Effective CISSP Questions

The ISO OSI (open system interconnection) model and TCP/IP play a crucial role in the network and communication. Which of the following statements is correct? (Wentz QOTD)
A. TCP/IP is a protocol suite with inherent security designs.
B. Network protocols shall be designed per the ISO OSI model.
C. A network protocol belongs to only one layer of the ISO OSI model.
D. FCoE is a converged protocol that unifies fiber channels and Ethernet but is independent of TCP/IP.

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. FCoE is a converged protocol that unifies fiber channels and Ethernet but is independent of TCP/IP.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

FCoE Converged Network Adapter
FCoE Converged Network Adapter (Source: Wikipedia)

Ethern ver Ethernet (FCoE)

Fibre Channel over Ethernet (FCoE) is a computer network technology that encapsulates Fibre Channel frames over Ethernet networks. This allows Fibre Channel to use 10 Gigabit Ethernet networks (or higher speeds) while preserving the Fibre Channel protocol. The specification was part of the International Committee for Information Technology Standards T11 FC-BB-5 standard published in 2009.

Data centers used Ethernet for TCP/IP networks and Fibre Channel for storage area networks (SANs). With FCoE, Fibre Channel becomes another network protocol running on Ethernet, alongside traditional Internet Protocol (IP) traffic. FCoE operates directly above Ethernet in the network protocol stack, in contrast to iSCSI which runs on top of TCP and IP. As a consequence, FCoE is not routable at the IP layer, and will not work across routed IP networks.

Source: Wikipedia


TCP/IP was designed at first without inherent security considerations. That is why secure protocols such as SSL, TLS, IPsec, etc., were added to enforce security.

The ISO OSI model

The ISO OSI model is a reference model defined in 1S0/IEC 7498-1:1994 (Information technology – Open Systems Interconnection – Basic Reference Model: The Basic Model). It’s not mandatory. In fact, vendors nowadays seldom follow the complete ISO OSI model to design network or communication protocols because of its heavy overhead and being cumbersome. However, it gained huge success in education. Almost everyone who learns network and communication starts with the ISO OSI model.

A network protocol may work across several layers of the ISO OSI model. Besides, there are various perspectives on determining to which layer a network protocol belongs. The following are some examples:

ISO OSI Model and TCP/IP
ISO OSI Model and TCP/IP


ISO OSI(開放系統互連)模型和 TCP/IP 在網絡和通信中起著至關重要的作用。 以下哪個說法是正確的? (Wentz QOTD)
A. TCP/IP 是具有固有安全設計的協議組合。
B. 網絡協議一定要按照 ISO OSI 模型設計。
C. 網絡協議只屬於 ISO OSI 模型的某一層。
D. FCoE 是一種融合協議,它統一了光纖通道和以太網,但獨立於 TCP/IP。

1 thought on “CISSP PRACTICE QUESTIONS – 20210813

Leave a Reply