1. An organization is about to implement a computer network in a new office building.

The company has

2000 users located in the same physical area. No external network connection will be required. Which
of the following network configurations would be the most expensive to install

a. BUS
b. Ring
c. Star
d. Mesh

Most Appropriate Answer is (D) Mesh as it is the most expensive to install the mesh network

2. IN Wide Area Networks (WANs)

a. Data Flow must be half duplex

b. Communication lines must b dedicated
c. Circuit Structure can be operated only over a fixed distance
d. The selection of communication lines will effect reliability

Most Appropriate Answer is (D) the selection of communication lines will effect reliability

Wide Area Network (WAN) is a computer network that covers a broad area (i.e., any network whose
communications links cross metropolitan, regional, or national boundaries [1]). Less formally, a WAN is a network
that uses routers and public communications links [1]. Contrast with personal area networks (PANs), local area
networks (LANs), campus area networks (CANs), or metropolitan area networks (MANs) which are usually
limited to a room, building, campus or specific metropolitan area (e.g., a city) respectively. The largest and most
well-known example of a WAN is the Internet.

WANs [a] are used to connect LANs and other types of networks together, so that users and computers in one
location can communicate with users and computers in other locations. Many WANs are built for one particular
organization and are private. Others, built by Internet service providers, provide connections from an
organization's LAN to the Internet. WANs are often built using leased lines. At each end of the leased line, a
router connects to the LAN on one side and a hub within the WAN on the other. Leased lines can be very
expensive. Instead of using leased lines, WANs can also be built using less costly circuit switching or packet
switching methods. Network protocols including TCP/IP deliver transport and addressing functions. Protocols
including Packet over SONET/SDH, MPLS, ATM and Frame relay are often used by service providers to deliver
the links that are used in WANs. X.25 was an important early WAN protocol, and is often considered to be the
"grandfather" of Frame Relay as many of the underlying protocols and functions of X.25 are still in use today
(with upgrades) by Frame Relay.

Academic research into wide area networks can be broken down into three areas: Mathematical models, network
emulation and network simulation.

Performance improvements are sometimes delivered via WAFS or WAN optimization.

Several options are available for WAN connectivity: [2]

 Sample
Bandwidth
Option: Description Advantages Disadvantages protocols
range
used

Point-to-Point connection between two PPP, HDLC,

Leased
computers or Local Area Networks Most secure Expensive SDLC,
line
(LANs) HNAS

A dedicated circuit path is created

Circuit 28 kbit/s -
between end points. Best example is Less Expensive Call Setup PPP, ISDN
switching 144 kbit/s
dialup connections

Devices transport packets via a shared

single point-to-point or point-to-
multipoint link across a carrier X.25
Packet Shared media
internetwork. Variable length packets Frame-
switching across link
are transmitted over Permanent Virtual Relay
Circuits (PVC) or Switched Virtual
Circuits (SVC)

Similar to packet switching, but uses

best for
fixed length cells instead of variable
simultaneous use Overhead can be
Cell relay length packets. Data is divided into ATM
of Voice and considerable
fixed-length cells and then transported
data
across virtual circuits

Transmission rate usually range from 1200 bits/s to 6 Mbit/s, although some connections such as ATM and
Leased lines can reach speeds greater than 156 Mbit/s. Typical communication links used in WANs are telephone
lines, microwave links & satellite channels.

Recently with the proliferation of low cost of Internet connectivity many companies and organizations have
turned to VPN to interconnect their networks, creating a WAN in that way. Companies such as Cisco, New Edge
Networks and Check Point offer solutions to create VPN networks.

3. An organization is considering installing a Local; Area Network (LAN) in a site under construction. If a
system availability is the main concern, which of the following is most Appropriate

a. Ring
b. Line
c. Star
d. Bus

Most Appropriate Answer is (C) STAR

A ring or loop topology would enable messages to be rerouted should the network cabling be severed at any point
or a hardware element fail. With the correct settings in network hardware, the loss of any link would be
invisible to the users. In line and bus networks, which are essentially the same thing, terminals are connected to
a single cable. If this cable is severed, all terminals beyond the point of severance will be unavailable. A star
network clusters terminals around hubs, connected to the server by separate lines in the form of a star. If any
line is severed, all terminals in the cluster at the end of that line would be disconnected.

4. Which of the following is not an element of a LAN environment?

a. Packet Switching Technology
b. Baseband
c. Ring or short Bus topology
d. Public Circuit Switching Technology.

Most Appropriate Answer is (D) Public Circuit Switching Technology

5. Which of the following OSI layers communicates with the user Programs?

a. Physical
b. Application
c. Presentation
d. Session

Most Appropriate Answer is ( B) Application Layers

 Open Systems Interconnection (OSI) model is a reference model developed by ISO (International Organization

for Standardization) in 1984, as a conceptual framework of standards for communication in the network across

different equipment and applications by different vendors. It is now considered the primary architectural model

for inter-computing and inter-networking communications. Most of the network communication protocols used

today have a structure based on the OSI model. The OSI model defines the communications process into 7

layers, dividing the tasks involved with moving information between networked computers into seven smaller,

more manageable task groups. A task or group of tasks is then assigned to each of the seven OSI layers. Each

layer is reasonably self-contained, so that the tasks assigned to each layer can be implemented independently.

This enables the solutions offered by one layer to be updated without adversely affecting the other layers.

The OSI 7 layers model has clear characteristics at each layer. Basically, layers 7 through 4 deals with end to

end communications between data source and destinations, while layers 3 to 1 deal with communications between

network devices. On the other hand, the seven layers of the OSI model can be divided into two groups: upper

layers (layers 7, 6 & 5) and lower layers (layers 4, 3, 2, 1). The upper layers of the OSI model deal with

application issues and generally are implemented only in software. The highest layer, the application layer, is

closest to the end user. The lower layers of the OSI model handle data transport issues. The physical layer and

the data link layer are implemented in hardware and software. The lowest layer, the physical layer, is closest to

the physical network medium (the wires, for example) and is responsible for placing data on the medium.

The specific description for each layer is as follows:

Layer 7: Application Layer

• Defines interface-to-user processes for communication and data transfer in network

• Provides standardized services such as virtual terminal, file and job transfer and operations

Layer 6: Presentation Layer

• Masks the differences of data formats between dissimilar systems

• Specifies architecture-independent data transfer format

• Encodes and decodes data; encrypts and decrypts data; compresses and decompresses data
 Layer 5: Session Layer

• Manages user sessions and dialogues

• Controls establishment and termination of logic links between users

• Reports upper layer errors

Layer 4: Transport Layer

• Manages end-to-end message delivery in network

• Provides reliable and sequential packet delivery through error recovery and flow control mechanisms

• Provides connectionless oriented packet delivery

Layer 3: Network Layer

• Determines how data are transferred between network devices

• Routes packets according to unique network device addresses

• Provides flow and congestion control to prevent network resource depletion

Layer 2: Data Link Layer

• Defines procedures for operating the communication links

• Frames packets

• Detects and corrects packets transmit errors

Layer 1: Physical Layer

• Defines physical means of sending data over network devices

• Interfaces between network medium and devices

• Defines optical, electrical and mechanical characteristics

Information being transferred from a software application in one computer to an application in another

proceeds through the OSI layers. For example, if a software application in computer A has information to pass

to a software application in computer B, the application program in computer A needs to pass the information to

the application layer (Layer 7) of computer A, which then passes the information to the presentation layer

(Layer 6), which relays the data to the session layer (Layer 5), and so on all the way down to the physical layer
(Layer 1). At the physical layer, the data is placed on the physical network medium and is sent across the

medium to computer B. The physical layer of computer B receives the data from the physical medium, and then

its physical layer passes the information up to the data link layer (Layer 2), which relays it to the network layer

(Layer 3), and so on, until it reaches the application layer (Layer 7) of computer B. Finally, the application layer

of computer B passes the information to the recipient application program to complete the communication

process. The following diagram illustrated this process.

OSI Network Architecture 7 Layers Model - 1

The seven OSI layers use various forms of control information to communicate with their peer layers in other

computer systems. This control information consists of specific requests and instructions that are exchanged

between peer OSI layers. Headers and Trailers of data at each layer are the two basic forms to carry the

control information.

Headers are prepended to data that has been passed down from upper layers. Trailers are appended to data

that has been passed down from upper layers. An OSI layer is not required to attach a header or a trailer to

data from upper layers.

Each layer may add a Header and a Trailer to its Data, which consists of the upper layer's Header, Trailer and

Data as it proceeds through the layers. The Headers contain information that specifically addresses layer-to-

layer communication. Headers, trailers and data are relative concepts, depending on the layer that analyzes the

information unit. For example, the Transport Header (TH) contains information that only the Transport layer

sees. All other layers below the Transport layer pass the Transport Header as part of their Data. At the

network layer, an information unit consists of a Layer 3 header (NH) and data. At the data link layer, however,

all the information passed down by the network layer (the Layer 3 header and the data) is treated as data. In
other words, the data portion of an information unit at a given OSI layer potentially can contain headers,

trailers, and data from all the higher layers. This is known as encapsulation.

OSI Network Architecture 7 Layers Model - 2

For example, if computer A has data from a software application to send to computer B, the data is passed to

the application layer. The application layer in computer A then communicates any control information required by

the application layer in computer B by prepending a header to the data. The resulting message unit, which

includes a header, the data and maybe a trailer, is passed to the presentation layer, which prepends its own

header containing control information intended for the presentation layer in computer B. The message unit

grows in size as each layer prepends its own header and trailer containing control information to be used by its

peer layer in computer B. At the physical layer, the entire information unit is transmitted through the network

medium.

The physical layer in computer B receives the information unit and passes it to the data link layer. The data link

layer in computer B then reads the control information contained in the header prepended by the data link layer

in computer A. The header and the trailer are then removed, and the remainder of the information unit is

passed to the network layer. Each layer performs the same actions: The layer reads the header and trailer from

its peer layer, strips it off, and passes the remaining information unit to the next higher layer. After the

application layer performs these actions, the data is passed to the recipient software application in computer B,

in exactly the form in which it was transmitted by the application in computer A.

 OSI Network Architecture 7 Layers Model - 3

One OSI layer communicates with another layer to make use of the services provided by the second layer. The

services provided by adjacent layers help a given OSI layer communicate with its peer layer in other computer

systems. A given layer in the OSI model generally communicates with three other OSI layers: the layer directly

above it, the layer directly below it and its peer layer in other networked computer systems. The data link layer

in computer A, for example, communicates with the network layer of computer A, the physical layer of computer

A and the data link layer in computer B. The following chart illustrates this example.

6. The advantages of a Ring topology is that

a. It is an easy to install
b. It is an easy to add or replace computers to the network
c. It minimizes network traffic congestion
d. It uses a number of high speed hubs and switches
Most Appropriate Answer is (C) It minimizes network traffic congestion

7. An agreement between two computer systems related to the methods of data transmission that is
picked and interpreted is called

a. Communication Channel
b. Communication Protocol
c. Synchronous mode of transmission
d. Asynchronous mode of transmission

Most Appropriate Answer is (B) Communication Protocol

A communications protocol is the set of standard rules for data representation, signaling, authentication and
error detection required to send information over a communications channel. An example of a simple
communications protocol adapted to voice communication is the case of a radio dispatcher talking to mobile
stations. The communication protocols for digital computer network communication have many features intended
to ensure reliable interchange of data over an imperfect communication channel. Communication protocol is
basically following certain rules so that the system works p
 8. A session can be defined as
a. A link between two network nodes
b. Series of transmission without any disconnection
c. A specific place in a system
d. Bi-directional data flow between two network nodes

Most Appropriate Answer is (B) Series of transmission without any disconnection

In computer science, in particular networking, a session is a semi-permanent interactive information exchange,

also known as a dialogue, a conversation or a meeting, between two or more communicating devices, or between a
computer and user (see Login session). A session is set up or established at a certain point in time, and torn
down at a later point in time. An established communication session may involve more than one message in each
direction. A session is typically, but not always, stateful, meaning that at least one of the communicating parts
need to save information about the session history in order to be able to communicate, as opposed to stateless
communication, where the communication consists of independent requests with responses.

Communication sessions may be implemented as part of protocols and services at the application layer, at the
session layer or at the transport layer in the OSI model.

• Application layer examples:

o HTTP sessions, which may allow dynamic web pages, i.e. interactive web pages, as opposed to
static web pages.
o A telnet remote login session
• Session layer example:
o A Session Initiation Protocol (SIP) based Internet phone call
• Transport layer example:
o A TCP session, which is synonymous to a TCP virtual circuit, a TCP connection, or an established
TCP socket.

In the case of transport protocols which do not implement a formal session layer (e.g., UDP) or where
sessions at the session layer are generally very short-lived (e.g., HTTP), sessions are maintained by a higher
level program using a method defined in the data being exchanged. For example, an HTTP exchange
between a browser and a remote host may include an HTTP cookie which identifies state, such as a unique
session ID, information about the user's preferences or authorization level.

9. Which of the following would typically be considered a LAN

a. 10 Computers in your office connected together and hooked up to a printer
b. A connection of one computer in Mumbai to another in Delhi
c. The city-wide connection between ATMs
d. The 3 stand – alone PCs in your home

The Most appropriate answer is (A) 10 Computers in your office connected together and hooked up to a
printer.
10. Which network typically demands more knowledgeable users?
a. Server Based Network
b. Peer to Peer Network
c. Local Area Network
d. Wide Area Network
The Most appropriate answer is (B) Peer to Peer Network

A Peer to Peer (or P2P) computer network uses diverse connectivity between participants in a network and the
cumulative bandwidth of network participants rather than conventional centralized resources where a relatively
low number of servers provide the core value to a service or application. P2P networks are typically used for
connecting nodes via largely ad hoc connections. Such networks are useful for many purposes. Sharing content
files (see file sharing) containing audio, video, data or anything in digital format is very common, and realtime
data, such as telephony traffic, is also passed using P2P technology.

A pure P2P network does not have the notion of clients or servers but only equal peer nodes that simultaneously
function as both "clients" and "servers" to the other nodes on the network. This model of network arrangement
differs from the client-server model where communication is usually to and from a central server. A typical
example of a file transfer that is not P2P is an FTP server where the client and server programs are quite
distinct, the clients initiate the download/uploads, and the servers react to and satisfy

P2P networks can be classified by what they can be used for:

• file sharing
• telephony
• media streaming (audio, video)
• discussion forums

Other classification of P2P networks is according to their degree of centralization.

In 'pure' P2P networks:

• Peers act as equals, merging the roles of clients and server

• There is no central server managing the network
• There is no central router

some examples of pure P2P application layer networks designed for file sharing are Gnutella and Freenet.

There also exist countless hybrid P2P systems:

11. All of the following are true relating to the use of Fiber optics Except
a. Data is minimized rapidly
b. Fiber optic cable is small and flexible
c. They are unaffected by electrical interference
d. They provide the highest level of signal attenuation

The Most appropriate answer is (D) they provide the highest level of signal attenuation (Decrease)

12. A major problem in networking is the slow rate of data transfer. Which of the following would help
counter this problem?
a. Data Formatting
b. Allocating adequate Bandwidth
c. Centralized Control
d. All of the above
The Most appropriate answer is (D) All of the above

13. Which of the following can a LAN administrator use to protect against exposure to illegal or
unlicensed software usage by the network user?

a. Software Metering
b. Virus detection software
c. Software encryption
d. Software decryption

As per book the answer is B Virus detection software which seems wrong but as per question asked in
CISA the q and A is as below

Q). Which of the following can a local area network (LAN) administrator use to protect against exposure to
illegal or unlicensed software usage by the network user?

A. Software metering
B. Virus detection software
C. Software encryption
D. Software inventory programs

Answer: LAN Administrators usually take the help of software inventory programs to monitor the usage of
unlicensed software in an organization. The other answers are incorrect.

14. which of the following devices connects two or more dissimilar computer system by interpreting and
translating the different protocols that are used
a. Router
b. Repeater
c. Gateway
d. Firewall
The most appropriate answer is A Router as it may connect two Similar or Dissimilar Computer by
interpreting and translating the different protocols that are used

15. The device primarily used to extend the network must have the ability to act as a storage and
forwarding device is
a. Router
b. Bridge
c. Repeater
d. Gateway
The most appropriate answer is C Repeater

16. Which of the following transmission media would not be affected by cross talk or interference
a. Fiber optic System
b. Twisted Pair Circuits
c. Microwave Radio System
d. Satellite radio-link systems

The most appropriate answer is A Fiber optic System

Advantages of Fiber Optics

• System Performance
• Greatly increased bandwidth and capacity
• Lower signal attenuation (loss)
• Immunity to Electrical Noise
• Immune to noise (electromagnetic interference [EMI] and radio-frequency interference [RFI]
• No crosstalk
• Lower bit error rates
• Signal Security
• Difficult to tap
• Nonconductive (does not radiate signals)Electrical Isolation
• No common ground required
• Freedom from short circuit and sparks
• Size and Weight
• Reduced size and weight cables
• Environmental Protection
• Resistant to radiation and corrosion
• Resistant to temperature variations
• Improved ruggedness and flexibility
• Less restrictive in harsh environments
• Overall System Economy
• Low per-channel cost
• Lower installation cost
17. Which of the following media would be the most secure in a telecommunication network?
a. Dedicated Lines
b. Base land Network
c. Dial Up
d. Broad Land Network Digital Transmission

The most appropriate answer is A Dedicated Lines

A dedicated line is a telecommunications path between two points that is available 24 hours a day for use by a
designated user (individual or company). It is not shared in common among multiple users as dial-up lines are. A
dedicated line can be a physical path owned by the user or rented from a telephone company, in which case it is
called a leased line. A synonym is nonswitched line (as opposed to a switched or dial-up line).

18. Which of the following transmission media is most resistant to a sniffing attack?
a. Optical Fiber
b. Satellite Microwave
c. Twisted Pair Wire
d. Infrared
The most appropriate answer is A optic fiber

19. A hub is a device that connects

a. Two LAN using Different protocols
b. A LAN with a WAN
c. A LAN with a MAN
 d. Two segments of a single LAN

The most appropriate answer is D Two segments of a single LAN

20. Which type of a cable uses a BNC Connector

a. Twisted Pair
b. UTP
c. STP
d. Coaxial Cable

The most appropriate answer is D Coaxial Cable

BNC is a small device for connecting coaxial cables, used frequently in low-power, radio-frequency and test
applications. Abbreviation for bayonet Neil-Concelman connector.

21. An electronic device that combines data from several low speed communication lines into a high speed
line is called
a. Modem
b. Multiplexer
c. Channel
d. Link Editor
The most appropriate answer is B Multiplexer

Multiplexors: combines two or more input signals from several devices into a single stream of high speed signals

22. It is essential to monitor telecommunication processes and ensure that data transmission is complete
and accurate. Which of the following automated processes/reports measure this?
a. Turnaround time reports
b. Help desk response monitoring reports
c. Breakdowns/downtime reports
d. Online monitoring tools

The most appropriate answer is D Online Monitoring Report

The Turnaround Time (TAT) Report Spreadsheet contains a list of specimens received into the laboratory for a
specified date range and the time frame in which each was reported. Testing turnaround time is calculated using
a 24-hour clock from the time the specimen is received into the laboratory until the final laboratory result
report is released.
Features:

• Generated by client request

• Report delivery via e-mail or fax (large testing volume may inhibit faxing of reports)
• Client-defined single or multiple accounts or contracts
• Client-defined report date range
• Electronic spreadsheet e-mailed directly from LabCorp’s mainframe
•
 23. Which of the following functions cannot be performed using a communications network controls
terminal?
a. Resetting Queue lengths
b. Starting and terminating Line Processes
c. Generating a control total for a point of sale device
d. Correcting a hardware error in a modem

The most appropriate answer is D correcting a hardware error in a modem

24. A service provided to businesses by telecommunication companies or long distance carriers that
provides a permanent direct connections between geographical social separate local area network is
a. Point to point link
b. Message switching
c. Distributed network
d. Packet Switching

The most appropriate answer is A Point to point link

Point-to-point link: A dedicated data link that connects only two stations

In telecommunications, message switching was the precursor of packet switching, where messages were routed
in their entirety, one hop at a time. It was first introduced by Leonard Kleinrock in 1961. Message switching
systems are nowadays mostly implemented over packet-switched or circuit-switched data networks.

Hop-by-hop Telex forwarding and UUCP are examples of message switching systems. E-mail is another example
of a message switching system.

When this form of switching is used, no physical path is established in advance in between sender and receiver.
Instead, when the sender has a block of data to be sent, it is stored in the first switching office (i.e. router)
then forwarded later at one hop at a time. Each block is received in its entity form, inspected for errors and
then forwarded or re-transmitted.

A form of store-and-forward network. Data is transmitted into the network and stored in a switch. The network
transfers the data from switch to switch when it is convenient to do so, as such the data is not transferred in
real-time. Blocking can not occur, however, long delays can happen. The source and destination terminal need not
be compatible, since conversions are done by the message switching networks.

A message switch is “transactional”. It can store data or change its format and bit rate, then convert the data
back to their original form or an entirely different form at the receive end. Message switching multiplexes data
from different sources onto a common facility.

25. A transmission technique in which a complete message is sent to a concentration point for storage and
routing to the destination point when a communication path is available is called
a. Circuit Switching
b. Message Switching
c. Packet switching
d. Junction switching

The most appropriate answer is B Message Switching

Message switching: A method of handling message traffic through a switching center, either from local users
or from other switching centers, whereby the message traffic is stored and forwarded through the system

Circuit switching is defined as a mechanism applied in telecommunications (mainly in PSTN) whereby the user is
allocated the full use of the communication channel for the duration of the call.

That is if two parties wish to communicate, the calling party has to first dial the numbers of the called party.
Once those numbers are dialed, the originating exchange will find a path to the terminating exchange, which will
in turn find the called party.

After the circuit or channel has been set up, then communication will take place, then once they are through the
channel will be cleared. This mechanism is referred to as being connection-oriented.

Advantages of Circuit Switching:

• Once the circuit has been set up, communication is fast and without error.
• It is highly reliable

Disadvantages:

Involves a lot of overhead, during channel set up.

• Waists a lot of bandwidth, especial in speech whereby a user is sometimes listening, and not talking.
• Channel set up may take longer.

To overcome the disadvantages of circuit switching, packet switching was introduced, and instead of dedicating
a channel to only two parties for the duration of the call it routes packets individually as they are available. This
mechanism is referred to as being connectionless.

Packet Switching

Packet switching is similar to message switching using short messages. Any message exceeding a network-
defined maximum length is broken up into shorter units, known as packets, for transmission; the packets, each
with an associated header, are then transmitted individually through the network. The fundamental difference
in packet communication is that the data is formed into packets with a pre-defined header format (i.e. PCI), and
well-known "idle" patterns which are used to occupy the link when there is no data to be communicated.

A packet network equipment discards the "idle" patterns between packets and processes the entire packet as
one piece of data. The equipment examines the packet header information (PCI) and then either removes the
header (in an end system) or forwards the packet to another system. If the out-going link is not available, then
the packet is placed in a queue until the link becomes free. A packet network is formed by links which connect
packet network equipment.
Communication between A and D using circuits which are shared using packet switching.

Packet-switched communication between systems A and D

(The message in this case has been broken into three parts labeled 1-3)

There are two important benefits from packet switching.

1.The first and most important benefit is that since packets are short, the communication links between
the nodes are only allocated to transferring a single message for a short period of time while
transmitting each packet. Longer messages require a series of packets to be sent, but do not require the
link to be dedicated between the transmission of each packet. The implication is that packets belonging
to other messages may be sent between the packets of the message being sent from A to D. This
provides a much fairer sharing of the resources of each of the links.
2. Another benefit of packet switching is known as "pipelining". Pipelining is visible in the figure above. At
the time packet 1 is sent from B to C, packet 2 is sent from A to B; packet 1 is sent from C to D while
packet 2 is sent from B to C, and packet 3 is sent from A to B, and so forth. This simultaneous use of
communications links represents a gain in efficiency, the total delay for transmission across a packet
network may be considerably less than for message switching, despite the inclusion of a header in each
packet rather than in each message.
26. All of the following are considered characteristics of N-Tier Computing architecture Except
a. Distributed Computing
b. Open Industry Standards
c. Thin Client Interfaces
d. Monolithic Architecture

The most appropriate answer is D Monolithic architecture

27. Measuring utilization of all important network resources so that individual or group uses on network
can be regulated appropriately is called:
a. Performance management
 b. Security Management
c. Accounting Management
d. Configuration Management

The most appropriate answer is C Accounting Management

28. Which of the following is most often used for collecting statistical and configuration information
about network devices such as computers, Hubs, Switches, Routers, etc.?
a. Simple Network management Protocols
b. Online Reports
c. Downtime Reports
d. Help Desk Reports

The most appropriate answer is A Simple Network management Protocols

29. Which of the following would typically be considered the fastest to restore?
a. Normal Backup
b. Incremental Backup
c. Differential
d. Copy Backup

The most appropriate answer is A Normal Backup

Planning a backup and restoration of files for disaster recovery.

Planning a backup and restoration of files is the most important step to protect data from accidental loss in the
event of data deletion or a hard disk failure. The backup copy can be used to restore lost or damaged data. For
taking backups and restoring files, Microsoft has provided a utility called Backup. The Backup utility creates a
copy of data on a hard disk of a computer and archives data on another storage media. Any storage media such
as removable disks, tapes, and logical drives can be used as a backup storage.
While taking a backup of files, the Backup utility creates a volume shadow copy of the data to create an
accurate copy of the contents. It includes any open files or files that are being used by the system. Users can
continue to access the system while the Backup utility is running without the risk of losing data.
Volume Shadow Copy
Backup provides a feature of taking a backup of files that are opened by a user or system. This feature is known
as volume shadow copy. Volume shadow copy makes a duplicate copy of all files at the start of the backup
process. In this way, files that have changed during the backup process are copied correctly. Due to this
feature, applications can continue writing data to the volume during a backup operation, and backups can be
scheduled at any time without locking out users.
Types of Backups
The Windows Backup utility provides various types of backups. While planning for a backup strategy, it is
important to choose an appropriate type or combination of different types of backups. The backup type
determines which files are transferred to the destination media.
Each backup type relates to an attribute maintained by every file known as archive (A). The archive attribute is
set when a file is created or changed. When an archive attribute is set, it means that the backup of this file has
not been taken or it is due.

Note: When it is said that "The file is marked as backup", it means that the archive attribute of the file has
been cleared.

Normal Backups

When an administrator chooses to use a normal backup, all selected files and folders are backed up and the
archive attribute of all files are cleared. A normal backup does not use the archive attribute to determine which
files to back up. A normal backup is used as the first step of any backup plan. It is used with the combination of
other backup types for planning a backup strategy of an organization. Normal backups are the most time-
consuming and are resource hungry. Restoration from a normal backup is more efficient than other types of
backups.

Incremental Backups

An incremental backup backs up files that are created or changed since the last normal or incremental backup.
It takes the backup of files of which the archive attribute is set. After taking a backup, it clears the archive
attribute of files. An incremental backup is the fastest backup process. Restoring data from an incremental
backup requires the last normal backup and all subsequent incremental backups. Incremental backups must be
restored in the same order as they were created.

Note: If any media in the incremental backup set is damaged or data becomes corrupt, the data backed up after
corruption cannot be restored.

Differential Backups

Differential backup backs up files that are created or changed since the last normal backup. It does not clear
the archive attribute of files after taking a backup. The restoration of files from a differential backup is more
efficient than an incremental backup.

Copy Backups

A copy backup copies all selected files and folders. It neither uses nor clears the archive attribute of the files.
It is generally not a part of a planned scheduled backup.

Daily Backups

A daily backup backs up all selected files and folders that have changed during the day. It backs up data by
using the modified date of the files. It neither uses nor clears the archive attribute of the files.

Combining backup types

The easiest backup plan is to take a normal backup every night. A normal backup every night ensures that the
data is restored from a single job the next day. Although the restoration of data from a normal backup is easy,
taking a backup is time consuming. Hence, an administrator is required to make an optimal backup plan. An
administrator must consider the following points before creating a backup plan:

• The time involved in taking the backup.

• The size of the backup job.
• The time required to restore a system in the event of a system failure.

The most common solutions for the needs of different organizations include the combination of normal,
differential, and incremental backups.

Combination of Normal and Differential Backups

An administrator can use a combination of a normal backup and a differential backup to save time in taking a
backup as well as for a restoration of data. In this plan, a normal backup can be taken on Sunday, and
differential backups can be taken on Monday through Friday every night. If data becomes corrupt at any time,
only a normal and last differential backup are required to be restored. Although this combination is easier and
takes lesser time for restoration, it takes more time to take backup if data changes frequently.

Combination of Normal and Incremental Backups

A combination of normal and incremental backups can be used to save more time for taking backups. In this plan,
a normal backup is taken on Sunday and incremental backups on Monday through Friday every night. If data
becomes corrupt at any time, normal and all incremental backups till date are required to be restored

30. All the following are phases in the establishment of a switched Virtual Circuit Except:
a. Circuit Terminal
b. Data Transfer
c. Circuit Expansion
d. Circuit Establishment

The most appropriate answer is A Circuit Expansion

31. Which of the following translates e-mail formats from one network to another so that the message
can travel through all the networks?
a. Gateways
b. Protocols Convertor
c. Front-end Communication Processor
d. Concentrator Multiplexer

The most appropriate answer is A Gateway

A gateway performs the job of translating e-mail formats from one network to another so messages can make
their way through all the networks. A protocol converter is a hardware device that converts between two
different types of transmissions, such as asynchronous and synchronous transmissions. A front-end
communication processor connects all network communication lines to a central computer to relieve the central
computer from performing network control, format conversion and message handling tasks. A
concentrator/multiplexor is a device used for combining several lower-speed channels into a higher-speed
channel

32. An IS Auditor performing a telecommunication access control review would focus his/her attention
most on the
a. Maintenance of usage logs of various system resources
b. Authorization and authentication of the user prior to granting access to system resources
c. Adequate protection of stored data on servers by encryption or other means
d. Accountability system and ability to proper identify any terminal accessing system resources
The most appropriate answer is B Authorization and authentication of the user prior to granting access to
system resources

33. Which of the following controls would be Most Comprehensive in a remote access network with
multiple and diverse sub-systems?
a. Proxy Server
b. Firewall installation
c. Network administrator
d. Password implementation and administration

The most appropriate answer is D Password implementation and administration

The most comprehensive control in this situation is password implementation and administration. While firewall
installations are the primary line of defense, they cannot protect all access and, therefore, an element of risk
remains. A proxy server is a type of firewall installation and thus the same rules apply. The network
administrator may serve as a control, but typically this would not be comprehensive enough to serve on multiple
and diverse systems.

34. A reasonably controlled practice in the distributed executable programs that execute in Background
of a web browser client, like Java applets and Active X controls is:
a. Installation of a firewalls
b. Usage of a secure web connection
c. Acceptance of executable only from the established and trusted source
d. Hosting the website as a part of your organization.

The most appropriate answer is C Acceptance of executable only from the established and trusted source

35. When an organization’s network is connected with an external net-work in an Intranet client-server
model not under the organization’s controls, security becomes a concern. In providing adequate
security in this environment, which of the following assurance levels is Least important
a. Server and Client authentication
b. Data Integrity
c. Data Recovery
d. Data Confidentiality

The most appropriate answer is C Data Recovery

36. In a TCP/IP network, an IP addresses specifies a :

a. Network connection
b. Router/Gateway
c. Computer in the Network
d. Device in the network such as a gateways/router,host,server,etc

The most appropriate answer is A network Connection

An IP address specifies a network connection. An IP address encodes both a network and a host on that
network; it does not specify an individual computer, but a connection to a network. A router/gateway connects
two networks and will have two IP addresses. Hence, an IP address cannot specify a router. A computer in the
network can be connected to other networks as well. It will then use many IP addresses. Such computers are
called multi-homed hosts. Here again an IP address cannot refer to the computer. IP addresses do not refer to
individual devices on the network, but refer to the connections by which they are connected to the network

37. In internet architecture, a domain name service(DNS) is most important because it provides the :
a. Addresses of the domain server
b. Addresses of the naming client
c. Resolution of the name of the IP address on the internet
d. Domain name characteristics.

The most appropriate answer is C Resolution of the name of the IP address on the internet

The Domain Name System (DNS) provides the basis for converting the names of machines into IP addresses and
back again and provides pointers to other resources such as mail handlers and system aliases. That definition is
perhaps the only thing simple about DNS in today's ever-changing Internet culture. DNS has grown beyond a
simple lookup service to become a major piece of Internet infrastructure-one that has gone well beyond its
original scope. The need to extend the capabilities of the Domain Name System combined with mass adoption of
the Internet by business and industry has sparked controversy and debate. New forums are popping up to
address DNS-related issues, and discussions on newsgroups like the Internet Legal and Policy Forum (ILPF) and
newdom have become hot and often hostile. The technological, political, and legal issues surrounding DNS have
created confusion and anxiety for systems administrators and operators, users, and businesspeople attempting
to leverage the new technology.

38. In an Internet URL “http;//www.infosys.com”, what does the “com” signify?

a. Identifies the protocols being used
b. Identifies that the site is on the Internet
c. It is an additional Information and is not needed
d. Identifies the purposes of the site. It stands for commercial

The most appropriate answer is D identifies the purposes of the site. It stands for commercial

39. In which of the following, Tags are placed within to accomplish document formatting, visual features
such as font size, italics and Bold and creation of links:
a. FTTP
b. HTTP
c. Telnet
d. ActiveX

Producing hypertext for the Web is accomplished by creating documents with a language called HyperText

Markup Language, or HTML. With HTML, tags are placed within the text to accomplish document formatting,
visual features such as font size, italics and bold, and the creation of hypertext links. Graphics and multimedia

may also be incorporated into an HTML document.

40. Which of the following allow users on the Internet to communicate with each other by typing text
mode in real time
a. IM
b. RFC
c. FYI
d. FAQ

The most appropriate answer is (A) IM

Instant messaging (IM) is a form of real-time communication between two or more people based on typed text.
The text is conveyed via devices connected over a network such as the Internet

Instant messaging (IM) and chat are technologies that create the possibility of real-time text-based
communication between two or more participants over the internet or some form of internal network/intranet.
It is important to understand that what separates chat and instant messaging from technologies such as e-mail
is the perceived synchronicity of the communication by the user - Chat happens in real-time before your eyes.
Some systems allow the sending of messages to people not currently logged on (offline messages), thus removing
much of the difference between Instant Messaging and e-mail.

While many services have additional features such as: the immediate receipt of acknowledgment or reply, group
chatting, conference services (including voice and video), conversation logging and file transfer, those functions
are beyond the scope of this article.

IM allows effective and efficient communication, featuring immediate receipt of acknowledgment or reply. In
certain cases Instant Messaging involves additional features, which make it even more popular, i.e. to see the
other party, e.g. by using web-cams, or to talk directly for free over the Internet.

It is possible to save a conversation for later reference. Instant messages are typically logged in a local
message history which closes the gap to the persistent nature of e-mails and facilitates quick exchange of
information like URLs or document snippets (which can be unwieldy when communicated via telephone).

41. A firewall access control list may filter access based on each of the following parameters except
a. Port
b. Service Type
c. Network Interface Card(NIC)
d. Internet Protocol (IP) address

The most appropriate answer is (C) Network Interface Card (NIC)

42. Which of the following is not provided by a public key infrastructure (PKI)
a. Access Controls
b. Network Reliability
c. Authentication
d. Non-Repudiation
The most appropriate answer is B Network Reliability

43. Secure Socket Layer (SSL) protocol addresses the confidentiality of a message through:
a. Symmetric encryption
b. Message authentication code
c. Hash function
d. Digital signatures certificates

SSL uses a symmetric key for message encryption. A message authentication code is used for ensuring data
integrity. Hash function is used for generating a message digest. It does not use public key encryption for
message encryption. Digital signature certificates are used by SSL for server authentication

The most appropriate answer is A Symmetric encryption

44. Electromagnetic emissions from a terminal represent an exposure because they:

a. Affect noise pollution
b. Disrupt processor function
c. Produces dangerous levels of electric current
d. Can be detected and displayed

The most appropriate answer is D Can be detected and displayed

Emissions can be detected by sophisticated equipment and displayed, thus giving access to data to unauthorized
persons. They should not cause disruption of CPUs or effect noise pollution

45. Which of the following would be an IS auditor consider a major risk of using single sign-on in a
networked environment
a. It enables access to multiple applications
b. It represents a single point of failure
c. It causes an administrative bottleneck
d. It leads to a lockout of valid users

As per a web site Big4Guy.com

The answer is 'A'. The risk with using Single Sign On is that it can result in access to all applications with a
single password. This can be potentially very harmful as far as security is concerned. Rest all the answers are
incorrect

While as per the book the most appropriate answer is B It represents a single point of failure

Single sign on is the term used to represent a system whereby users need only remember one username and
password, and authenticated a can be provided for multiple services. Kerberos [1] is an example of a system
where users provide a password and receive a ticket in exchange. The ticket can be used to authenticate users
to different network services. Kerberos single sign on is possible because all of the services are under the same
administrative control. There is a centralized database containing keys that are shared with each service, and
tickets can be issued, encrypted under the keys of the target services.
 46. all of the following are significant Internet exposures Except:
a. lost of Integrity
b. Denial of Service Attacks
c. Insufficient resources to improve and maintain integrity
d. Unauthorized access

The most appropriate answer is (C) Insufficient resources to improve and maintain integrity

47. A manufacturer has been purchasing material and supplies for its business through an E-Commerce
application. Which of the following should this manufacturer rely on to prove that the transactions
were actually made?
a. Reputation
b. Authentication
c. Encryption
d. Non-Repudiation

The most appropriate answer is (D) Non-Repudiation

Non- repudiation may ensure that a transaction is enforceable. It involves creating proof of the origin or
delivery of data to protect the sender against false denial by the recipient of the data's receipt, or vice versa.
Choice A is incorrect because the company's reputation would not, of itself, prove a deal was made via the
Internet. Choice B is not correct as authentication controls are necessary to establish the Identification of all
parties to a communication. Choice C is incorrect since encryption may protect the data transmitted over the
Internet, but may not prove that the transactions were made

48. An IS Auditor who intends to use penetration testing during an audit of Internet Connection would
a. Evaluate configuration
b. Examine security Setting
c. Ensure virus-scanning software in use
d. Use tools and techniques that are available to a hacker

The most appropriate answer is (D) Use tools and techniques that are available to a hacker

penetration test is a method of evaluating the security of a computer system or network by simulating an
attack by a malicious user, known as a Black Hat Hacker, or Cracker. The process involves an active analysis of
the system for any potential vulnerabilities that may result from poor or improper system configuration, known
and/or unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures.
This analysis is carried out from the position of a potential attacker, and can involve active exploitation of
security vulnerabilities. Any security issues that are found will be presented to the system owner together with
an assessment of their impact and often with a proposal for mitigation or a technical solution. The intent of a
penetration test is to determine feasibility of an attack and the amount of business impact of a successful
exploit, if discovered. It is a component of a full security audit.
 49. A sequence of Bits appended to a digital document that is used to authenticate an e-mail sent through
the Internet is called a
a. Digest Signature
b. Encrypted Message
c. Digital Signature
d. Hash Signature

The most appropriate answer is: C Digital Signature

A digital signature through the private cryptographic key authenticates a transmission from a sender through
the private cryptographic key. It is a string of bits that uniquely represent another string of bits, a digital
document. An electronic signature refers to the string of bits that digitally represents a handwritten signature
captured by a computer system when a human applies it on an electronic pen pad, connected to the system.

50. Which of the following provides the Greatest assurance in achieving message integrity and non-
repudiation
a. The recipient uses the sender’s public Key, verified with a certificate authority, to decrypt the
message digest
b. The recipient uses his private key to decrypt the secret key
c. The encrypted message digest and the message are encrypted using a secret key
d. The encrypted message digest is derived mathematically from the message to be sent

The most appropriate answer is (D) The encrypted message digest is derived mathematically from the message
to be sent

Most encrypted transactions today use a combination of private keys, public keys, secret keys, hash functions
and digital certificates to achieve confidentiality, message integrity and non- repudiation by either sender or
recipient. The recipient uses the sender's public key to decrypt the pre-hash code into a post-hash code which
when equaling the pre-hash code verifies the identity of the sender and that the message has not been changed
in route and would provide the greatest assurance. Each sender and recipient has a private key, known only to
him/her and a public key, which can be known by anyone. Each encryption/decryption process requires at least
one public key and one private key and both must be from the same party. A single secret key is used to encrypt
the message, because secret key encryption requires less processing power than using public and private keys. A
digital certificate, signed by a certificate authority, validates senders' and recipients' public keys.