New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

SSCP Systems Security Certified Practitioner Questions and Answers

Questions 4

Which of the following virus types changes some of its characteristics as it spreads?

Options:

A.

Boot Sector

B.

Parasitic

C.

Stealth

D.

Polymorphic

Buy Now
Questions 5

Which of the following technologies is a target of XSS or CSS (Cross-Site Scripting) attacks?

Options:

A.

Web Applications

B.

Intrusion Detection Systems

C.

Firewalls

D.

DNS Servers

Buy Now
Questions 6

What best describes a scenario when an employee has been shaving off pennies from multiple accounts and depositing the funds into his own bank account?

Options:

A.

Data fiddling

B.

Data diddling

C.

Salami techniques

D.

Trojan horses

Buy Now
Questions 7

Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:

Options:

A.

Not possible

B.

Only possible with key recovery scheme of all user keys

C.

It is possible only if X509 Version 3 certificates are used

D.

It is possible only by "brute force" decryption

Buy Now
Questions 8

Which of the following is defined as an Internet, IPsec, key-establishment protocol, partly based on OAKLEY, that is intended for putting in place authenticated keying material for use with ISAKMP and for other security associations?

Options:

A.

Internet Key exchange (IKE)

B.

Security Association Authentication Protocol (SAAP)

C.

Simple Key-management for Internet Protocols (SKIP)

D.

Key Exchange Algorithm (KEA)

Buy Now
Questions 9

A one-way hash provides which of the following?

Options:

A.

Confidentiality

B.

Availability

C.

Integrity

D.

Authentication

Buy Now
Questions 10

The Clipper Chip utilizes which concept in public key cryptography?

Options:

A.

Substitution

B.

Key Escrow

C.

An undefined algorithm

D.

Super strong encryption

Buy Now
Questions 11

What attribute is included in a X.509-certificate?

Options:

A.

Distinguished name of the subject

B.

Telephone number of the department

C.

secret key of the issuing CA

D.

the key pair of the certificate holder

Buy Now
Questions 12

Which of the following answers is described as a random value used in cryptographic algorithms to ensure that patterns are not created during the encryption process?

Options:

A.

IV - Initialization Vector

B.

Stream Cipher

C.

OTP - One Time Pad

D.

Ciphertext

Buy Now
Questions 13

Which of the following is NOT a property of the Rijndael block cipher algorithm?

Options:

A.

The key sizes must be a multiple of 32 bits

B.

Maximum block size is 256 bits

C.

Maximum key size is 512 bits

D.

The key size does not have to match the block size

Buy Now
Questions 14

Where parties do not have a shared secret and large quantities of sensitive information must be passed, the most efficient means of transferring information is to use Hybrid Encryption Methods. What does this mean?

Options:

A.

Use of public key encryption to secure a secret key, and message encryption using the secret key.

B.

Use of the recipient's public key for encryption and decryption based on the recipient's private key.

C.

Use of software encryption assisted by a hardware encryption accelerator.

D.

Use of elliptic curve encryption.

Buy Now
Questions 15

What size is an MD5 message digest (hash)?

Options:

A.

128 bits

B.

160 bits

C.

256 bits

D.

128 bytes

Buy Now
Questions 16

What is the primary role of smartcards in a PKI?

Options:

A.

Transparent renewal of user keys

B.

Easy distribution of the certificates between the users

C.

Fast hardware encryption of the raw data

D.

Tamper resistant, mobile storage and application of private keys of the users

Buy Now
Questions 17

In what type of attack does an attacker try, from several encrypted messages, to figure out the key used in the encryption process?

Options:

A.

Known-plaintext attack

B.

Ciphertext-only attack

C.

Chosen-Ciphertext attack

D.

Plaintext-only attack

Buy Now
Questions 18

The RSA Algorithm uses which mathematical concept as the basis of its encryption?

Options:

A.

Geometry

B.

16-round ciphers

C.

PI (3.14159...)

D.

Two large prime numbers

Buy Now
Questions 19

Which protocol makes USE of an electronic wallet on a customer's PC and sends encrypted credit card information to merchant's Web server, which digitally signs it and sends it on to its processing bank?

Options:

A.

SSH ( Secure Shell)

B.

S/MIME (Secure MIME)

C.

SET (Secure Electronic Transaction)

D.

SSL (Secure Sockets Layer)

Buy Now
Questions 20

Which of the following encryption methods is known to be unbreakable?

Options:

A.

Symmetric ciphers.

B.

DES codebooks.

C.

One-time pads.

D.

Elliptic Curve Cryptography.

Buy Now
Questions 21

Which of the following service is not provided by a public key infrastructure (PKI)?

Options:

A.

Access control

B.

Integrity

C.

Authentication

D.

Reliability

Buy Now
Questions 22

Which of the following statements pertaining to stream ciphers is correct?

Options:

A.

A stream cipher is a type of asymmetric encryption algorithm.

B.

A stream cipher generates what is called a keystream.

C.

A stream cipher is slower than a block cipher.

D.

A stream cipher is not appropriate for hardware-based encryption.

Buy Now
Questions 23

PGP uses which of the following to encrypt data?

Options:

A.

An asymmetric encryption algorithm

B.

A symmetric encryption algorithm

C.

A symmetric key distribution system

D.

An X.509 digital certificate

Buy Now
Questions 24

Which of the following is not an example of a block cipher?

Options:

A.

Skipjack

B.

IDEA

C.

Blowfish

D.

RC4

Buy Now
Questions 25

Which of the following keys has the SHORTEST lifespan?

Options:

A.

Secret key

B.

Public key

C.

Session key

D.

Private key

Buy Now
Questions 26

The Data Encryption Standard (DES) encryption algorithm has which of the following characteristics?

Options:

A.

64 bits of data input results in 56 bits of encrypted output

B.

128 bit key with 8 bits used for parity

C.

64 bit blocks with a 64 bit total key length

D.

56 bits of data input results in 56 bits of encrypted output

Buy Now
Questions 27

Which of the following terms can be described as the process to conceal data into another file or media in a practice known as security through obscurity?

Options:

A.

Steganography

B.

ADS - Alternate Data Streams

C.

Encryption

D.

NTFS ADS

Buy Now
Questions 28

Which of the following packets should NOT be dropped at a firewall protecting an organization's internal network?

Options:

A.

Inbound packets with Source Routing option set

B.

Router information exchange protocols

C.

Inbound packets with an internal address as the source IP address

D.

Outbound packets with an external destination IP address

Buy Now
Questions 29

Secure Shell (SSH-2) supports authentication, compression, confidentiality, and integrity, SSH is commonly used as a secure alternative to all of the following protocols below except:

Options:

A.

telnet

B.

rlogin

C.

RSH

D.

HTTPS

Buy Now
Questions 30

Which of the following countermeasures would be the most appropriate to prevent possible intrusion or damage from wardialing attacks?

Options:

A.

Monitoring and auditing for such activity

B.

Require user authentication

C.

Making sure only necessary phone numbers are made public

D.

Using completely different numbers for voice and data accesses

Buy Now
Questions 31

What is malware that can spread itself over open network connections?

Options:

A.

Worm

B.

Rootkit

C.

Adware

D.

Logic Bomb

Buy Now
Questions 32

Crackers today are MOST often motivated by their desire to:

Options:

A.

Help the community in securing their networks.

B.

Seeing how far their skills will take them.

C.

Getting recognition for their actions.

D.

Gaining Money or Financial Gains.

Buy Now
Questions 33

Java is not:

Options:

A.

Object-oriented.

B.

Distributed.

C.

Architecture Specific.

D.

Multithreaded.

Buy Now
Questions 34

The Diffie-Hellman algorithm is primarily used to provide which of the following?

Options:

A.

Confidentiality

B.

Key Agreement

C.

Integrity

D.

Non-repudiation

Buy Now
Questions 35

What do the ILOVEYOU and Melissa virus attacks have in common?

Options:

A.

They are both denial-of-service (DOS) attacks.

B.

They have nothing in common.

C.

They are both masquerading attacks.

D.

They are both social engineering attacks.

Buy Now
Questions 36

Which of the following computer crime is MORE often associated with INSIDERS?

Options:

A.

IP spoofing

B.

Password sniffing

C.

Data diddling

D.

Denial of service (DOS)

Buy Now
Questions 37

Which virus category has the capability of changing its own code, making it harder to detect by anti-virus software?

Options:

A.

Stealth viruses

B.

Polymorphic viruses

C.

Trojan horses

D.

Logic bombs

Buy Now
Questions 38

The high availability of multiple all-inclusive, easy-to-use hacking tools that do NOT require much technical knowledge has brought a growth in the number of which type of attackers?

Options:

A.

Black hats

B.

White hats

C.

Script kiddies

D.

Phreakers

Buy Now
Questions 39

Which of the following is immune to the effects of electromagnetic interference (EMI) and therefore has a much longer effective usable length?

Options:

A.

Fiber Optic cable

B.

Coaxial cable

C.

Twisted Pair cable

D.

Axial cable

Buy Now
Questions 40

Which of the following statements pertaining to PPTP (Point-to-Point Tunneling Protocol) is incorrect?

Options:

A.

PPTP allow the tunnelling of any protocols that can be carried within PPP.

B.

PPTP does not provide strong encryption.

C.

PPTP does not support any token-based authentication method for users.

D.

PPTP is derived from L2TP.

Buy Now
Questions 41

Which of the following is an IP address that is private (i.e. reserved for internal networks, and not a valid address to use on the Internet)?

Options:

A.

192.168.42.5

B.

192.166.42.5

C.

192.175.42.5

D.

192.1.42.5

Buy Now
Questions 42

Which type of firewall can be used to track connectionless protocols such as UDP and RPC?

Options:

A.

Stateful inspection firewalls

B.

Packet filtering firewalls

C.

Application level firewalls

D.

Circuit level firewalls

Buy Now
Questions 43

Which of the following rules appearing in an Internet firewall policy is inappropriate?

Options:

A.

Source routing shall be disabled on all firewalls and external routers.

B.

Firewalls shall be configured to transparently allow all outbound and inbound services.

C.

Firewalls should fail to a configuration that denies all services, and require a firewall administrator to re-enable services after a firewall has failed.

D.

Firewalls shall not accept traffic on its external interfaces that appear to be coming from internal network addresses.

Buy Now
Questions 44

Which of the following service is a distributed database that translate host name to IP address to IP address to host name?

Options:

A.

DNS

B.

FTP

C.

SSH

D.

SMTP

Buy Now
Questions 45

Remote Procedure Call (RPC) is a protocol that one program can use to request a service from a program located in another computer in a network. Within which OSI/ISO layer is RPC implemented?

Options:

A.

Session layer

B.

Transport layer

C.

Data link layer

D.

Network layer

Buy Now
Questions 46

Which type of attack involves hijacking a session between a host and a target by predicting the target's choice of an initial TCP sequence number?

Options:

A.

IP spoofing attack

B.

SYN flood attack

C.

TCP sequence number attack

D.

Smurf attack

Buy Now
Questions 47

Which of the following is needed for System Accountability?

Options:

A.

Audit mechanisms.

B.

Documented design as laid out in the Common Criteria.

C.

Authorization.

D.

Formal verification of system design.

Buy Now
Questions 48

Knowledge-based Intrusion Detection Systems (IDS) are more common than:

Options:

A.

Network-based IDS

B.

Host-based IDS

C.

Behavior-based IDS

D.

Application-Based IDS

Buy Now
Questions 49

Which of the following would assist the most in Host Based intrusion detection?

Options:

A.

audit trails.

B.

access control lists.

C.

security clearances

D.

host-based authentication

Buy Now
Questions 50

Which of the following Intrusion Detection Systems (IDS) uses a database of attacks, known system vulnerabilities, monitoring current attempts to exploit those vulnerabilities, and then triggers an alarm if an attempt is found?

Options:

A.

Knowledge-Based ID System

B.

Application-Based ID System

C.

Host-Based ID System

D.

Network-Based ID System

Buy Now
Questions 51

Which of the following is an issue with signature-based intrusion detection systems?

Options:

A.

Only previously identified attack signatures are detected.

B.

Signature databases must be augmented with inferential elements.

C.

It runs only on the windows operating system

D.

Hackers can circumvent signature evaluations.

Buy Now
Questions 52

Which of the following tools is less likely to be used by a hacker?

Options:

A.

l0phtcrack

B.

Tripwire

C.

OphCrack

D.

John the Ripper

Buy Now
Questions 53

What ensures that the control mechanisms correctly implement the security policy for the entire life cycle of an information system?

Options:

A.

Accountability controls

B.

Mandatory access controls

C.

Assurance procedures

D.

Administrative controls

Buy Now
Questions 54

Attributable data should be:

Options:

A.

always traced to individuals responsible for observing and recording the data

B.

sometimes traced to individuals responsible for observing and recording the data

C.

never traced to individuals responsible for observing and recording the data

D.

often traced to individuals responsible for observing and recording the data

Buy Now
Questions 55

In what way can violation clipping levels assist in violation tracking and analysis?

Options:

A.

Clipping levels set a baseline for acceptable normal user errors, and violations exceeding that threshold will be recorded for analysis of why the violations occurred.

B.

Clipping levels enable a security administrator to customize the audit trail to record only those violations which are deemed to be security relevant.

C.

Clipping levels enable the security administrator to customize the audit trail to record only actions for users with access to user accounts with a privileged status.

D.

Clipping levels enable a security administrator to view all reductions in security levels which have been made to user accounts which have incurred violations.

Buy Now
Questions 56

Attributes that characterize an attack are stored for reference using which of the following Intrusion Detection System (IDS) ?

Options:

A.

signature-based IDS

B.

statistical anomaly-based IDS

C.

event-based IDS

D.

inferent-based IDS

Buy Now
Questions 57

What is the essential difference between a self-audit and an independent audit?

Options:

A.

Tools used

B.

Results

C.

Objectivity

D.

Competence

Buy Now
Questions 58

Who should measure the effectiveness of Information System security related controls in an organization?

Options:

A.

The local security specialist

B.

The business manager

C.

The systems auditor

D.

The central security manager

Buy Now
Questions 59

Which of the following are additional terms used to describe knowledge-based IDS and behavior-based IDS?

Options:

A.

signature-based IDS and statistical anomaly-based IDS, respectively

B.

signature-based IDS and dynamic anomaly-based IDS, respectively

C.

anomaly-based IDS and statistical-based IDS, respectively

D.

signature-based IDS and motion anomaly-based IDS, respectively.

Buy Now
Questions 60

Which one of the following statements about the advantages and disadvantages of network-based Intrusion detection systems is true

Options:

A.

Network-based IDSs are not vulnerable to attacks.

B.

Network-based IDSs are well suited for modern switch-based networks.

C.

Most network-based IDSs can automatically indicate whether or not an attack was successful.

D.

The deployment of network-based IDSs has little impact upon an existing network.

Buy Now
Questions 61

Which of the following is most likely to be useful in detecting intrusions?

Options:

A.

Access control lists

B.

Security labels

C.

Audit trails

D.

Information security policies

Buy Now
Questions 62

Which of the following statements pertaining to ethical hacking is incorrect?

Options:

A.

An organization should use ethical hackers who do not sell auditing, hardware, software, firewall, hosting, and/or networking services.

B.

Testing should be done remotely to simulate external threats.

C.

Ethical hacking should not involve writing to or modifying the target systems negatively.

D.

Ethical hackers never use tools that have the potential of affecting servers or services.

Buy Now
Questions 63

In the process of gathering evidence from a computer attack, a system administrator took a series of actions which are listed below. Can you identify which one of these actions has compromised the whole evidence collection process?

Options:

A.

Using a write blocker

B.

Made a full-disk image

C.

Created a message digest for log files

D.

Displayed the contents of a folder

Buy Now
Questions 64

Network-based Intrusion Detection systems:

Options:

A.

Commonly reside on a discrete network segment and monitor the traffic on that network segment.

B.

Commonly will not reside on a discrete network segment and monitor the traffic on that network segment.

C.

Commonly reside on a discrete network segment and does not monitor the traffic on that network segment.

D.

Commonly reside on a host and and monitor the traffic on that specific host.

Buy Now
Questions 65

Which of the following would be LESS likely to prevent an employee from reporting an incident?

Options:

A.

They are afraid of being pulled into something they don't want to be involved with.

B.

The process of reporting incidents is centralized.

C.

They are afraid of being accused of something they didn't do.

D.

They are unaware of the company's security policies and procedures.

Buy Now
Questions 66

Who can best decide what are the adequate technical security controls in a computer-based application system in regards to the protection of the data being used, the criticality of the data, and it's sensitivity level ?

Options:

A.

System Auditor

B.

Data or Information Owner

C.

System Manager

D.

Data or Information user

Buy Now
Questions 67

Due care is not related to:

Options:

A.

Good faith

B.

Prudent man

C.

Profit

D.

Best interest

Buy Now
Questions 68

Which of the following questions are least likely to help in assessing controls covering audit trails?

Options:

A.

Does the audit trail provide a trace of user actions?

B.

Are incidents monitored and tracked until resolved?

C.

Is access to online logs strictly controlled?

D.

Is there separation of duties between security personnel who administer the access control function and those who administer the audit trail?

Buy Now
Questions 69

What would be considered the biggest drawback of Host-based Intrusion Detection systems (HIDS)?

Options:

A.

It can be very invasive to the host operating system

B.

Monitors all processes and activities on the host system only

C.

Virtually eliminates limits associated with encryption

D.

They have an increased level of visibility and control compared to NIDS

Buy Now
Questions 70

The preliminary steps to security planning include all of the following EXCEPT which of the following?

Options:

A.

Establish objectives.

B.

List planning assumptions.

C.

Establish a security audit function.

D.

Determine alternate courses of action

Buy Now
Questions 71

IT security measures should:

Options:

A.

Be complex

B.

Be tailored to meet organizational security goals.

C.

Make sure that every asset of the organization is well protected.

D.

Not be developed in a layered fashion.

Buy Now
Questions 72

What can best be described as a domain of trust that shares a single security policy and single management?

Options:

A.

The reference monitor

B.

A security domain

C.

The security kernel

D.

The security perimeter

Buy Now
Questions 73

Which of the following best describes the purpose of debugging programs?

Options:

A.

To generate random data that can be used to test programs before implementing them.

B.

To ensure that program coding flaws are detected and corrected.

C.

To protect, during the programming phase, valid changes from being overwritten by other changes.

D.

To compare source code versions before transferring to the test environment

Buy Now
Questions 74

Which of the following security mode of operation does NOT require all users to have the clearance for all information processed on the system?

Options:

A.

Compartmented security mode

B.

Multilevel security mode

C.

System-high security mode

D.

Dedicated security mode

Buy Now
Questions 75

Which property ensures that only the intended recipient can access the data and nobody else?

Options:

A.

Confidentiality

B.

Capability

C.

Integrity

D.

Availability

Buy Now
Questions 76

An Architecture where there are more than two execution domains or privilege levels is called:

Options:

A.

Ring Architecture.

B.

Ring Layering

C.

Network Environment.

D.

Security Models

Buy Now
Questions 77

Which of the following is commonly used for retrofitting multilevel security to a database management system?

Options:

A.

trusted front-end.

B.

trusted back-end.

C.

controller.

D.

kernel.

Buy Now
Questions 78

When two or more separate entities (usually persons) operating in concert to protect sensitive functions or information must combine their knowledge to gain access to an asset, this is known as?

Options:

A.

Dual Control

B.

Need to know

C.

Separation of duties

D.

Segragation of duties

Buy Now
Questions 79

Which of the following would be the best reason for separating the test and development environments?

Options:

A.

To restrict access to systems under test.

B.

To control the stability of the test environment.

C.

To segregate user and development staff.

D.

To secure access to systems under development.

Buy Now
Questions 80

What mechanism does a system use to compare the security labels of a subject and an object?

Options:

A.

Validation Module.

B.

Reference Monitor.

C.

Clearance Check.

D.

Security Module.

Buy Now
Questions 81

Which of the following phases of a system development life-cycle is most concerned with maintaining proper authentication of users and processes to ensure appropriate access control decisions?

Options:

A.

Development/acquisition

B.

Implementation

C.

Operation/Maintenance

D.

Initiation

Buy Now
Questions 82

Which software development model is actually a meta-model that incorporates a number of the software development models?

Options:

A.

The Waterfall model

B.

The modified Waterfall model

C.

The Spiral model

D.

The Critical Path Model (CPM)

Buy Now
Questions 83

The major objective of system configuration management is which of the following?

Options:

A.

system maintenance.

B.

system stability.

C.

system operations.

D.

system tracking.

Buy Now
Questions 84

Which of the following best defines add-on security?

Options:

A.

Physical security complementing logical security measures.

B.

Protection mechanisms implemented as an integral part of an information system.

C.

Layer security.

D.

Protection mechanisms implemented after an information system has become operational.

Buy Now
Questions 85

The security of a computer application is most effective and economical in which of the following cases?

Options:

A.

The system is optimized prior to the addition of security.

B.

The system is procured off-the-shelf.

C.

The system is customized to meet the specific security threat.

D.

The system is originally designed to provide the necessary security.

Buy Now
Questions 86

Which of the following are required for Life-Cycle Assurance?

Options:

A.

System Architecture and Design specification.

B.

Security Testing and Covert Channel Analysis.

C.

Security Testing and Trusted distribution.

D.

Configuration Management and Trusted Facility Management.

Buy Now
Questions 87

What can be defined as: It confirms that users’ needs have been met by the supplied solution ?

Options:

A.

Accreditation

B.

Certification

C.

Assurance

D.

Acceptance

Buy Now
Questions 88

Making sure that the data is accessible when and where it is needed is which of the following?

Options:

A.

confidentiality

B.

integrity

C.

acceptability

D.

availability

Buy Now
Questions 89

Which of the following are NOT a countermeasure to traffic analysis?

Options:

A.

Padding messages.

B.

Eavesdropping.

C.

Sending noise.

D.

Faraday Cage

Buy Now
Questions 90

What prevents a process from accessing another process' data?

Options:

A.

Memory segmentation

B.

Process isolation

C.

The reference monitor

D.

Data hiding

Buy Now
Questions 91

Which of the following security controls might force an operator into collusion with personnel assigned organizationally within a different function in order to gain access to unauthorized data?

Options:

A.

Limiting the local access of operations personnel

B.

Job rotation of operations personnel

C.

Management monitoring of audit logs

D.

Enforcing regular password changes

Buy Now
Questions 92

In what way could Java applets pose a security threat?

Options:

A.

Their transport can interrupt the secure distribution of World Wide Web pages over the Internet by removing SSL and S-HTTP

B.

Java interpreters do not provide the ability to limit system access that an applet could have on a client system.

C.

Executables from the Internet may attempt an intentional attack when they are downloaded on a client system.

D.

Java does not check the bytecode at runtime or provide other safety mechanisms for program isolation from the client system.

Buy Now
Questions 93

Which of the following statements pertaining to disaster recovery planning is incorrect?

Options:

A.

Every organization must have a disaster recovery plan

B.

A disaster recovery plan contains actions to be taken before, during and after a disruptive event.

C.

The major goal of disaster recovery planning is to provide an organized way to make decisions if a disruptive event occurs.

D.

A disaster recovery plan should cover return from alternate facilities to primary facilities.

Buy Now
Questions 94

Which of the following should be emphasized during the Business Impact Analysis (BIA) considering that the BIA focus is on business processes?

Options:

A.

Composition

B.

Priorities

C.

Dependencies

D.

Service levels

Buy Now
Questions 95

Which of the following best describes remote journaling?

Options:

A.

Send hourly tapes containing transactions off-site.

B.

Send daily tapes containing transactions off-site.

C.

Real-time capture of transactions to multiple storage devices.

D.

Real time transmission of copies of the entries in the journal of transactions to an alternate site.

Buy Now
Questions 96

Which one of the following is NOT one of the outcomes of a vulnerability assessment?

Options:

A.

Quantative loss assessment

B.

Qualitative loss assessment

C.

Formal approval of BCP scope and initiation document

D.

Defining critical support areas

Buy Now
Questions 97

Which of the following proves or disproves a specific act through oral testimony based on information gathered through the witness's five senses?

Options:

A.

Direct evidence.

B.

Circumstantial evidence.

C.

Conclusive evidence.

D.

Corroborative evidence.

Buy Now
Questions 98

Controls are implemented to:

Options:

A.

eliminate risk and reduce the potential for loss

B.

mitigate risk and eliminate the potential for loss

C.

mitigate risk and reduce the potential for loss

D.

eliminate risk and eliminate the potential for loss

Buy Now
Questions 99

During the salvage of the Local Area Network and Servers, which of the following steps would normally be performed first?

Options:

A.

Damage mitigation

B.

Install LAN communications network and servers

C.

Assess damage to LAN and servers

D.

Recover equipment

Buy Now
Questions 100

Which of the following backup method must be made regardless of whether Differential or Incremental methods are used?

Options:

A.

Full Backup Method.

B.

Incremental backup method.

C.

Supplemental backup method.

D.

Tape backup method.

Buy Now
Questions 101

Which of the following best defines a Computer Security Incident Response Team (CSIRT)?

Options:

A.

An organization that provides a secure channel for receiving reports about suspected security incidents.

B.

An organization that ensures that security incidents are reported to the authorities.

C.

An organization that coordinates and supports the response to security incidents.

D.

An organization that disseminates incident-related information to its constituency and other involved parties.

Buy Now
Questions 102

What can be defined as a momentary low voltage?

Options:

A.

Spike

B.

Sag

C.

Fault

D.

Brownout

Buy Now
Questions 103

Which of the following best allows risk management results to be used knowledgeably?

Options:

A.

A vulnerability analysis

B.

A likelihood assessment

C.

An uncertainty analysis

D.

A threat identification

Buy Now
Questions 104

Why would a memory dump be admissible as evidence in court?

Options:

A.

Because it is used to demonstrate the truth of the contents.

B.

Because it is used to identify the state of the system.

C.

Because the state of the memory cannot be used as evidence.

D.

Because of the exclusionary rule.

Buy Now
Questions 105

To protect and/or restore lost, corrupted, or deleted information, thereby preserving the data integrity and availability is the purpose of:

Options:

A.

Remote journaling.

B.

Database shadowing.

C.

A tape backup method.

D.

Mirroring.

Buy Now
Questions 106

Which of the following results in the most devastating business interruptions?

Options:

A.

Loss of Hardware/Software

B.

Loss of Data

C.

Loss of Communication Links

D.

Loss of Applications

Buy Now
Questions 107

What can be defined as the maximum acceptable length of time that elapses before the unavailability of the system severely affects the organization?

Options:

A.

Recovery Point Objectives (RPO)

B.

Recovery Time Objectives (RTO)

C.

Recovery Time Period (RTP)

D.

Critical Recovery Time (CRT)

Buy Now
Questions 108

How should a risk be HANDLED when the cost of the countermeasure OUTWEIGHS the cost of the risk?

Options:

A.

Reject the risk

B.

Perform another risk analysis

C.

Accept the risk

D.

Reduce the risk

Buy Now
Questions 109

Valuable paper insurance coverage does not cover damage to which of the following?

Options:

A.

Inscribed, printed and Written documents

B.

Manuscripts

C.

Records

D.

Money and Securities

Buy Now
Questions 110

Which of the following would be MOST important to guarantee that the computer evidence will be admissible in court?

Options:

A.

It must prove a fact that is immaterial to the case.

B.

Its reliability must be proven.

C.

The process for producing it must be documented and repeatable.

D.

The chain of custody of the evidence must show who collected, secured, controlled, handled, transported the evidence, and that it was not tampered with.

Buy Now
Questions 111

Which of the following focuses on sustaining an organization's business functions during and after a disruption?

Options:

A.

Business continuity plan

B.

Business recovery plan

C.

Continuity of operations plan

D.

Disaster recovery plan

Buy Now
Questions 112

The IP header contains a protocol field. If this field contains the value of 51, what type of data is contained within the ip datagram?

Options:

A.

Transmission Control Protocol (TCP)

B.

Authentication Header (AH)

C.

User datagram protocol (UDP)

D.

Internet Control Message Protocol (ICMP)

Buy Now
Questions 113

Which of the following backup methods is most appropriate for off-site archiving?

Options:

A.

Incremental backup method

B.

Off-site backup method

C.

Full backup method

D.

Differential backup method

Buy Now
Questions 114

The absence of a safeguard, or a weakness in a system that may possibly be exploited is called a(n)?

Options:

A.

Threat

B.

Exposure

C.

Vulnerability

D.

Risk

Buy Now
Questions 115

Which of the following outlined how senior management are responsible for the computer and information security decisions that they make and what actually took place within their organizations?

Options:

A.

The Computer Security Act of 1987.

B.

The Federal Sentencing Guidelines of 1991.

C.

The Economic Espionage Act of 1996.

D.

The Computer Fraud and Abuse Act of 1986.

Buy Now
Questions 116

Which access control model was proposed for enforcing access control in government and military applications?

Options:

A.

Bell-LaPadula model

B.

Biba model

C.

Sutherland model

D.

Brewer-Nash model

Buy Now
Questions 117

Which type of control is concerned with restoring controls?

Options:

A.

Compensating controls

B.

Corrective controls

C.

Detective controls

D.

Preventive controls

Buy Now
Questions 118

Which of the following is needed for System Accountability?

Options:

A.

Audit mechanisms.

B.

Documented design as laid out in the Common Criteria.

C.

Authorization.

D.

Formal verification of system design.

Buy Now
Questions 119

What is the difference between Access Control Lists (ACLs) and Capability Tables?

Options:

A.

Access control lists are related/attached to a subject whereas capability tables are related/attached to an object.

B.

Access control lists are related/attached to an object whereas capability tables are related/attached to a subject.

C.

Capability tables are used for objects whereas access control lists are used for users.

D.

They are basically the same.

Buy Now
Questions 120

Which access control model achieves data integrity through well-formed transactions and separation of duties?

Options:

A.

Clark-Wilson model

B.

Biba model

C.

Non-interference model

D.

Sutherland model

Buy Now
Questions 121

Which of the following control pairing places emphasis on "soft" mechanisms that support the access control objectives?

Options:

A.

Preventive/Technical Pairing

B.

Preventive/Administrative Pairing

C.

Preventive/Physical Pairing

D.

Detective/Administrative Pairing

Buy Now
Questions 122

Which of the following is related to physical security and is not considered a technical control?

Options:

A.

Access control Mechanisms

B.

Intrusion Detection Systems

C.

Firewalls

D.

Locks

Buy Now
Questions 123

What is called the type of access control where there are pairs of elements that have the least upper bound of values and greatest lower bound of values?

Options:

A.

Mandatory model

B.

Discretionary model

C.

Lattice model

D.

Rule model

Buy Now
Questions 124

When submitting a passphrase for authentication, the passphrase is converted into ...

Options:

A.

a virtual password by the system

B.

a new passphrase by the system

C.

a new passphrase by the encryption technology

D.

a real password by the system which can be used forever

Buy Now
Questions 125

In an organization where there are frequent personnel changes, non-discretionary access control using Role Based Access Control (RBAC) is useful because:

Options:

A.

people need not use discretion

B.

the access controls are based on the individual's role or title within the organization.

C.

the access controls are not based on the individual's role or title within the organization

D.

the access controls are often based on the individual's role or title within the organization

Buy Now
Questions 126

Which of the following is not a two-factor authentication mechanism?

Options:

A.

Something you have and something you know.

B.

Something you do and a password.

C.

A smartcard and something you are.

D.

Something you know and a password.

Buy Now
Questions 127

How would nonrepudiation be best classified as?

Options:

A.

A preventive control

B.

A logical control

C.

A corrective control

D.

A compensating control

Buy Now
Questions 128

In which of the following security models is the subject's clearance compared to the object's classification such that specific rules can be applied to control how the subject-to-object interactions take place?

Options:

A.

Bell-LaPadula model

B.

Biba model

C.

Access Matrix model

D.

Take-Grant model

Buy Now
Questions 129

What refers to legitimate users accessing networked services that would normally be restricted to them?

Options:

A.

Spoofing

B.

Piggybacking

C.

Eavesdropping

D.

Logon abuse

Buy Now
Questions 130

A potential problem related to the physical installation of the Iris Scanner in regards to the usage of the iris pattern within a biometric system is:

Options:

A.

concern that the laser beam may cause eye damage

B.

the iris pattern changes as a person grows older.

C.

there is a relatively high rate of false accepts.

D.

the optical unit must be positioned so that the sun does not shine into the aperture.

Buy Now
Questions 131

Which of the following is NOT part of the Kerberos authentication protocol?

Options:

A.

Symmetric key cryptography

B.

Authentication service (AS)

C.

Principals

D.

Public Key

Buy Now
Questions 132

Kerberos can prevent which one of the following attacks?

Options:

A.

tunneling attack.

B.

playback (replay) attack.

C.

destructive attack.

D.

process attack.

Buy Now
Questions 133

Which access control model would a lattice-based access control model be an example of?

Options:

A.

Mandatory access control.

B.

Discretionary access control.

C.

Non-discretionary access control.

D.

Rule-based access control.

Buy Now
Questions 134

Almost all types of detection permit a system's sensitivity to be increased or decreased during an inspection process. If the system's sensitivity is increased, such as in a biometric authentication system, the system becomes increasingly selective and has the possibility of generating:

Options:

A.

Lower False Rejection Rate (FRR)

B.

Higher False Rejection Rate (FRR)

C.

Higher False Acceptance Rate (FAR)

D.

It will not affect either FAR or FRR

Buy Now
Questions 135

Which of the following is not a logical control when implementing logical access security?

Options:

A.

access profiles.

B.

userids.

C.

employee badges.

D.

passwords.

Buy Now
Questions 136

Which of the following is NOT a system-sensing wireless proximity card?

Options:

A.

magnetically striped card

B.

passive device

C.

field-powered device

D.

transponder

Buy Now
Questions 137

Because all the secret keys are held and authentication is performed on the Kerberos TGS and the authentication servers, these servers are vulnerable to:

Options:

A.

neither physical attacks nor attacks from malicious code.

B.

physical attacks only

C.

both physical attacks and attacks from malicious code.

D.

physical attacks but not attacks from malicious code.

Buy Now
Questions 138

Which of the following is most appropriate to notify an external user that session monitoring is being conducted?

Options:

A.

Logon Banners

B.

Wall poster

C.

Employee Handbook

D.

Written agreement

Buy Now
Exam Code: SSCP
Exam Name: Systems Security Certified Practitioner
Last Update: Dec 22, 2024
Questions: 1074

PDF + Testing Engine

$134.99

Testing Engine

$99.99

PDF (Q&A)

$84.99