What important factor listed below differentiates Frame Relay from X.25?

1. Frame Relay supports multiple PVCs over a single WAN carrier connection.
2. Frame Relay is a cell-switching technology instead of a packet-switching technology like X.25.
3. Frame Relay does not provide a Committed Information Rate (CIR).
4. Frame Relay only requires a DTE on the provider side.

During a security assessment of a wireless network, Jim discovers that LEAP is in use on a network using WPA. What recommendation should Jim make?

1. Continue to use LEAP. It provides better security than TKIP for WPA networks.
2. Use an alternate protocol like PEAP or EAP-TLS and implement WPA2 if supported.
3. Continue to use LEAP to avoid authentication issues, but move to WPA2.
4. Use an alternate protocol like PEAP or EAP-TLS, and implement Wired Equivalent Privacy to avoid wireless security issues.

Ben has connected his laptop to his tablet PC using an 802.11g connection. What wireless network mode has he used to connect these devices?

1. Infrastructure mode
2. Wired extension mode
3. Ad hoc mode
4. Stand-alone mode

Lauren’s and Nick’s PCs simultaneously send traffic by transmitting at the same time. What network term describes the range of systems on a network that could be affected by this same issue?

1. The subnet
2. The supernet
3. A collision domain
4. A broadcast domain

Sarah is manually reviewing a packet capture of TCP traffic and finds that a system is setting the RST flag in the TCP packets it sends repeatedly during a short period of time. What does this flag mean in the TCP packet header?

1. RST flags mean “Rest.” The server needs traffic to briefly pause.
2. RST flags mean “Relay-set.” The packets will be forwarded to the address set in the packet.
3. RST flags mean “Resume Standard.” Communications will resume in their normal format.
4. RST means “Reset.” The TCP session will be disconnected.

Gary is deploying a wireless network and wants to deploy the fastest possible wireless technology. Of the 802.11 standards listed below, which is the fastest 2.4 GHz option he has?

1. 802.11a
2. 802.11g
3. 802.11n
4. 802.11ac

What common applications are associated with each of the following TCP ports: 23, 25, 143, and 515?

1. Telnet, SFTP, NetBIOS, and LPD
2. SSH, SMTP, POP3, and ICMP
3. Telnet, SMTP, IMAP, and LPD
4. Telnet, SMTP, POP3, and X Windows

Chris is configuring an IDS to monitor for unencrypted FTP traffic. What ports should Chris use in his configuration?

1. TCP 20 and 21
2. TCP 21 only
3. UDP port 69
4. TCP port 21 and UDP port 21

FHSS, DSSS, and OFDM all use what wireless communication method that occurs over multiple frequencies simultaneously?

1. Wi-Fi
2. Spread Spectrum
3. Multiplexing
4. Orthogonal modulation

Which authentication protocol commonly used for PPP links encrypts both the username and password and uses a challenge/response dialog that cannot be replayed and periodically reauthenticates remote systems throughout its use in a session?

1. PAP
2. CHAP
3. EAP
4. LEAP

Which of the following options is not a common best practice for securing a wireless network?

1. Turn on WPA2.
2. Enable MAC filtering if used for a relatively small group of clients.
3. Enable SSID broadcast.
4. Separate the access point from the wired network using a firewall, thus treating it as external access.

What network topology is shown in the image below?

1. A ring
2. A bus
3. A star
4. A mesh

Chris is designing layered network security for his organization. Using the diagram below, answer questions 13 through 15.

What type of firewall design is shown in the diagram?

1. A single-tier firewall
2. A two-tier firewall
3. A three-tier firewall
4. A four-tier firewall

If the VPN grants remote users the same access to network and system resources as local workstations have, what security issue should Chris raise?

1. VPN users will not be able to access the web server.
2. There is no additional security issue; the VPN concentrator’s logical network location matches the logical network location of the workstations.
3. VPN bypasses the firewall, creating additional risks.
4. VPN users should only connect from managed PCs.

If Chris wants to stop cross-site scripting attacks against the web server, what is the best device for this purpose, and where should he put it?

1. A firewall, location A
2. An IDS, location A
3. An IPS, location B
4. A WAF, location C

Susan is deploying a routing protocol that maintains a list of destination networks with metrics that include the distance in hops to them and the direction traffic should be sent to them. What type of protocol is she using?

1. A link-state protocol
2. A link-distance protocol
3. A destination metric protocol
4. A distance-vector protocol

Ben has configured his network to not broadcast a SSID. Why might Ben disable SSID broadcast, and how could his SSID be discovered?

1. Disabling SSID broadcast prevents attackers from discovering the encryption key. The SSID can be recovered from decrypted packets.
2. Disabling SSID broadcast hides networks from unauthorized personnel. The SSID can be discovered using a wireless sniffer.
3. Disabling SSID broadcast prevents issues with beacon frames. The SSID can be recovered by reconstructing the BSSID.
4. Disabling SSID broadcast helps avoid SSID conflicts. The SSID can be discovered by attempting to connect to the network.

What network tool can be used to protect the identity of clients while providing Internet access by accepting client requests, altering the source addresses of the requests, mapping requests to clients, and sending the modified requests out to their destination?

1. A gateway
2. A proxy
3. A router
4. A firewall

During troubleshooting, Chris uses the nslookup command to check the IP address of a host he is attempting to connect to. The IP he sees in the response is not the IP that should resolve when the lookup is done. What type of attack has likely been conducted?

1. DNS spoofing
2. DNS poisoning
3. ARP spoofing
4. A Cain attack

A remote access tool that copies what is displayed on a desktop PC to a remote computer is an example of what type of technology?

1. Remote node operation
2. Screen scraping
3. Remote control
4. RDP

Which email security solution provides two major usage modes: (1) signed messages that provide integrity, sender authentication, and nonrepudiation; and (2) an enveloped message mode that provides integrity, sender authentication, and confidentiality?

1. S/MIME
2. MOSS
3. PEM
4. DKIM

During a security assessment, Jim discovers that the organization he is working with uses a multilayer protocol to handle SCADA systems and recently connected the SCADA network to the rest of the organization’s production network. What concern should he raise about serial data transfers carried via TCP/IP?

1. SCADA devices that are now connected to the network can now be attacked over the network.
2. Serial data over TCP/IP cannot be encrypted.
3. Serial data cannot be carried in TCP packets.
4. TCP/IP’s throughput can allow for easy denial of service attacks against serial devices.

What type of key does WEP use to encrypt wireless communications?

1. An asymmetric key
2. Unique key sets for each host
3. A predefined shared static key
4. Unique asymmetric keys for each host

An attack that causes a service to fail by exhausting all of a system’s resources is what type of attack?

1. A worm
2. A denial of service attack
3. A virus
4. A smurf attack

What speed and frequency range is used by 802.11n?

1. 54 Mbps, 5 GHz
2. 200+ Mbps, 5GHz
3. 200+ Mbps, 2.4 and 5 GHz
4. 1 Gbps, 5 GHz

The Address Resolution Protocol (ARP) and the Reverse Address Resolution Protocol (RARP) operate at what layer of the OSI model?

1. Layer 1
2. Layer 2
3. Layer 3
4. Layer 4

Which of the following is a converged protocol that allows storage mounts over TCP, and which is frequently used as a lower-cost alternative to Fibre Channel?

1. MPLS
2. SDN
3. VoIP
4. iSCSI

Chris is building an Ethernet network and knows that he needs to span a distance of over 150 meters with his 1000Base-T network. What network technology should he use to help with this?

1. Install a repeater or a concentrator before 100 meters.
2. Use Category 7 cable, which has better shielding for higher speeds.
3. Install a gateway to handle the distance.
4. Use STP cable to handle the longer distance at high speeds.

Lauren’s organization has used a popular instant messaging service for a number of years. Recently, concerns have been raised about the use of instant messaging. Using the diagram below, answer questions 29 through 31 about instant messaging.

What protocol is the instant messaging traffic most likely to use based on the diagram?

1. AOL
2. HTTP
3. SMTP
4. HTTPS

What security concern does sending internal communications from A to B cause?

1. The firewall does not protect system B.
2. System C can see the broadcast traffic from system A to B.
3. It is traveling via an unencrypted protocol.
4. IM does not provide nonrepudation.

How could Lauren’s company best address a desire for secure instant messaging for users of internal systems A and C?

1. Use a 3rd party instant messaging service.
2. Implement and use a locally hosted IM service.
3. Use HTTPS.
4. Discontinue use of IM and instead use email, which is more secure.

Which of the following drawbacks is a concern when multilayer protocols are allowed?

1. A range of protocols may be used at higher layers.
2. Covert channels are allowed.
3. Filters cannot be bypassed.
4. Encryption can’t be incorporated at multiple layers.

What network topology is shown in the image below?

1. A ring
2. A star
3. A bus
4. A mesh

Chris uses a cellular hot spot (modem) to provide Internet access when he is traveling. If he leaves the hot spot connected to his PC while his PC is on his organization’s corporate network, what security issue might he cause?

1. Traffic may not be routed properly, exposing sensitive data.
2. His system may act as a bridge from the Internet to the local network.
3. His system may be a portal for a reflected DDoS attack.
4. Security administrators may not be able to determine his IP address if a security issue occurs.

In her role as an information security professional, Susan has been asked to identify areas where her organization’s wireless network may be accessible even though it isn’t intended to be. What should Susan do to determine where her organization’s wireless network is accessible?

1. A site survey
2. Warwalking
3. Wardriving
4. A design map

The DARPA TCP/IP model’s Application layer matches up to what three OSI model layers?

1. Application, Presentation, and Transport
2. Presentation, Session, and Transport
3. Application, Presentation, and Session
4. There is not a direct match. The TCP model was created before the OSI model.

One of Susan’s attacks during a penetration test involves inserting false ARP data into a system’s ARP cache. When the system attempts to send traffic to the address it believes belongs to a legitimate system, it will instead send that traffic to a system she controls. What is this attack called?

1. RARP Flooding
2. ARP cache poisoning
3. A denial of ARP attack
4. ARP buffer blasting

Sue modifies her MAC address to one that is allowed on a network that uses MAC filtering to provide security. What is the technique Sue used, and what non-security issue could her actions cause?

1. Broadcast domain exploit, address conflict
2. Spoofing, token loss
3. Spoofing, address conflict
4. Sham EUI creation, token loss

Jim’s audit of a large organization’s traditional PBX showed that Direct Inward System Access (DISA) was being abused by third parties. What issue is most likely to lead to this problem?

1. The PBX was not fully patched.
2. The dial-in modem lines use unpublished numbers.
3. DISA is set up to only allow local calls.
4. One or more users’ access codes have been compromised.

SMTP, HTTP, and SNMP all occur at what layer of the OSI model?

1. Layer 4
2. Layer 5
3. Layer 6
4. Layer 7

Lauren uses the ping utility to check whether a remote system is up as part of a penetration testing exercise. If she wants to filter ping out by protocol, what protocol should she filter out from her packet sniffer’s logs?

1. UDP
2. TCP
3. IP
4. ICMP

Lauren wants to provide port-based authentication on her network to ensure that clients must authenticate before using the network. What technology is an appropriate solution for this requirement?

1. 802.11a
2. 802.3
3. 802.15.1
4. 802.1x

Ben has deployed a 1000Base-T 1 gigabit network and needs to run a cable to another building. If Ben is running his link directly from a switch to another switch in that building, what is the maximum distance Ben can cover according to the 1000Base-T specification?

1. 2 kilometers
2. 500 meters
3. 185 meters
4. 100 meters

Jim’s remote site has only ISDN as an option for connectivity. What type of ISDN should he look for to get the maximum speed possible?

1. BRI
2. BPRI
3. PRI
4. D channel

SPIT attacks target what technology?

1. Virtualization platforms
2. Web services
3. VoIP systems
4. Secure Process Internal Transfers

What does a bluesnarfing attack target?

1. Data on IBM systems
2. An outbound phone call via Bluetooth
3. 802.11b networks
4. Data from a Bluetooth-enabled device

Which of the following options includes standards or protocols that exist in layer 6 of the OSI model?

1. NFS, SQL, and RPC
2. TCP, UDP, and TLS
3. JPEG, ASCII, and MIDI
4. HTTP, FTP, SMTP

What network topology is shown below?

1. A ring
2. A bus
3. A star
4. A mesh

There are four common VPN protocols. Which group of four below contains all of the common VPN protocols?

1. PPTP, LTP, L2TP, IPsec
2. PPP, L2TP, IPsec, VNC
3. PPTP, L2F, L2TP, IPsec
4. PPTP, L2TP, IPsec, SPAP

What network technology is best described as a token-passing network that uses a pair of rings with traffic flowing in opposite directions?

1. A ring topology
2. Token Ring
3. FDDI
4. SONET

Which OSI layer includes electrical specifications, protocols, and interface standards?

1. The Transport layer
2. The Device layer
3. The Physical layer
4. The Data Link layer

Ben is designing a Wi-Fi network and has been asked to choose the most secure option for the network. Which wireless security standard should he choose?

1. WPA2
2. WPA
3. WEP
4. AES

If your organization needs to allow attachments in email to support critical business processes, what are the two best options for helping to avoid security problems caused by attachments?

1. Train your users and use anti-malware tools.
2. Encrypt your email and use anti-malware tools.
3. Train your users and require S/MIME for all email.
4. Use S/MIME by default and remove all ZIP (.zip) file attachments.

Segmentation, sequencing, and error checking all occur at what layer of the OSI model that is associated with SSL, TLS, and UDP?

1. The Transport layer
2. The Network layer
3. The Session layer
4. The Presentation layer

The Windows ipconfig command displays the following information:

BC-5F-F4-7B-4B-7D

What term describes this, and what information can be gathered from it?

1. The IP address, the network location of the system
2. The MAC address, the network interface card’s manufacturer
3. The MAC address, the media type in use
4. The IPv6 client ID, the network interface card’s manufacturer

Chris has been asked to choose between implementing PEAP and LEAP for wireless authentication. What should he choose, and why?

1. LEAP, because it fixes problems with TKIP, resulting in stronger security
2. PEAP, because it implements CCMP for security
3. LEAP, because it implements EAP-TLS for end-to-end session encryption
4. PEAP, because it can provide a TLS tunnel that encapsulates EAP methods, protecting the entire session

Ben is troubleshooting a network and discovers that the NAT router he is connected to has the 192.168.x.x subnet as its internal network and that its external IP is 192.168.1.40. What problem is he encountering?

1. 192.168.x.x is a non-routable network and will not be carried to the Internet.
2. 192.168.1.40 is not a valid address because it is reserved by RFC 1918.
3. Double NATing is not possible using the same IP range.
4. The upstream system is unable to de-encapsulate his packets and he needs to use PAT instead.

What is the default subnet mask for a Class B network?

1. 255.0.0.0
2. 255.255.0.0
3. 255.254.0.0
4. 255.255.255.0

Jim’s organization uses a traditional PBX for voice communication. What is the most common security issue that its internal communications are likely to face, and what should he recommend to prevent it?

1. Eavesdropping, encryption
2. Man-in-the-middle attacks, end-to-end encryption
3. Eavesdropping, physical security
4. Wardialing, deploy an IPS

What common security issue is often overlooked with cordless phones?

1. Their signal is rarely encrypted and thus can be easily monitored.
2. They use unlicensed frequencies.
3. They can allow attackers access to wireless networks.
4. They are rarely patched and are vulnerable to malware.

Lauren’s organization has deployed VoIP phones on the same switches that the desktop PCs are on. What security issue could this create, and what solution would help?

1. VLAN hopping, use physically separate switches.
2. VLAN hopping, use encryption.
3. Caller ID spoofing, MAC filtering
4. Denial of service attacks, use a firewall between networks.

Which type of firewall can be described as “a device that filters traffic based on its source, destination and the port it is sent from or is going to”?

1. A static packet filtering firewall
2. An Application layer gateway firewall
3. A dynamic packet filtering firewall
4. A stateful inspection firewall

A phreaking tool used to manipulate line voltages to steal long-distance service is known as what type of box?

1. A black box
2. A red box
3. A blue box
4. A white box

Data streams occur at what three layers of the OSI model?

1. Application, Presentation, and Session
2. Presentation, Session, and Transport
3. Physical, Data Link, and Network
4. Data Link, Network, and Transport

Chris needs to design a firewall architecture that can support separately a DMZ, a database, and a private internal network. What type of design should he use, and how many firewalls does he need?

1. A four-tier firewall design with two firewalls
2. A two-tier firewall design with three firewalls
3. A three-tier firewall design with at least one firewall
4. A single-tier firewall design with three firewalls

Lauren’s networking team has been asked to identify a technology that will allow them to dynamically change the organization’s network by treating the network like code. What type of architecture should she recommend?

1. A network that follows the 5-4-3 rule
2. A converged network
3. A software-defined network
4. A hypervisor-based network

Jim’s organization uses fax machines to receive sensitive data. Since the fax machine is located in a public area, what actions should Jim take to deal with issues related to faxes his organization receives?

1. Encrypt the faxes and purge local memory.
2. Disable automatic printing and purge local memory.
3. Encrypt faxes and disable automatic printing.
4. Use link encryption and enable automatic printing.

Cable modems, ISDN, and DSL are all examples of what type of technology?

1. Baseband
2. Broadband
3. Digital
4. Broadcast

What type of firewall design is shown in the image below?

1. Single tier
2. Two tier
3. Three tier
4. Next generation

During a review of her organization’s network, Angela discovered that it was suffering from broadcast storms and that contractors, guests, and organizational administrative staff were on the same network segment. What design change should Angela recommend?

1. Require encryption for all users.
2. Install a firewall at the network border.
3. Enable spanning tree loop detection.
4. Segment the network based on functional requirements.

ICMP, RIP, and network address translation all occur at what layer of the OSI model?

1. Layer 1
2. Layer 2
3. Layer 3
4. Layer 4

Use the following scenario to help guide your answers in the following three questions.

Ben is an information security professional at an organization that is replacing its physical servers with virtual machines. As the organization builds its virtual environment, it is decreasing the number of physical servers it uses while purchasing more powerful servers to act as the virtualization platforms.

The IDS Ben is responsible for is used to monitor communications in the data center using a mirrored port on the data center switch. What traffic will Ben see once the majority of servers in the data center have been virtualized?

1. The same traffic he currently sees
2. All inter-VM traffic
3. Only traffic sent outside of the VM environment
4. All inter-hypervisor traffic

The VM administrators recommend enabling cut and paste between virtual machines. What security concern should Ben raise about this practice?

1. It can cause a denial of service condition.
2. It can serve as a covert channel.
3. It can allow viruses to spread.
4. It can bypass authentication controls.

Ben is concerned about exploits that allow VM escape. What option should Ben suggest to help limit the impact of VM escape exploits?

1. Separate virtual machines onto separate physical hardware based on task or data types.
2. Use VM escape detection tools on the underlying hypervisor.
3. Restore machines to their original snapshots on a regular basis.
4. Use a utility like Tripwire to look for changes in the virtual machines.

WPA2’s Counter Mode Ciper Block Chaining Message Authentication Mode Protocol (CCMP) is based on which common encryption scheme?

1. DES
2. 3DES
3. AES
4. TLS

When a host on an Ethernet network detects a collision and transmits a jam signal, what happens next?

1. The host that transmitted the jam signal is allowed to retransmit while all other hosts pause until that transmission is received successfully.
2. All hosts stop transmitting and each host waits a random period of time before attempting to transmit again.
3. All hosts stop transmitting and each host waits a period of time based on how recently it successfully transmitted.
4. Hosts wait for the token to be passed and then resume transmitting data as they pass the token.

IPX, AppleTalk, and NetBEUI are all examples of what?

1. Routing protocols
2. UDP protocols
3. Non-IP protocols
4. TCP protocols

What is the speed of a T3 line?

1. 128 kbps
2. 1.544 Mbps
3. 44.736 Mbps
4. 155 Mbps

What type of firewall design does the image below show?

1. A single-tier firewall
2. A two-tier firewall
3. A three-tier firewall
4. A fully protected DMZ firewall

What challenge is most common for endpoint security system deployments?

1. Compromises
2. The volume of data
3. Monitoring encrypted traffic on the network
4. Handling non-TCP protocols

What type of address is 127.0.0.1?

1. A public IP address
2. An RFC 1918 address
3. An APIPA address
4. A loopback address

Susan is writing a best practices statement for her organizational users who need to use Bluetooth. She knows that there are many potential security issues with Bluetooth and wants to provide the best advice she can. Which of the following sets of guidance should Susan include?

1. Use Bluetooth’s built-in strong encryption, change the default PIN on your device, turn off discovery mode, and turn off Bluetooth when it’s not in active use.
2. Use Bluetooth only for those activities that are not confidential, change the default PIN on your device, turn off discovery mode, and turn off Bluetooth when it’s not in active use.
3. Use Bluetooth’s built-in strong encryption, use extended (8 digit or longer) Bluetooth PINs, turn off discovery mode, and turn off Bluetooth when it’s not in active use.
4. Use Bluetooth only for those activities that are not confidential, use extended (8 digit or longer) Bluetooth PINs, turn off discovery mode, and turn off Bluetooth when it’s not in active use.

What type of firewall is known as a second-generation firewall?

1. Static packet filtering firewalls
2. Application-level gateway firewalls
3. Stateful inspection firewalls
4. Unified Threat Management

Steve has been tasked with implementing a network storage protocol over an IP network. What storage-centric converged protocol is he likely to use in his implementation?

1. MPLS
2. FCoE
3. SDN
4. VoIP

What type of network device modulates between an analog carrier signal and digital information for computer communications?

1. A bridge
2. A router
3. A brouter
4. A modem

Which list presents the layers of the OSI model in the correct order?

1. Presentation, Application, Session, Transport, Network, Data Link, Physical
2. Application, Presentation, Session, Network, Transport, Data Link, Physical
3. Presentation, Application, Session, Transport, Data Link, Network, Physical
4. Application, Presentation, Session, Transport, Network, Data Link, Physical

A denial of service (DoS) attack that sends fragmented TCP packets is known as what kind of attack?

1. Christmas tree
2. Teardrop
3. Stack killer
4. Frag grenade

Modern dial-up connections use what dial-up protocol?

1. SLIP
2. SLAP
3. PPTP
4. PPP

One of the findings that Jim made when performing a security audit was the use of non-IP protocols in a private network. What issue should Jim point out that may result from the use of these non-IP protocols?

1. They are outdated and cannot be used on modern PCs.
2. They may not be able to be filtered by firewall devices.
3. They may allow Christmas tree attacks.
4. IPX extends on the IP protocol and may not be supported by all TCP stacks.

Angela needs to choose between EAP, PEAP, and LEAP for secure authentication. Which authentication protocol should she choose and why?

1. EAP, because it provides strong encryption by default
2. LEAP, because it provides frequent re-authentication and changing of WEP keys
3. PEAP, because it provides encryption and doesn’t suffer from the same vulnerabilities that LEAP does
4. None of these options can provide secure authentication, and an alternate solution should be chosen.

Lauren has been asked to replace her organization’s PPTP implementation with an L2TP implementation for security reasons. What is the primary security reason that L2TP would replace PPTP?

1. L2TP can use IPsec.
2. L2TP creates a point-to-point tunnel, avoiding multipoint issues.
3. PPTP doesn’t support EAP.
4. PPTP doesn’t properly encapsulate PPP packets.

Jim is building a research computing system that benefits from being part of a full mesh topology between systems. In a five-node full mesh topology design, how many connections will an individual node have?

1. Two
2. Three
3. Four
4. Five

What topology correctly describes Ethernet?

1. A ring
2. A star
3. A mesh
4. A bus

What type of attack is most likely to occur after a successful ARP spoofing attempt?

1. A DoS attack
2. A Trojan
3. A replay attack
4. A man-in-the-middle attack

What speed is Category 3 UTP cable rated for?

1. 5 Mbps
2. 10 Mbps
3. 100 Mbps
4. 1000 Mbps

What issue occurs when data transmitted over one set of wires is picked up by another set of wires?

1. Magnetic interference
2. Crosstalk
3. Transmission absorption
4. Amplitude modulation

What two key issues with the implementation of RC4 make Wired Equivalent Privacy (WEP) even weaker than it might otherwise be?

1. Its use of a static common key and client-set encryption algorithms
2. Its use of a static common key and a limited number of initialization vectors
3. Its use of weak asymmetric keys and a limited number of initialization vectors
4. Its use of a weak asymmetric key and client-set encryption algorithms

Chris is setting up a hotel network, and needs to ensure that systems in each room or suite can connect to each other, but systems in other suites or rooms cannot. At the same time, he needs to ensure that all systems in the hotel can reach the Internet. What solution should he recommend as the most effective business solution?

1. Per-room VPNs
2. VLANs
3. Port security
4. Firewalls

During a forensic investigation, Charles is able to determine the Media Access Control address of a system that was connected to a compromised network. Charles knows that MAC addresses are tied back to a manufacturer or vendor and are part of the fingerprint of the system. To which OSI layer does a MAC address belong?

1. The Application layer
2. The Session layer
3. The Physical layer
4. The Data Link layer

Ben knows that his organization wants to be able to validate the identity of other organizations based on their domain name when receiving and sending email. What tool should Ben recommend?

1. PEM
2. S/MIME
3. DKIM
4. MOSS