Let's see how well you did on this test ...

1.  DNS, FTP, TFTP, SNMP are provided at what level of the OSI / ISO model?

Answer: Application

Sorry - you had a wrong answer, please review details below.

Reference: OSI/ISO.

2.  The International Standards Organization / Open Systems Interconnection (ISO/OSI) Layers 6 is which of the following?

Answer: Presentation Layer

Sorry - you had a wrong answer, please review details below.

International Standards Organization / Open Systems Interconnection (ISO/OSI) Layers and Characteristics:
Physical Layer
Data Link Layer
Network Layer
Transport Layer
Session Layer
Presentation Layer
Applications Layer
Here's a great mnemonicfor the OSI model: "Please Do Not Trow Sausage Pizza Away".
Source: STEINER, Kurt, Telecommunications and Network Security, Version 1, May 2002, CISSP Open Study Group (Domain Leader: skottikus), Page 12. Available at www.cccure.org.

Thanks to Rakesh Sud for providing this question and to Don Murdoch for providing extra information.

3.  Which of the following OSI layers does not provide confidentiality?

Answer: Transport

Sorry - you had a wrong answer, please review details below.

The transport layer provides end-to-end data transport services and establishes the logical connection between two communicating computers but it does not provide any confidentiality. The presentation layer provides authentication and authorization services. The network layer provides confidentiality, authentication, data integrity, and access control services. The session layer provides confidentiality services through SSL and establishes the connections between applications and allows checkpoint for restart/recovery.
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter 7: Telecommunications and Network Security (page 351).

Thanks to Rhonda Farrell-Oller for reviewing this question.

4.  You are running a packet sniffer on a network and see a packet with a long string of "90 90 90 90...." in the middle of it traveling to an x86-based machine. This could be indicative of what?

Answer: A buffer overflow

Sorry - you had a wrong answer, please review details below.

The Intel x86 processors use the hexadecimal number 90 to represent NOP (no operation). Most of the buffer overflow exploits designed since 11/8/1996 use a long string of NOPs to write past the base pointer and down into the stack to overwrite a return code. newer buffer overflows may not have this characteristic.
Source: The LISA documentation for snort describes these packets.

5.  Which of the following OSI layers provides non-repudiation services?

Answer: application

Sorry - you had a wrong answer, please review details below.

Layer 7 of the OSI model allows applications (users) to use the network in a distributed processing environment. Non-repudiation is a user (application) function. Therefore, non-repudiation is considered to be at the application layer of the OSI model, level 7.
Source: The OSI Reference Model.

Thanks to Peter Mosmans for providing a reference for this question.

6.  Both TCP and UDP use port numbers of what length?

Answer: 16 bits

Sorry - you had a wrong answer, please review details below.

The port numbers range from 1 to 65535.
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, Addison-Wesley Pub Co., pg. 10.

7.  The IP header contains a protocol field. If this field contains the value of 2, what type of data is contained within the IP datagram?

Answer: IGMP

Sorry - you had a wrong answer, please review details below.

TCP=6, ICMP=1, UDP=17, IGMP=2
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, Addison-Wesley Pub Co., pg. 10.

8.  The IP header contains a protocol field. If this field contains the value of 6, what type of data is contained within the ip datagram?

Answer: TCP

Sorry - you had a wrong answer, please review details below.

TCP=6, ICMP=1, UDP=17, IGMP=2
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, Addison-Wesley Pub Co., pg. 10.

9.  Fast Ethernet operates at which of the following?

Answer: 100 MBps

Sorry - you had a wrong answer, please review details below.

Fast Ethernet operates at 100 MBps.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, page 108.

Thanks to George Wood for providing this question.

10.  Which of the following is an ipaddress that is private (i.e. reserved for internal networks, and not a valid address to use on the Internet)?

Answer: 192.168.42.5

Sorry - you had a wrong answer, please review details below.

Each class of addresses contains a block that are reserved for private networks and which are not routable across the public Internet. For class A, the reserved addresses are 10.0.0.0 - 10.255.255.255. For class B networks, the reserved addresses are 172.16.0.0 - 172.31.255.255. For class C, the reserved addresses are 192.168.0.0 - 192.168.255.255.
Source: The Linux Net-HOWTO.
Also ensure that you take a look at RFC 1918, which is THE reference for private address space.

11.  Telnet and rlogin use which protocol?

Answer: TCP

Sorry - you had a wrong answer, please review details below.

Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, Addison-Wesley Pub Co., pg. 25.

12.  In the OSI / ISO model, at what level are TCP and UDP provided?

Answer: Transport

Sorry - you had a wrong answer, please review details below.

The Transport layer of the OSI/ISO model supports the TCP and UDP protocol.

13.  The connection using fiber optics from the phone company's branch office to local customers is which of the following?

Answer: local loop

Sorry - you had a wrong answer, please review details below.

Transmission on fiber optic wire requires repeating at distance intervals. The glass fiber requires more protection within an outer cable than copper. For these reasons and because the installation of any new wiring is labor-intensive, few communities yet have fiber optic wires or cables from the phone company's branch office to local customers (local loop).
Source: STEINER, Kurt, Telecommunications and Network Security, Version 1, May 2002, CISSP Open Study Group (Domain Leader: skottikus), Page 14. Available at www.cccure.org.

Thanks to Rakesh Sud for providing this question.

14.  A packet containing a long string of NOP's followed by a command is usually indicative of what?

Answer: A buffer overflow

Sorry - you had a wrong answer, please review details below.

Most of the buffer overflow exploits designed since 11/8/1996 use a long string of NOPs to write past the base pointer and down into the stack to overwrite a return code. newer buffer overflows may not have this characteristic.
Source: The LISA documentation for snort describes these packets.

15.  Which of the following is an ipaddress that is private (i.e. reserved for internal networks, and not a valid address to use on the Internet)?

Answer: 10.0.42.5

Sorry - you had a wrong answer, please review details below.

Each class of addresses contains a block that are reserved for private networks and which are not routable across the public Internet. For class A, the reserved addresses are 10.0.0.0 - 10.255.255.255. For class B networks, the reserved addresses are 172.16.0.0 - 172.31.255.255. For class C, the reserved addresses are 192.168.0.0 - 192.168.255.255.
Source: The Linux Net-HOWTO.
Also ensure that you take a look at RFC 1918, which is THE reference for private address space.

16.  Which of the following statements about the "Intranet" is NOT true?

Answer: It is unrestricted and publicly available.

Sorry - you had a wrong answer, please review details below.

Details and reference for this question are not yet available. This question is a new question that was submitted by one of the member of the site and I have to find a reference for it. If you do have a reference to this question, please send it to Christian at with the question above. Thanks. Clement.

17.  Which of the following OSI layers provides routing and related services?

Answer: Network

Sorry - you had a wrong answer, please review details below.

The network layer provides routing and related functions that enable multiple data links to be combined into an Internetwork.
Reference: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter 7: Telecommunications and Network Security (page 351).

Thanks to Christian Vezina for providing a reference for this question.

18.  What is the proper term to refer to a single unit of IP data?

Answer: IP datagram

Sorry - you had a wrong answer, please review details below.

The proper terms are TCP segment, IP datagram, and Ethernet frame.
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, Addison-Wesley Pub Co., pg. 10.

19.  ICMP and IGMP belong to which layer of the OSI model?

Answer: Network

Sorry - you had a wrong answer, please review details below.

Although ICMP and IGMP are moved across the network within IP datagrams like TCP, do not provide end-to-end transport so they cannot be part of the transport layer like TCP.
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, Addison-Wesley Pub Co., pg. 2.

20.  Which of the following is true related to network sniffing?

Answer: Sniffers allow an attacker to monitor data passing across a network.

Sorry - you had a wrong answer, please review details below.

Sniffers allow an attacker to monitor data passing across a network ... Sniffers exploit characteristics of several data-link technologies, including Token Ring and especially Ethernet. IP Spoofing is a network-based attack, which involves altering the source address of a computer to disguise the attacker and exploit weak authentication methods. Session Hijacking tools allow an attacker to take over network connections, kicking off the legitimate user or sharing a login. Malformed Packer attacks are a type of DoS attack that involves one or two packets that are formatted in an unexpected way. Many vendor product implementations do not take into account all variations of user entries or packet types. If software handles such errors poorly, the system may crash when it receives such packets. A classic example of this type of attack involves sending IP fragments to a system that overlap with each other (the fragment offset values are incorrectly set. Some unpatched Windows and Linux systems will crash when the encounter such packets.
Source: TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 2, Auerbach, NY, NY 2001, Chapter 22, Hacker Tools and Techniques by Ed Skoudis.

21.  Which of the following provide network redundancy in a local network environment?

Answer: Dual backbones

Sorry - you had a wrong answer, please review details below.

Growth in data traffic, coupled with the requirement to utilize bandwidth more efficiently, has in many cases resulted in organizations setting up dedicated data networks. In the meantime, the TDM backbone remained in place to service voice requirements. The result is dual backbones - one for voice, the other for data.

Thanks to Rakesh Sud for providing details to this question.

22.  How do you distinguish between a bridge and a router?

Answer: The bridge connects two networks at the link layer, while router connects two networks at the network layer.

Sorry - you had a wrong answer, please review details below.

Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, Addison-Wesley Pub Co., pg. 6.

23.  The International Standards Organization / Open Systems Interconnection (ISO/OSI) Layers are in which of the following order (1 to 7) ?

Answer: Physical Layer, Data Link Layer, Network Layer, Transport Layer, Session Layer, Presentation Layer, Application Layer

Sorry - you had a wrong answer, please review details below.

International Standards Organization / Open Systems Interconnection (ISO/OSI) Layers and Characteristics:
Physical Layer
Data Link Layer
Network Layer
Transport Layer
Session Layer
Presentation Layer
Applications Layer

Mnemonics: Please Do Not Throw Sausage Pizza Away (bottom to top layer)
All People Seem To Need Data Processing (top to bottom layer).
Source: STEINER, Kurt, Telecommunications and Network Security, Version 1, May 2002, CISSP Open Study Group (Domain Leader: skottikus), Page 10. Available at www.cccure.org.

Thanks to Rakesh Sud for providing this question and to Arlen Fletcher for reviewing it.

24.  The International Standards Organization / Open Systems Interconnection (ISO/OSI) Layers does NOT have which of the following characteristics?

Answer: Used to gain information from network devices such as count of packets received and routing tables

Sorry - you had a wrong answer, please review details below.

The International Standards Organization / Open Systems Interconnection (ISO/OSI) Layers and Characteristics Standard model for network communications allows dissimilar networks to communicate, Defines 7 protocol layers (a.k.a. protocol stack) Each layer on one workstation communicates with its respective layer on another workstation using protocols (i.e. agreed-upon communication formats) "Mapping" each protocol to the model is useful for comparing protocols.
Mnemonics: Please Do Not Throw Sausage Pizza Away (bottom to top layer)
All People Seem To Need Data Processing (top to bottom layer).
Source: STEINER, Kurt, Telecommunications and Network Security, Version 1, May 2002, CISSP Open Study Group (Domain Leader: skottikus), Page 12. Available at www.cccure.org.

Thanks to Rakesh Sud for providing this question.

25.  ARP and RARP map between which of the following?

Answer: 32-bit addresses in IPv4 and 48-bit hardware addresses

Sorry - you had a wrong answer, please review details below.

Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, Addison-Wesley Pub Co., pg. 22.

26.  Which of the following layers provides end-to-end service?

Answer: Transport Layer

Sorry - you had a wrong answer, please review details below.

Both TCP and UDP are transport layer protocols
Source: STEVENS, Richard W., TCP/IP Illustrated, Volume 1: The Protocols, 1994, Addison-Wesley Pub Co., pg. 19.

27.  In the days before CIDR (Classless Internet Domain Routing), networks were commonly organized by classes. Which of the following would have been true of a Class B network?

Answer: The first bit of the ipaddress would be set to one and the second bit set to zero.

Sorry - you had a wrong answer, please review details below.

Source: SEMERIA, Chuck, Understanding IP Addressing: Everything You Ever Wanted To Know, 3Com Corporation.