriate a. b. c. d.

Ring Line Star Bus

Most Appropriate Answer is (C) STAR

A ring or loop topology would enable messages to be rerouted should the network cabling be severed at any point or a hardware element fail. With the correct settings in network hardware, the loss of any link would be invisible to the users. In line and bus networks, which are essentially the same thing, terminals are connected to a single cable. If this cable is severed, all terminals beyond the point of severance will be unavailable. A star network clusters terminals around hubs, connected to the server by separate lines in the form of a star. If any line is severed, all terminals in the cluster at the end of that line would be disconnected.

4.

Which of the following is not an element of a LAN environment? a. Packet Switching Technology b. Baseband c. Ring or short Bus topology d. Public Circuit Switching Technology.

Most Appropriate Answer is (D) Public Circuit Switching Technology 5.

Which of the following OSI layers communicates with the user Programs? a. b. c. d.

Physical Application Presentation Session

Most Appropriate Answer is ( B) Application Layers

Open Systems Interconnection (OSI) model is a reference model developed by ISO (International Organization for Standardization) in 1984, as a conceptual framework of standards for communication in the network across different equipment and applications by different vendors. It is now considered the primary architectural model for inter-computing and inter-networking communications. Most of the network communication protocols used today have a structure based on the OSI model. The OSI model defines the communications process into 7 layers, dividing the tasks involved with moving information between networked computers into seven smaller, more manageable task groups. A task or group of tasks is then assigned to each of the seven OSI layers. Each layer is reasonably self-contained, so that the tasks assigned to each layer can be implemented independently. This enables the solutions offered by one layer to be updated without adversely affecting the other layers. The OSI 7 layers model has clear characteristics at each layer. Basically, layers 7 through 4 deals with end to end communications between data source and destinations, while layers 3 to 1 deal with communications between network devices. On the other hand, the seven layers of the OSI model can be divided into two groups: upper layers (layers 7, 6 & 5) and lower layers (layers 4, 3, 2, 1). The upper layers of the OSI model deal with application issues and generally are implemented only in software. The highest layer, the application layer, is closest to the end user. The lower layers of the OSI model handle data transport issues. The physical layer and the data link layer are implemented in hardware and software. The lowest layer, the physical layer, is closest to the physical network medium (the wires, for example) and is responsible for placing data on the medium. The specific description for each layer is as follows: Layer 7: Application Layer

•

Defines interface-to-user processes for communication and data transfer in network

•

Provides standardized services such as virtual terminal, file and job transfer and operations Layer 6: Presentation Layer

•

Masks the differences of data formats between dissimilar systems

•

Specifies architecture-independent data transfer format

•

Encodes and decodes data; encrypts and decrypts data; compresses and decompresses data

Layer 5: Session Layer

•

Manages user sessions and dialogues

•

Controls establishment and termination of logic links between users

•

Reports upper layer errors Layer 4: Transport Layer

•

Manages end-to-end message delivery in network

•

Provides reliable and sequential packet delivery through error recovery and flow control mechanisms

•

Provides connectionless oriented packet delivery Layer 3: Network Layer

•

Determines how data are transferred between network devices

•

Routes packets according to unique network device addresses

•

Provides flow and congestion control to prevent network resource depletion Layer 2: Data Link Layer

•

Defines procedures for operating the communication links

•

Frames packets

•

Detects and corrects packets transmit errors Layer 1: Physical Layer

•

Defines physical means of sending data over network devices

•

Interfaces between network medium and devices

•

Defines optical, electrical and mechanical characteristics Information being transferred from a software application in one computer to an application in another proceeds through the OSI layers. For example, if a software application in computer A has information to pass to a software application in computer B, the application program in computer A needs to pass the information to the application layer (Layer 7) of computer A, which then passes the information to the presentation layer (Layer 6), which relays the data to the session layer (Layer 5), and so on all the way down to the physical layer

(Layer 1). At the physical layer, the data is placed on the physical network medium and is sent across the medium to computer B. The physical layer of computer B receives the data from the physical medium, and then its physical layer passes the information up to the data link layer (Layer 2), which relays it to the network layer (Layer 3), and so on, until it reaches the application layer (Layer 7) of computer B. Finally, the application layer of computer B passes the information to the recipient application program to complete the communication process. The following diagram illustrated this process.

OSI Network Architecture 7 Layers Model - 1 The seven OSI layers use various forms of control information to communicate with their peer layers in other computer systems. This control information consists of specific requests and instructions that are exchanged between peer OSI layers. Headers and Trailers of data at each layer are the two basic forms to carry the control information. Headers are prepended to data that has been passed down from upper layers. Trailers are appended to data that has been passed down from upper layers. An OSI layer is not required to attach a header or a trailer to data from upper layers. Each layer may add a Header and a Trailer to its Data, which consists of the upper layer's Header, Trailer and Data as it proceeds through the layers. The Headers contain information that specifically addresses layer-tolayer communication. Headers, trailers and data are relative concepts, depending on the layer that analyzes the information unit. For example, the Transport Header (TH) contains information that only the Transport layer sees. All other layers below the Transport layer pass the Transport Header as part of their Data. At the network layer, an information unit consists of a Layer 3 header (NH) and data. At the data link layer, however, all the information passed down by the network layer (the Layer 3 header and the data) is treated as data. In

other words, the data portion of an information unit at a given OSI layer potentially can contain headers, trailers, and data from all the higher layers. This is known as encapsulation.

OSI Network Architecture 7 Layers Model - 2 For example, if computer A has data from a software application to send to computer B, the data is passed to the application layer. The application layer in computer A then communicates any control information required by the application layer in computer B by prepending a header to the data. The resulting message unit, which includes a header, the data and maybe a trailer, is passed to the presentation layer, which prepends its own header containing control information intended for the presentation layer in computer B. The message unit grows in size as each layer prepends its own header and trailer containing control information to be used by its peer layer in computer B. At the physical layer, the entire information unit is transmitted through the network medium. The physical layer in computer B receives the information unit and passes it to the data link layer. The data link layer in computer B then reads the control information contained in the header prepended by the data link layer in computer A. The header and the trailer are then removed, and the remainder of the information unit is passed to the network layer. Each layer performs the same actions: The layer reads the header and trailer from its peer layer, strips it off, and passes the remaining information unit to the next higher layer. After the application layer performs these actions, the data is passed to the recipient software application in computer B, in exactly the form in which it was transmitted by the application in computer A.

OSI Network Architecture 7 Layers Model - 3 One OSI layer communicates with another layer to make use of the services provided by the second layer. The services provided by adjacent layers help a given OSI layer communicate with its peer layer in other computer systems. A given layer in the OSI model generally communicates with three other OSI layers: the layer directly above it, the layer directly below it and its peer layer in other networked computer systems. The data link layer in computer A, for example, communicates with the network layer of computer A, the physical layer of computer A and the data link layer in computer B. The following chart illustrates this example.

6.

The advantages of a Ring topology is that a. It is an easy to install b. It is an easy to add or replace computers to the network c. It minimizes network traffic congestion d. It uses a number of high speed hubs and switches Most Appropriate Answer is (C) It minimizes network traffic congestion 7.

An agreement between two computer systems related to the methods of data transmission that is picked and interpreted is called a. b. c. d.

Communication Channel Communication Protocol Synchronous mode of transmission Asynchronous mode of transmission

Most Appropriate Answer is (B) Communication Protocol A communications protocol is the set of standard rules for data representation, signaling, authentication and error detection required to send information over a communications channel. An example of a simple communications protocol adapted to voice communication is the case of a radio dispatcher talking to mobile stations. The communication protocols for digital computer network communication have many features intended to ensure reliable interchange of data over an imperfect communication channel. Communication protocol is basically following certain rules so that the system works p

8.

A session can be defined as

a. A link between two network nodes b. Series of transmission without any disconnection c. A specific place in a system d. Bi-directional data flow between two network nodes Most Appropriate Answer is (B) Series of transmission without any disconnection In computer science, in particular networking, a session is a semi-permanent interactive information exchange, also known as a dialogue, a conversation or a meeting, between two or more communicating devices, or between a computer and user (see Login session). A session is set up or established at a certain point in time, and torn down at a later point in time. An established communication session may involve more than one message in each direction. A session is typically, but not always, stateful, meaning that at least one of the communicating parts need to save information about the session history in order to be able to communicate, as opposed to stateless communication, where the communication consists of independent requests with responses. Communication sessions may be implemented as part of protocols and services at the application layer, at the session layer or at the transport layer in the OSI model. •

• •

Application layer examples: o HTTP sessions, which may allow dynamic web pages, i.e. interactive web pages, as opposed to static web pages. o A telnet remote login session Session layer example: o A Session Initiation Protocol (SIP) based Internet phone call Transport layer example: o A TCP session, which is synonymous to a TCP virtual circuit, a TCP connection, or an established TCP socket.

In the case of transport protocols which do not implement a formal session layer (e.g., UDP) or where sessions at the session layer are generally very short-lived (e.g., HTTP), sessions are maintained by a higher level program using a method defined in the data being exchanged. For example, an HTTP exchange between a browser and a remote host may include an HTTP cookie which identifies state, such as a unique session ID, information about the user's preferences or authorization level. 9.

Which of the following would typically be considered a LAN a. 10 Computers in your office connected together and hooked up to a printer b. A connection of one computer in Mumbai to another in Delhi c. The city-wide connection between ATMs d. The 3 stand – alone PCs in your home

The Most appropriate answer is (A) 10 Computers in your office connected together and hooked up to a printer. 10. Which network typically demands more knowledgeable users? a. Server Based Network b. Peer to Peer Network c. Local Area Network d. Wide Area Network

The Most appropriate answer is (B) Peer to Peer Network A Peer to Peer (or P2P) computer network uses diverse connectivity between participants in a network and the cumulative bandwidth of network participants rather than conventional centralized resources where a relatively low number of servers provide the core value to a service or application. P2P networks are typically used for connecting nodes via largely ad hoc connections. Such networks are useful for many purposes. Sharing content files (see file sharing) containing audio, video, data or anything in digital format is very common, and realtime data, such as telephony traffic, is also passed using P2P technology. A pure P2P network does not have the notion of clients or servers but only equal peer nodes that simultaneously function as both "clients" and "servers" to the other nodes on the network. This model of network arrangement differs from the client-server model where communication is usually to and from a central server. A typical example of a file transfer that is not P2P is an FTP server where the client and server programs are quite distinct, the clients initiate the download/uploads, and the servers react to and satisfy P2P networks can be classified by what they can be used for: • • • •

file sharing telephony media streaming (audio, video) discussion forums

Other classification of P2P networks is according to their degree of centralization. In 'pure' P2P networks: • • •

Peers act as equals, merging the roles of clients and server There is no central server managing the network There is no central router

some examples of pure P2P application layer networks designed for file sharing are Gnutella and Freenet. There also exist countless hybrid P2P systems:

11.

All of the following are true relating to the use of Fiber optics Except a. Data is minimized rapidly b. Fiber optic cable is small and flexible c. They are unaffected by electrical interference d. They provide the highest level of signal attenuation

The Most appropriate answer is (D) they provide the highest level of signal attenuation (Decrease)

12.

A major problem in networking is the slow rate of data transfer. Which of the following would help counter this problem? a. Data Formatting b. Allocating adequate Bandwidth c. Centralized Control d. All of the above

The Most appropriate answer is (D) All of the above

Which of the following can a LAN administrator use to protect against exposure to illegal or unlicensed software usage by the network user?

13. a. b. c. d.

Software Metering Virus detection software Software encryption Software decryption

As per book the answer is B Virus detection software which seems wrong but as per question asked in CISA the q and A is as below Q). Which of the following can a local area network (LAN) administrator use to protect against exposure to illegal or unlicensed software usage by the network user? A. Software metering B. Virus detection software C. Software encryption D. Software inventory programs Answer: LAN Administrators usually take the help of software inventory programs to monitor the usage of unlicensed software in an organization. The other answers are incorrect. 14.

which of the following devices connects two or more dissimilar computer system by interpreting and translating the different protocols that are used a. Router b. Repeater c. Gateway d. Firewall The most appropriate answer is A Router as it may connect two Similar or Dissimilar Computer by interpreting and translating the different protocols that are used

15.

The device primarily used to extend the network must have the ability to act as a storage and forwarding device is a. Router b. Bridge c. Repeater d. Gateway The most appropriate answer is C Repeater 16.

Which of the following transmission media would not be affected by cross talk or interference a. Fiber optic System b. Twisted Pair Circuits c. Microwave Radio System d. Satellite radio-link systems

The most appropriate answer is A Fiber optic System

Advantages of Fiber Optics • • • • • • • • • • • • • • • • • • • • • •

17.

System Performance Greatly increased bandwidth and capacity Lower signal attenuation (loss) Immunity to Electrical Noise Immune to noise (electromagnetic interference [EMI] and radio-frequency interference [RFI] No crosstalk Lower bit error rates Signal Security Difficult to tap Nonconductive (does not radiate signals)Electrical Isolation No common ground required Freedom from short circuit and sparks Size and Weight Reduced size and weight cables Environmental Protection Resistant to radiation and corrosion Resistant to temperature variations Improved ruggedness and flexibility Less restrictive in harsh environments Overall System Economy Low per-channel cost Lower installation cost Which of the following media would be the most secure in a telecommunication network? a. Dedicated Lines b. Base land Network c. Dial Up d. Broad Land Network Digital Transmission

The most appropriate answer is A Dedicated Lines A dedicated line is a telecommunications path between two points that is available 24 hours a day for use by a designated user (individual or company). It is not shared in common among multiple users as dial-up lines are. A dedicated line can be a physical path owned by the user or rented from a telephone company, in which case it is called a leased line. A synonym is nonswitched line (as opposed to a switched or dial-up line). Which of the following transmission media is most resistant to a sniffing attack? a. Optical Fiber b. Satellite Microwave c. Twisted Pair Wire d. Infrared The most appropriate answer is A optic fiber

18.

19.

A hub is a device that connects a. Two LAN using Different protocols b. A LAN with a WAN c. A LAN with a MAN

d. Two segments of a single LAN

The most appropriate answer is D Two segments of a single LAN

20.

Which type of a cable uses a BNC Connector a. Twisted Pair b. UTP c. STP d. Coaxial Cable

The most appropriate answer is D Coaxial Cable BNC is a small device for connecting coaxial cables, used frequently in low-power, radio-frequency and test applications. Abbreviation for bayonet Neil-Concelman connector.

21.

An electronic device that combines data from several low speed communication lines into a high speed line is called a. Modem b. Multiplexer c. Channel d. Link Editor The most appropriate answer is B Multiplexer Multiplexors: combines two or more input signals from several devices into a single stream of high speed signals

22.

It is essential to monitor telecommunication processes and ensure that data transmission is complete and accurate. Which of the following automated processes/reports measure this? a. Turnaround time reports b. Help desk response monitoring reports c. Breakdowns/downtime reports d. Online monitoring tools

The most appropriate answer is D Online Monitoring Report The Turnaround Time (TAT) Report Spreadsheet contains a list of specimens received into the laboratory for a specified date range and the time frame in which each was reported. Testing turnaround time is calculated using a 24-hour clock from the time the specimen is received into the laboratory until the final laboratory result report is released. Features: • • • • • •

Generated by client request Report delivery via e-mail or fax (large testing volume may inhibit faxing of reports) Client-defined single or multiple accounts or contracts Client-defined report date range Electronic spreadsheet e-mailed directly from LabCorp’s mainframe

23.

Which of the following functions cannot be performed using a communications network controls terminal? a. Resetting Queue lengths b. Starting and terminating Line Processes c. Generating a control total for a point of sale device d. Correcting a hardware error in a modem

The most appropriate answer is D correcting a hardware error in a modem 24.

A service provided to businesses by telecommunication companies or long distance carriers that provides a permanent direct connections between geographical social separate local area network is a. Point to point link b. Message switching c. Distributed network d. Packet Switching

The most appropriate answer is A Point to point link Point-to-point link: A dedicated data link that connects only two stations In telecommunications, message switching was the precursor of packet switching, where messages were routed in their entirety, one hop at a time. It was first introduced by Leonard Kleinrock in 1961. Message switching systems are nowadays mostly implemented over packet-switched or circuit-switched data networks. Hop-by-hop Telex forwarding and UUCP are examples of message switching systems. E-mail is another example of a message switching system. When this form of switching is used, no physical path is established in advance in between sender and receiver. Instead, when the sender has a block of data to be sent, it is stored in the first switching office (i.e. router) then forwarded later at one hop at a time. Each block is received in its entity form, inspected for errors and then forwarded or re-transmitted. A form of store-and-forward network. Data is transmitted into the network and stored in a switch. The network transfers the data from switch to switch when it is convenient to do so, as such the data is not transferred in real-time. Blocking can not occur, however, long delays can happen. The source and destination terminal need not be compatible, since conversions are done by the message switching networks. A message switch is “transactional”. It can store data or change its format and bit rate, then convert the data back to their original form or an entirely different form at the receive end. Message switching multiplexes data from different sources onto a common facility. 25.

A transmission technique in which a complete message is sent to a concentration point for storage and routing to the destination point when a communication path is available is called a. Circuit Switching b. Message Switching c. Packet switching d. Junction switching

The most appropriate answer is B Message Switching

Message switching: A method of handling message traffic through a switching center, either from local users or from other switching centers, whereby the message traffic is stored and forwarded through the system

Circuit switching is defined as a mechanism applied in telecommunications (mainly in PSTN) whereby the user is allocated the full use of the communication channel for the duration of the call. That is if two parties wish to communicate, the calling party has to first dial the numbers of the called party. Once those numbers are dialed, the originating exchange will find a path to the terminating exchange, which will in turn find the called party. After the circuit or channel has been set up, then communication will take place, then once they are through the channel will be cleared. This mechanism is referred to as being connection-oriented.

Advantages of Circuit Switching: • •

Once the circuit has been set up, communication is fast and without error. It is highly reliable

Disadvantages: Involves a lot of overhead, during channel set up. • •

Waists a lot of bandwidth, especial in speech whereby a user is sometimes listening, and not talking. Channel set up may take longer.

To overcome the disadvantages of circuit switching, packet switching was introduced, and instead of dedicating a channel to only two parties for the duration of the call it routes packets individually as they are available. This mechanism is referred to as being connectionless. Packet Switching Packet switching is similar to message switching using short messages. Any message exceeding a networkdefined maximum length is broken up into shorter units, known as packets, for transmission; the packets, each with an associated header, are then transmitted individually through the network. The fundamental difference in packet communication is that the data is formed into packets with a pre-defined header format (i.e. PCI), and well-known "idle" patterns which are used to occupy the link when there is no data to be communicated. A packet network equipment discards the "idle" patterns between packets and processes the entire packet as one piece of data. The equipment examines the packet header information (PCI) and then either removes the header (in an end system) or forwards the packet to another system. If the out-going link is not available, then the packet is placed in a queue until the link becomes free. A packet network is formed by links which connect packet network equipment.

Communication between A and D using circuits which are shared using packet switching.

Packet-switched communication between systems A and D (The message in this case has been broken into three parts labeled 1-3) There are two important benefits from packet switching. 1.

The first and most important benefit is that since packets are short, the communication links between the nodes are only allocated to transferring a single message for a short period of time while transmitting each packet. Longer messages require a series of packets to be sent, but do not require the link to be dedicated between the transmission of each packet. The implication is that packets belonging to other messages may be sent between the packets of the message being sent from A to D. This provides a much fairer sharing of the resources of each of the links. 2. Another benefit of packet switching is known as "pipelining". Pipelining is visible in the figure above. At the time packet 1 is sent from B to C, packet 2 is sent from A to B; packet 1 is sent from C to D while packet 2 is sent from B to C, and packet 3 is sent from A to B, and so forth. This simultaneous use of communications links represents a gain in efficiency, the total delay for transmission across a packet network may be considerably less than for message switching, despite the inclusion of a header in each packet rather than in each message. 26. All of the following are considered characteristics of N-Tier Computing architecture Except a. Distributed Computing b. Open Industry Standards c. Thin Client Interfaces d. Monolithic Architecture The most appropriate answer is D Monolithic architecture 27.

Measuring utilization of all important network resources so that individual or group uses on network can be regulated appropriately is called: a. Performance management

b. Security Management c. Accounting Management d. Configuration Management The most appropriate answer is C Accounting Management

28.

Which of the following is most often used for collecting statistical and configuration information about network devices such as computers, Hubs, Switches, Routers, etc.? a. Simple Network management Protocols b. Online Reports c. Downtime Reports d. Help Desk Reports

The most appropriate answer is A Simple Network management Protocols 29.

a. b. c. d.

Which of the following would typically be considered the fastest to restore? Normal Backup Incremental Backup Differential Copy Backup

The most appropriate answer is A Normal Backup Planning a backup and restoration of files for disaster recovery. Planning a backup and restoration of files is the most important step to protect data from accidental loss in the event of data deletion or a hard disk failure. The backup copy can be used to restore lost or damaged data. For taking backups and restoring files, Microsoft has provided a utility called Backup. The Backup utility creates a copy of data on a hard disk of a computer and archives data on another storage media. Any storage media such as removable disks, tapes, and logical drives can be used as a backup storage. While taking a backup of files, the Backup utility creates a volume shadow copy of the data to create an accurate copy of the contents. It includes any open files or files that are being used by the system. Users can continue to access the system while the Backup utility is running without the risk of losing data. Volume Shadow Copy Backup provides a feature of taking a backup of files that are opened by a user or system. This feature is known as volume shadow copy. Volume shadow copy makes a duplicate copy of all files at the start of the backup process. In this way, files that have changed during the backup process are copied correctly. Due to this feature, applications can continue writing data to the volume during a backup operation, and backups can be scheduled at any time without locking out users. Types of Backups The Windows Backup utility provides various types of backups. While planning for a backup strategy, it is important to choose an appropriate type or combination of different types of backups. The backup type determines which files are transferred to the destination media.

Each backup type relates to an attribute maintained by every file known as archive (A). The archive attribute is set when a file is created or changed. When an archive attribute is set, it means that the backup of this file has not been taken or it is due. Note: When it is said that "The file is marked as backup", it means that the archive attribute of the file has been cleared. Normal Backups When an administrator chooses to use a normal backup, all selected files and folders are backed up and the archive attribute of all files are cleared. A normal backup does not use the archive attribute to determine which files to back up. A normal backup is used as the first step of any backup plan. It is used with the combination of other backup types for planning a backup strategy of an organization. Normal backups are the most timeconsuming and are resource hungry. Restoration from a normal backup is more efficient than other types of backups. Incremental Backups An incremental backup backs up files that are created or changed since the last normal or incremental backup. It takes the backup of files of which the archive attribute is set. After taking a backup, it clears the archive attribute of files. An incremental backup is the fastest backup process. Restoring data from an incremental backup requires the last normal backup and all subsequent incremental backups. Incremental backups must be

restored in the same order as they were created. Note: If any media in the incremental backup set is damaged or data becomes corrupt, the data backed up after corruption cannot be restored. Differential Backups Differential backup backs up files that are created or changed since the last normal backup. It does not clear the archive attribute of files after taking a backup. The restoration of files from a differential backup is more efficient than an incremental backup. Copy Backups A copy backup copies all selected files and folders. It neither uses nor clears the archive attribute of the files. It is generally not a part of a planned scheduled backup. Daily Backups A daily backup backs up all selected files and folders that have changed during the day. It backs up data by using the modified date of the files. It neither uses nor clears the archive attribute of the files. Combining backup types The easiest backup plan is to take a normal backup every night. A normal backup every night ensures that the data is restored from a single job the next day. Although the restoration of data from a normal backup is easy, taking a backup is time consuming. Hence, an administrator is required to make an optimal backup plan. An administrator must consider the following points before creating a backup plan: •

The time involved in taking the backup.

•

The size of the backup job.

•

The time required to restore a system in the event of a system failure.

The most common solutions for the needs of different organizations include the combination of normal, differential, and incremental backups. Combination of Normal and Differential Backups An administrator can use a combination of a normal backup and a differential backup to save time in taking a backup as well as for a restoration of data. In this plan, a normal backup can be taken on Sunday, and

differential backups can be taken on Monday through Friday every night. If data becomes corrupt at any time, only a normal and last differential backup are required to be restored. Although this combination is easier and takes lesser time for restoration, it takes more time to take backup if data changes frequently. Combination of Normal and Incremental Backups A combination of normal and incremental backups can be used to save more time for taking backups. In this plan, a normal backup is taken on Sunday and incremental backups on Monday through Friday every night. If data becomes corrupt at any time, normal and all incremental backups till date are required to be restored 30.

All the following are phases in the establishment of a switched Virtual Circuit Except: a. Circuit Terminal b. Data Transfer c. Circuit Expansion d. Circuit Establishment

The most appropriate answer is A Circuit Expansion

31.

Which of the following translates e-mail formats from one network to another so that the message can travel through all the networks? a. Gateways b. Protocols Convertor c. Front-end Communication Processor d. Concentrator Multiplexer

The most appropriate answer is A Gateway

A gateway performs the job of translating e-mail formats from one network to another so messages can make their way through all the networks. A protocol converter is a hardware device that converts between two different types of transmissions, such as asynchronous and synchronous transmissions. A front-end communication processor connects all network communication lines to a central computer to relieve the central computer from performing network control, format conversion and message handling tasks. A concentrator/multiplexor is a device used for combining several lower-speed channels into a higher-speed channel

32.

An IS Auditor performing a telecommunication access control review would focus his/her attention most on the a. Maintenance of usage logs of various system resources b. Authorization and authentication of the user prior to granting access to system resources c. Adequate protection of stored data on servers by encryption or other means d. Accountability system and ability to proper identify any terminal accessing system resources

The most appropriate answer is B Authorization and authentication of the user prior to granting access to system resources

33.

Which of the following controls would be Most Comprehensive in a remote access network with multiple and diverse sub-systems? a. Proxy Server b. Firewall installation c. Network administrator d. Password implementation and administration

The most appropriate answer is D Password implementation and administration The most comprehensive control in this situation is password implementation and administration. While firewall installations are the primary line of defense, they cannot protect all access and, therefore, an element of risk remains. A proxy server is a type of firewall installation and thus the same rules apply. The network administrator may serve as a control, but typically this would not be comprehensive enough to serve on multiple and diverse systems.

34.

A reasonably controlled practice in the distributed executable programs that execute in Background of a web browser client, like Java applets and Active X controls is: a. Installation of a firewalls b. Usage of a secure web connection c. Acceptance of executable only from the established and trusted source d. Hosting the website as a part of your organization.

The most appropriate answer is C Acceptance of executable only from the established and trusted source

35.

When an organization’s network is connected with an external net-work in an Intranet client-server model not under the organization’s controls, security becomes a concern. In providing adequate security in this environment, which of the following assurance levels is Least important a. Server and Client authentication b. Data Integrity c. Data Recovery d. Data Confidentiality

The most appropriate answer is C Data Recovery 36. a. b. c. d.

In a TCP/IP network, an IP addresses specifies a : Network connection Router/Gateway Computer in the Network Device in the network such as a gateways/router,host,server,etc

The most appropriate answer is A network Connection An IP address specifies a network connection. An IP address encodes both a network and a host on that network; it does not specify an individual computer, but a connection to a network. A router/gateway connects two networks and will have two IP addresses. Hence, an IP address cannot specify a router. A computer in the network can be connected to other networks as well. It will then use many IP addresses. Such computers are

called multi-homed hosts. Here again an IP address cannot refer to the computer. IP addresses do not refer to individual devices on the network, but refer to the connections by which they are connected to the network

37. a. b. c. d.

In internet architecture, a domain name service(DNS) is most important because it provides the : Addresses of the domain server Addresses of the naming client Resolution of the name of the IP address on the internet Domain name characteristics.

The most appropriate answer is C Resolution of the name of the IP address on the internet The Domain Name System (DNS) provides the basis for converting the names of machines into IP addresses and back again and provides pointers to other resources such as mail handlers and system aliases. That definition is perhaps the only thing simple about DNS in today's ever-changing Internet culture. DNS has grown beyond a simple lookup service to become a major piece of Internet infrastructure-one that has gone well beyond its original scope. The need to extend the capabilities of the Domain Name System combined with mass adoption of the Internet by business and industry has sparked controversy and debate. New forums are popping up to address DNS-related issues, and discussions on newsgroups like the Internet Legal and Policy Forum (ILPF) and newdom have become hot and often hostile. The technological, political, and legal issues surrounding DNS have created confusion and anxiety for systems administrators and operators, users, and businesspeople attempting to leverage the new technology.

38. a. b. c. d.

In an Internet URL “http;//www.infosys.com”, what does the “com” signify? Identifies the protocols being used Identifies that the site is on the Internet It is an additional Information and is not needed Identifies the purposes of the site. It stands for commercial

The most appropriate answer is D identifies the purposes of the site. It stands for commercial 39.

In which of the following, Tags are placed within to accomplish document formatting, visual features such as font size, italics and Bold and creation of links: a. FTTP b. HTTP c. Telnet d. ActiveX

Producing hypertext for the Web is accomplished by creating documents with a language called HyperText Markup Language, or HTML. With HTML, tags are placed within the text to accomplish document formatting,

visual features such as font size, italics and bold, and the creation of hypertext links. Graphics and multimedia may also be incorporated into an HTML document. 40.

Which of the following allow users on the Internet to communicate with each other by typing text mode in real time a. IM b. RFC c. FYI d. FAQ

The most appropriate answer is (A) IM Instant messaging (IM) is a form of real-time communication between two or more people based on typed text. The text is conveyed via devices connected over a network such as the Internet Instant messaging (IM) and chat are technologies that create the possibility of real-time text-based communication between two or more participants over the internet or some form of internal network/intranet. It is important to understand that what separates chat and instant messaging from technologies such as e-mail is the perceived synchronicity of the communication by the user - Chat happens in real-time before your eyes. Some systems allow the sending of messages to people not currently logged on (offline messages), thus removing much of the difference between Instant Messaging and e-mail. While many services have additional features such as: the immediate receipt of acknowledgment or reply, group chatting, conference services (including voice and video), conversation logging and file transfer, those functions are beyond the scope of this article. IM allows effective and efficient communication, featuring immediate receipt of acknowledgment or reply. In certain cases Instant Messaging involves additional features, which make it even more popular, i.e. to see the other party, e.g. by using web-cams, or to talk directly for free over the Internet. It is possible to save a conversation for later reference. Instant messages are typically logged in a local message history which closes the gap to the persistent nature of e-mails and facilitates quick exchange of information like URLs or document snippets (which can be unwieldy when communicated via telephone). 41.

A firewall access control list may filter access based on each of the following parameters except a. Port b. Service Type c. Network Interface Card(NIC) d. Internet Protocol (IP) address

The most appropriate answer is (C) Network Interface Card (NIC)

42.

a. b. c. d.

Which of the following is not provided by a public key infrastructure (PKI) Access Controls Network Reliability Authentication Non-Repudiation

The most appropriate answer is B Network Reliability

43. a. b. c. d.

Secure Socket Layer (SSL) protocol addresses the confidentiality of a message through: Symmetric encryption Message authentication code Hash function Digital signatures certificates

SSL uses a symmetric key for message encryption. A message authentication code is used for ensuring data integrity. Hash function is used for generating a message digest. It does not use public key encryption for message encryption. Digital signature certificates are used by SSL for server authentication The most appropriate answer is A Symmetric encryption 44.

Electromagnetic emissions from a terminal represent an exposure because they: a. Affect noise pollution b. Disrupt processor function c. Produces dangerous levels of electric current d. Can be detected and displayed

The most appropriate answer is D Can be detected and displayed Emissions can be detected by sophisticated equipment and displayed, thus giving access to data to unauthorized persons. They should not cause disruption of CPUs or effect noise pollution

45.

Which of the following would be an IS auditor consider a major risk of using single sign-on in a networked environment a. It enables access to multiple applications b. It represents a single point of failure c. It causes an administrative bottleneck d. It leads to a lockout of valid users

As per a web site Big4Guy.com The answer is 'A'. The risk with using Single Sign On is that it can result in access to all applications with a single password. This can be potentially very harmful as far as security is concerned. Rest all the answers are incorrect While as per the book the most appropriate answer is B It represents a single point of failure Single sign on is the term used to represent a system whereby users need only remember one username and password, and authenticated a can be provided for multiple services. Kerberos [1] is an example of a system where users provide a password and receive a ticket in exchange. The ticket can be used to authenticate users to different network services. Kerberos single sign on is possible because all of the services are under the same administrative control. There is a centralized database containing keys that are shared with each service, and tickets can be issued, encrypted under the keys of the target services.

46.

all of the following are significant Internet exposures Except: lost of Integrity b. Denial of Service Attacks c. Insufficient resources to improve and maintain integrity d. Unauthorized access a.

The most appropriate answer is (C) Insufficient resources to improve and maintain integrity 47.

A manufacturer has been purchasing material and supplies for its business through an E-Commerce application. Which of the following should this manufacturer rely on to prove that the transactions were actually made? a. Reputation b. Authentication c. Encryption d. Non-Repudiation

The most appropriate answer is (D) Non-Repudiation

Non- repudiation may ensure that a transaction is enforceable. It involves creating proof of the origin or delivery of data to protect the sender against false denial by the recipient of the data's receipt, or vice versa. Choice A is incorrect because the company's reputation would not, of itself, prove a deal was made via the Internet. Choice B is not correct as authentication controls are necessary to establish the Identification of all parties to a communication. Choice C is incorrect since encryption may protect the data transmitted over the Internet, but may not prove that the transactions were made

48. a. b. c. d.

An IS Auditor who intends to use penetration testing during an audit of Internet Connection would Evaluate configuration Examine security Setting Ensure virus-scanning software in use Use tools and techniques that are available to a hacker

The most appropriate answer is (D) Use tools and techniques that are available to a hacker

penetration test is a method of evaluating the security of a computer system or network by simulating an attack by a malicious user, known as a Black Hat Hacker, or Cracker. The process involves an active analysis of the system for any potential vulnerabilities that may result from poor or improper system configuration, known and/or unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker, and can involve active exploitation of security vulnerabilities. Any security issues that are found will be presented to the system owner together with an assessment of their impact and often with a proposal for mitigation or a technical solution. The intent of a penetration test is to determine feasibility of an attack and the amount of business impact of a successful exploit, if discovered. It is a component of a full security audit.

49.

A sequence of Bits appended to a digital document that is used to authenticate an e-mail sent through the Internet is called a a. Digest Signature b. Encrypted Message c. Digital Signature d. Hash Signature

The most appropriate answer is: C Digital Signature A digital signature through the private cryptographic key authenticates a transmission from a sender through the private cryptographic key. It is a string of bits that uniquely represent another string of bits, a digital document. An electronic signature refers to the string of bits that digitally represents a handwritten signature captured by a computer system when a human applies it on an electronic pen pad, connected to the system. 50.

Which of the following provides the Greatest assurance in achieving message integrity and nonrepudiation a. The recipient uses the sender’s public Key, verified with a certificate authority, to decrypt the message digest b. The recipient uses his private key to decrypt the secret key c. The encrypted message digest and the message are encrypted using a secret key d. The encrypted message digest is derived mathematically from the message to be sent

The most appropriate answer is (D) The encrypted message digest is derived mathematically from the message to be sent

Most encrypted transactions today use a combination of private keys, public keys, secret keys, hash functions and digital certificates to achieve confidentiality, message integrity and non- repudiation by either sender or recipient. The recipient uses the sender's public key to decrypt the pre-hash code into a post-hash code which when equaling the pre-hash code verifies the identity of the sender and that the message has not been changed in route and would provide the greatest assurance. Each sender and recipient has a private key, known only to him/her and a public key, which can be known by anyone. Each encryption/decryption process requires at least one public key and one private key and both must be from the same party. A single secret key is used to encrypt the message, because secret key encryption requires less processing power than using public and private keys. A digital certificate, signed by a certificate authority, validates senders' and recipients' public keys.