Valentine Day Sale - Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 575363r9

Welcome To DumpsPedia

SSCP Sample Questions Answers

Questions 4

In computing what is the name of a non-self-replicating type of malware program containing malicious code that appears to have some useful purpose but also contains code that has a malicious or harmful purpose imbedded in it, when executed, carries out actions that are unknown to the person installing it, typically causing loss or theft of data, and possible system harm.

Options:

A.

virus

B.

worm

C.

Trojan horse.

D.

trapdoor

Buy Now
Questions 5

The high availability of multiple all-inclusive, easy-to-use hacking tools that do NOT require much technical knowledge has brought a growth in the number of which type of attackers?

Options:

A.

Black hats

B.

White hats

C.

Script kiddies

D.

Phreakers

Buy Now
Questions 6

Which of the following virus types changes some of its characteristics as it spreads?

Options:

A.

Boot Sector

B.

Parasitic

C.

Stealth

D.

Polymorphic

Buy Now
Questions 7

Java is not:

Options:

A.

Object-oriented.

B.

Distributed.

C.

Architecture Specific.

D.

Multithreaded.

Buy Now
Questions 8

What best describes a scenario when an employee has been shaving off pennies from multiple accounts and depositing the funds into his own bank account?

Options:

A.

Data fiddling

B.

Data diddling

C.

Salami techniques

D.

Trojan horses

Buy Now
Questions 9

Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:

Options:

A.

Not possible

B.

Only possible with key recovery scheme of all user keys

C.

It is possible only if X509 Version 3 certificates are used

D.

It is possible only by "brute force" decryption

Buy Now
Questions 10

Which virus category has the capability of changing its own code, making it harder to detect by anti-virus software?

Options:

A.

Stealth viruses

B.

Polymorphic viruses

C.

Trojan horses

D.

Logic bombs

Buy Now
Questions 11

Crackers today are MOST often motivated by their desire to:

Options:

A.

Help the community in securing their networks.

B.

Seeing how far their skills will take them.

C.

Getting recognition for their actions.

D.

Gaining Money or Financial Gains.

Buy Now
Questions 12

Which of the following technologies is a target of XSS or CSS (Cross-Site Scripting) attacks?

Options:

A.

Web Applications

B.

Intrusion Detection Systems

C.

Firewalls

D.

DNS Servers

Buy Now
Questions 13

Which of the following computer crime is MORE often associated with INSIDERS?

Options:

A.

IP spoofing

B.

Password sniffing

C.

Data diddling

D.

Denial of service (DOS)

Buy Now
Questions 14

What do the ILOVEYOU and Melissa virus attacks have in common?

Options:

A.

They are both denial-of-service (DOS) attacks.

B.

They have nothing in common.

C.

They are both masquerading attacks.

D.

They are both social engineering attacks.

Buy Now
Questions 15

What can be described as a measure of the magnitude of loss or impact on the value of an asset?

Options:

A.

Probability

B.

Exposure factor

C.

Vulnerability

D.

Threat

Buy Now
Questions 16

The first step in the implementation of the contingency plan is to perform:

Options:

A.

A firmware backup

B.

A data backup

C.

An operating systems software backup

D.

An application software backup

Buy Now
Questions 17

This type of backup management provides a continuous on-line backup by using optical or tape "jukeboxes," similar to WORMs (Write Once, Read Many):

Options:

A.

Hierarchical Storage Management (HSM).

B.

Hierarchical Resource Management (HRM).

C.

Hierarchical Access Management (HAM).

D.

Hierarchical Instance Management (HIM).

Buy Now
Questions 18

Which of the following tools is NOT likely to be used by a hacker?

Options:

A.

Nessus

B.

Saint

C.

Tripwire

D.

Nmap

Buy Now
Questions 19

In which of the following model are Subjects and Objects identified and the permissions applied to each subject/object combination are specified. Such a model can be used to quickly summarize what permissions a subject has for various system objects.

Options:

A.

Access Control Matrix model

B.

Take-Grant model

C.

Bell-LaPadula model

D.

Biba model

Buy Now
Questions 20

Which of the following results in the most devastating business interruptions?

Options:

A.

Loss of Hardware/Software

B.

Loss of Data

C.

Loss of Communication Links

D.

Loss of Applications

Buy Now
Questions 21

Which TCSEC class specifies discretionary protection?

Options:

A.

B2

B.

B1

C.

C2

D.

C1

Buy Now
Questions 22

Which of the following is NOT part of the Kerberos authentication protocol?

Options:

A.

Symmetric key cryptography

B.

Authentication service (AS)

C.

Principals

D.

Public Key

Buy Now
Questions 23

Which of the following recovery plan test results would be most useful to management?

Options:

A.

elapsed time to perform various activities.

B.

list of successful and unsuccessful activities.

C.

amount of work completed.

D.

description of each activity.

Buy Now
Questions 24

Risk mitigation and risk reduction controls for providing information security are classified within three main categories, which of the following are being used?

Options:

A.

preventive, corrective, and administrative

B.

detective, corrective, and physical

C.

Physical, technical, and administrative

D.

Administrative, operational, and logical

Buy Now
Questions 25

Which of the following is an example of an active attack?

Options:

A.

Traffic analysis

B.

Scanning

C.

Eavesdropping

D.

Wiretapping

Buy Now
Questions 26

What can best be defined as a strongly protected computer that is in a network protected by a firewall (or is part of a firewall) and is the only host (or one of only a few hosts) in the network that can be directly accessed from networks on the other side of the firewall?

Options:

A.

A bastion host

B.

A screened subnet

C.

A dual-homed host

D.

A proxy server

Buy Now
Questions 27

When two or more separate entities (usually persons) operating in concert to protect sensitive functions or information must combine their knowledge to gain access to an asset, this is known as?

Options:

A.

Dual Control

B.

Need to know

C.

Separation of duties

D.

Segragation of duties

Buy Now
Questions 28

Which of the following backup methods makes a complete backup of every file on the server every time it is run?

Options:

A.

full backup method.

B.

incremental backup method.

C.

differential backup method.

D.

tape backup method.

Buy Now
Questions 29

What attack involves the perpetrator sending spoofed packet(s) wich contains the same destination and source IP address as the remote host, the same port for the source and destination, having the SYN flag, and targeting any open ports that are open on the remote host?

Options:

A.

Boink attack

B.

Land attack

C.

Teardrop attack

D.

Smurf attack

Buy Now
Questions 30

Which of the following can be defined as an Internet protocol by which a client workstation can dynamically access a mailbox on a server host to manipulate and retrieve mail messages that the server has received and is holding for the client?

Options:

A.

IMAP4

B.

SMTP

C.

MIME

D.

PEM

Buy Now
Questions 31

Which of the following is NOT a VPN communications protocol standard?

Options:

A.

Point-to-point tunnelling protocol (PPTP)

B.

Challenge Handshake Authentication Protocol (CHAP)

C.

Layer 2 tunnelling protocol (L2TP)

D.

IP Security

Buy Now
Questions 32

Which of the following is unlike the other three choices presented?

Options:

A.

El Gamal

B.

Teardrop

C.

Buffer Overflow

D.

Smurf

Buy Now
Questions 33

Which of the following is not an example of a block cipher?

Options:

A.

Skipjack

B.

IDEA

C.

Blowfish

D.

RC4

Buy Now
Questions 34

Which of the following encryption algorithms does not deal with discrete logarithms?

Options:

A.

El Gamal

B.

Diffie-Hellman

C.

RSA

D.

Elliptic Curve

Buy Now
Questions 35

Which of the following standards concerns digital certificates?

Options:

A.

X.400

B.

X.25

C.

X.509

D.

X.75

Buy Now
Questions 36

What does the directive of the European Union on Electronic Signatures deal with?

Options:

A.

Encryption of classified data

B.

Encryption of secret data

C.

Non repudiation

D.

Authentication of web servers

Buy Now
Questions 37

In the process of gathering evidence from a computer attack, a system administrator took a series of actions which are listed below. Can you identify which one of these actions has compromised the whole evidence collection process?

Options:

A.

Using a write blocker

B.

Made a full-disk image

C.

Created a message digest for log files

D.

Displayed the contents of a folder

Buy Now
Questions 38

Attributes that characterize an attack are stored for reference using which of the following Intrusion Detection System (IDS) ?

Options:

A.

signature-based IDS

B.

statistical anomaly-based IDS

C.

event-based IDS

D.

inferent-based IDS

Buy Now
Questions 39

Who should measure the effectiveness of Information System security related controls in an organization?

Options:

A.

The local security specialist

B.

The business manager

C.

The systems auditor

D.

The central security manager

Buy Now
Questions 40

What is called an event or activity that has the potential to cause harm to the information systems or networks?

Options:

A.

Vulnerability

B.

Threat agent

C.

Weakness

D.

Threat

Buy Now
Questions 41

Which of the following choices describe a condition when RAM and Secondary storage are used together?

Options:

A.

Primary storage

B.

Secondary storage

C.

Virtual storage

D.

Real storage

Buy Now
Questions 42

The security of a computer application is most effective and economical in which of the following cases?

Options:

A.

The system is optimized prior to the addition of security.

B.

The system is procured off-the-shelf.

C.

The system is customized to meet the specific security threat.

D.

The system is originally designed to provide the necessary security.

Buy Now
Questions 43

What is used to protect programs from all unauthorized modification or executional interference?

Options:

A.

A protection domain

B.

A security perimeter

C.

Security labels

D.

Abstraction

Buy Now
Questions 44

In an organization where there are frequent personnel changes, non-discretionary access control using Role Based Access Control (RBAC) is useful because:

Options:

A.

people need not use discretion

B.

the access controls are based on the individual's role or title within the organization.

C.

the access controls are not based on the individual's role or title within the organization

D.

the access controls are often based on the individual's role or title within the organization

Buy Now
Questions 45

What does the (star) property mean in the Bell-LaPadula model?

Options:

A.

No write up

B.

No read up

C.

No write down

D.

No read down

Buy Now
Questions 46

The throughput rate is the rate at which individuals, once enrolled, can be processed and identified or authenticated by a biometric system. Acceptable throughput rates are in the range of:

Options:

A.

100 subjects per minute.

B.

25 subjects per minute.

C.

10 subjects per minute.

D.

50 subjects per minute.

Buy Now
Questions 47

Which is the last line of defense in a physical security sense?

Options:

A.

people

B.

interior barriers

C.

exterior barriers

D.

perimeter barriers

Buy Now
Questions 48

Which of the following was developed by the National Computer Security Center (NCSC) for the US Department of Defense ?

Options:

A.

TCSEC

B.

ITSEC

C.

DIACAP

D.

NIACAP

Buy Now
Questions 49

Business Continuity Planning (BCP) is not defined as a preparation that facilitates:

Options:

A.

the rapid recovery of mission-critical business operations

B.

the continuation of critical business functions

C.

the monitoring of threat activity for adjustment of technical controls

D.

the reduction of the impact of a disaster

Buy Now
Questions 50

Hierarchical Storage Management (HSM) is commonly employed in:

Options:

A.

very large data retrieval systems

B.

very small data retrieval systems

C.

shorter data retrieval systems

D.

most data retrieval systems

Buy Now
Questions 51

What does "residual risk" mean?

Options:

A.

The security risk that remains after controls have been implemented

B.

Weakness of an assets which can be exploited by a threat

C.

Risk that remains after risk assessment has has been performed

D.

A security risk intrinsic to an asset being audited, where no mitigation has taken place.

Buy Now
Questions 52

Which of the following is covered under Crime Insurance Policy Coverage?

Options:

A.

Inscribed, printed and Written documents

B.

Manuscripts

C.

Accounts Receivable

D.

Money and Securities

Buy Now
Questions 53

Which of the following would best describe secondary evidence?

Options:

A.

Oral testimony by a non-expert witness

B.

Oral testimony by an expert witness

C.

A copy of a piece of evidence

D.

Evidence that proves a specific act

Buy Now
Questions 54

This type of supporting evidence is used to help prove an idea or a point, however It cannot stand on its own, it is used as a supplementary tool to help prove a primary piece of evidence. What is the name of this type of evidence?

Options:

A.

Circumstantial evidence

B.

Corroborative evidence

C.

Opinion evidence

D.

Secondary evidence

Buy Now
Questions 55

In the course of responding to and handling an incident, you work on determining the root cause of the incident. In which step are you in?

Options:

A.

Recovery

B.

Containment

C.

Triage

D.

Analysis and tracking

Buy Now
Questions 56

Which of the following computer recovery sites is the least expensive and the most difficult to test?

Options:

A.

non-mobile hot site

B.

mobile hot site

C.

warm site

D.

cold site

Buy Now
Questions 57

What would BEST define risk management?

Options:

A.

The process of eliminating the risk

B.

The process of assessing the risks

C.

The process of reducing risk to an acceptable level

D.

The process of transferring risk

Buy Now
Questions 58

Business Continuity and Disaster Recovery Planning (Primarily) addresses the:

Options:

A.

Availability of the CIA triad

B.

Confidentiality of the CIA triad

C.

Integrity of the CIA triad

D.

Availability, Confidentiality and Integrity of the CIA triad

Buy Now
Questions 59

When referring to a computer crime investigation, which of the following would be the MOST important step required in order to preserve and maintain a proper chain of custody of evidence:

Options:

A.

Evidence has to be collected in accordance with all laws and all legal regulations.

B.

Law enforcement officials should be contacted for advice on how and when to collect critical information.

C.

Verifiable documentation indicating the who, what, when, where, and how the evidence was handled should be available.

D.

Log files containing information regarding an intrusion are retained for at least as long as normal business records, and longer in the case of an ongoing investigation.

Buy Now
Questions 60

Which of the following could be BEST defined as the likelihood of a threat agent taking advantage of a vulnerability?

Options:

A.

A risk

B.

A residual risk

C.

An exposure

D.

A countermeasure

Buy Now
Questions 61

What can be defined as an instance of two different keys generating the same ciphertext from the same plaintext?

Options:

A.

Key collision

B.

Key clustering

C.

Hashing

D.

Ciphertext collision

Buy Now
Questions 62

Cryptography does not concern itself with which of the following choices?

Options:

A.

Availability

B.

Integrity

C.

Confidentiality

D.

Validation

Buy Now
Questions 63

The primary purpose for using one-way hashing of user passwords within a password file is which of the following?

Options:

A.

It prevents an unauthorized person from trying multiple passwords in one logon attempt.

B.

It prevents an unauthorized person from reading the password.

C.

It minimizes the amount of storage required for user passwords.

D.

It minimizes the amount of processing time used for encrypting passwords.

Buy Now
Questions 64

Which of the following statements pertaining to message digests is incorrect?

Options:

A.

The original file cannot be created from the message digest.

B.

Two different files should not have the same message digest.

C.

The message digest should be calculated using at least 128 bytes of the file.

D.

Messages digests are usually of fixed size.

Buy Now
Questions 65

Which of the following services is NOT provided by the digital signature standard (DSS)?

Options:

A.

Encryption

B.

Integrity

C.

Digital signature

D.

Authentication

Buy Now
Questions 66

Which of the following can be best defined as computing techniques for inseparably embedding unobtrusive marks or labels as bits in digital data and for detecting or extracting the marks later?

Options:

A.

Steganography

B.

Digital watermarking

C.

Digital enveloping

D.

Digital signature

Buy Now
Questions 67

What are the three most important functions that Digital Signatures perform?

Options:

A.

Integrity, Confidentiality and Authorization

B.

Integrity, Authentication and Nonrepudiation

C.

Authorization, Authentication and Nonrepudiation

D.

Authorization, Detection and Accountability

Buy Now
Questions 68

The Diffie-Hellman algorithm is primarily used to provide which of the following?

Options:

A.

Confidentiality

B.

Key Agreement

C.

Integrity

D.

Non-repudiation

Buy Now
Questions 69

A one-way hash provides which of the following?

Options:

A.

Confidentiality

B.

Availability

C.

Integrity

D.

Authentication

Buy Now
Questions 70

What is the name of a one way transformation of a string of characters into a usually shorter fixed-length value or key that represents the original string? Such a transformation cannot be reversed?

Options:

A.

One-way hash

B.

DES

C.

Transposition

D.

Substitution

Buy Now
Questions 71

What is the RESULT of a hash algorithm being applied to a message ?

Options:

A.

A digital signature

B.

A ciphertext

C.

A message digest

D.

A plaintext

Buy Now
Questions 72

Which of the following is NOT a symmetric key algorithm?

Options:

A.

Blowfish

B.

Digital Signature Standard (DSS)

C.

Triple DES (3DES)

D.

RC5

Buy Now
Questions 73

Which of the following protocols that provide integrity and authentication for IPSec, can also provide non-repudiation in IPSec?

Options:

A.

Authentication Header (AH)

B.

Encapsulating Security Payload (ESP)

C.

Secure Sockets Layer (SSL)

D.

Secure Shell (SSH-2)

Buy Now
Questions 74

Which of the following is NOT a true statement regarding the implementaton of the 3DES modes?

Options:

A.

DES-EEE1 uses one key

B.

DES-EEE2 uses two keys

C.

DES-EEE3 uses three keys

D.

DES-EDE2 uses two keys

Buy Now
Questions 75

What is the main problem of the renewal of a root CA certificate?

Options:

A.

It requires key recovery of all end user keys

B.

It requires the authentic distribution of the new root CA certificate to all PKI participants

C.

It requires the collection of the old root CA certificates from all the users

D.

It requires issuance of the new root CA certificate

Buy Now
Questions 76

Which of the following is not a DES mode of operation?

Options:

A.

Cipher block chaining

B.

Electronic code book

C.

Input feedback

D.

Cipher feedback

Buy Now
Questions 77

Which encryption algorithm is BEST suited for communication with handheld wireless devices?

Options:

A.

ECC (Elliptic Curve Cryptosystem)

B.

RSA

C.

SHA

D.

RC4

Buy Now
Questions 78

What kind of encryption is realized in the S/MIME-standard?

Options:

A.

Asymmetric encryption scheme

B.

Password based encryption scheme

C.

Public key based, hybrid encryption scheme

D.

Elliptic curve based encryption

Buy Now
Questions 79

Which of the following is more suitable for a hardware implementation?

Options:

A.

Stream ciphers

B.

Block ciphers

C.

Cipher block chaining

D.

Electronic code book

Buy Now
Questions 80

Which of the following can be defined as the process of rerunning a portion of the test scenario or test plan to ensure that changes or corrections have not introduced new errors?

Options:

A.

Unit testing

B.

Pilot testing

C.

Regression testing

D.

Parallel testing

Buy Now
Questions 81

Related to information security, the prevention of the intentional or unintentional unauthorized disclosure of contents is which of the following?

Options:

A.

Confidentiality

B.

Integrity

C.

Availability

D.

capability

Buy Now
Questions 82

A 'Pseudo flaw' is which of the following?

Options:

A.

An apparent loophole deliberately implanted in an operating system program as a trap for intruders.

B.

An omission when generating Psuedo-code.

C.

Used for testing for bounds violations in application programming.

D.

A normally generated page fault causing the system to halt.

Buy Now
Questions 83

Which of the following is NOT a basic component of security architecture?

Options:

A.

Motherboard

B.

Central Processing Unit (CPU

C.

Storage Devices

D.

Peripherals (input/output devices)

Buy Now
Questions 84

Which of the following phases of a software development life cycle normally incorporates the security specifications, determines access controls, and evaluates encryption options?

Options:

A.

Detailed design

B.

Implementation

C.

Product design

D.

Software plans and requirements

Buy Now
Questions 85

What can best be defined as the sum of protection mechanisms inside the computer, including hardware, firmware and software?

Options:

A.

Trusted system

B.

Security kernel

C.

Trusted computing base

D.

Security perimeter

Buy Now
Questions 86

Which of the following is most concerned with personnel security?

Options:

A.

Management controls

B.

Operational controls

C.

Technical controls

D.

Human resources controls

Buy Now
Questions 87

Who is responsible for initiating corrective measures and capabilities used when there are security violations?

Options:

A.

Information systems auditor

B.

Security administrator

C.

Management

D.

Data owners

Buy Now
Questions 88

Which of the following is commonly used for retrofitting multilevel security to a database management system?

Options:

A.

trusted front-end.

B.

trusted back-end.

C.

controller.

D.

kernel.

Buy Now
Questions 89

What does "System Integrity" mean?

Options:

A.

The software of the system has been implemented as designed.

B.

Users can't tamper with processes they do not own.

C.

Hardware and firmware have undergone periodic testing to verify that they are functioning properly.

D.

Design specifications have been verified against the formal top-level specification.

Buy Now
Questions 90

What is called a system that is capable of detecting that a fault has occurred and has the ability to correct the fault or operate around it?

Options:

A.

A fail safe system

B.

A fail soft system

C.

A fault-tolerant system

D.

A failover system

Buy Now
Questions 91

Which of the following statements pertaining to protection rings is false?

Options:

A.

They provide strict boundaries and definitions on what the processes that work within each ring can access.

B.

Programs operating in inner rings are usually referred to as existing in a privileged mode.

C.

They support the CIA triad requirements of multitasking operating systems.

D.

They provide users with a direct access to peripherals

Buy Now
Questions 92

A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?

Options:

A.

Covert channel

B.

Overt channel

C.

Opened channel

D.

Closed channel

Buy Now
Questions 93

The Reference Validation Mechanism that ensures the authorized access relationships between subjects and objects is implementing which of the following concept:

Options:

A.

The reference monitor.

B.

Discretionary Access Control.

C.

The Security Kernel.

D.

Mandatory Access Control.

Buy Now
Questions 94

What would BEST define a covert channel?

Options:

A.

An undocumented backdoor that has been left by a programmer in an operating system

B.

An open system port that should be closed.

C.

A communication channel that allows transfer of information in a manner that violates the system's security policy.

D.

A trojan horse.

Buy Now
Questions 95

Which software development model is actually a meta-model that incorporates a number of the software development models?

Options:

A.

The Waterfall model

B.

The modified Waterfall model

C.

The Spiral model

D.

The Critical Path Model (CPM)

Buy Now
Questions 96

Making sure that only those who are supposed to access the data can access is which of the following?

Options:

A.

confidentiality.

B.

capability.

C.

integrity.

D.

availability.

Buy Now
Questions 97

Which of the following is a not a preventative control?

Options:

A.

Deny programmer access to production data.

B.

Require change requests to include information about dates, descriptions, cost analysis and anticipated effects.

C.

Run a source comparison program between control and current source periodically.

D.

Establish procedures for emergency changes.

Buy Now
Questions 98

The major objective of system configuration management is which of the following?

Options:

A.

system maintenance.

B.

system stability.

C.

system operations.

D.

system tracking.

Buy Now
Questions 99

Which of the following are additional terms used to describe knowledge-based IDS and behavior-based IDS?

Options:

A.

signature-based IDS and statistical anomaly-based IDS, respectively

B.

signature-based IDS and dynamic anomaly-based IDS, respectively

C.

anomaly-based IDS and statistical-based IDS, respectively

D.

signature-based IDS and motion anomaly-based IDS, respectively.

Buy Now
Questions 100

Which of the following are the two MOST common implementations of Intrusion Detection Systems?

Options:

A.

Server-based and Host-based.

B.

Network-based and Guest-based.

C.

Network-based and Client-based.

D.

Network-based and Host-based.

Buy Now
Questions 101

What is the essential difference between a self-audit and an independent audit?

Options:

A.

Tools used

B.

Results

C.

Objectivity

D.

Competence

Buy Now
Questions 102

Which of the following types of Intrusion Detection Systems uses behavioral characteristics of a system’s operation or network traffic to draw conclusions on whether the traffic represents a risk to the network or host?

Options:

A.

Network-based ID systems.

B.

Anomaly Detection.

C.

Host-based ID systems.

D.

Signature Analysis.

Buy Now
Questions 103

In order to enable users to perform tasks and duties without having to go through extra steps it is important that the security controls and mechanisms that are in place have a degree of?

Options:

A.

Complexity

B.

Non-transparency

C.

Transparency

D.

Simplicity

Buy Now
Questions 104

The session layer provides a logical persistent connection between peer hosts. Which of the following is one of the modes used in the session layer to establish this connection?

Options:

A.

Full duplex

B.

Synchronous

C.

Asynchronous

D.

Half simplex

Buy Now
Questions 105

Which of the following is NOT a characteristic of a host-based intrusion detection system?

Options:

A.

A HIDS does not consume large amounts of system resources

B.

A HIDS can analyse system logs, processes and resources

C.

A HIDS looks for unauthorized changes to the system

D.

A HIDS can notify system administrators when unusual events are identified

Buy Now
Questions 106

What setup should an administrator use for regularly testing the strength of user passwords?

Options:

A.

A networked workstation so that the live password database can easily be accessed by the cracking program.

B.

A networked workstation so the password database can easily be copied locally and processed by the cracking program.

C.

A standalone workstation on which the password database is copied and processed by the cracking program.

D.

A password-cracking program is unethical; therefore it should not be used.

Buy Now
Questions 107

Which of the following is an issue with signature-based intrusion detection systems?

Options:

A.

Only previously identified attack signatures are detected.

B.

Signature databases must be augmented with inferential elements.

C.

It runs only on the windows operating system

D.

Hackers can circumvent signature evaluations.

Buy Now
Questions 108

Which of the following is NOT a valid reason to use external penetration service firms rather than corporate resources?

Options:

A.

They are more cost-effective

B.

They offer a lack of corporate bias

C.

They use highly talented ex-hackers

D.

They ensure a more complete reporting

Buy Now
Questions 109

Which of the following would be LESS likely to prevent an employee from reporting an incident?

Options:

A.

They are afraid of being pulled into something they don't want to be involved with.

B.

The process of reporting incidents is centralized.

C.

They are afraid of being accused of something they didn't do.

D.

They are unaware of the company's security policies and procedures.

Buy Now
Questions 110

A host-based IDS is resident on which of the following?

Options:

A.

On each of the critical hosts

B.

decentralized hosts

C.

central hosts

D.

bastion hosts

Buy Now
Questions 111

The fact that a network-based IDS reviews packets payload and headers enable which of the following?

Options:

A.

Detection of denial of service

B.

Detection of all viruses

C.

Detection of data corruption

D.

Detection of all password guessing attacks

Buy Now
Questions 112

A periodic review of user account management should not determine:

Options:

A.

Conformity with the concept of least privilege.

B.

Whether active accounts are still being used.

C.

Strength of user-chosen passwords.

D.

Whether management authorizations are up-to-date.

Buy Now
Questions 113

Which of the following is required in order to provide accountability?

Options:

A.

Authentication

B.

Integrity

C.

Confidentiality

D.

Audit trails

Buy Now
Questions 114

Network-based Intrusion Detection systems:

Options:

A.

Commonly reside on a discrete network segment and monitor the traffic on that network segment.

B.

Commonly will not reside on a discrete network segment and monitor the traffic on that network segment.

C.

Commonly reside on a discrete network segment and does not monitor the traffic on that network segment.

D.

Commonly reside on a host and and monitor the traffic on that specific host.

Buy Now
Questions 115

Which of the following is a disadvantage of a statistical anomaly-based intrusion detection system?

Options:

A.

it may truly detect a non-attack event that had caused a momentary anomaly in the system.

B.

it may falsely detect a non-attack event that had caused a momentary anomaly in the system.

C.

it may correctly detect a non-attack event that had caused a momentary anomaly in the system.

D.

it may loosely detect a non-attack event that had caused a momentary anomaly in the system.

Buy Now
Questions 116

What IDS approach relies on a database of known attacks?

Options:

A.

Signature-based intrusion detection

B.

Statistical anomaly-based intrusion detection

C.

Behavior-based intrusion detection

D.

Network-based intrusion detection

Buy Now
Questions 117

Which of the following would NOT violate the Due Diligence concept?

Options:

A.

Security policy being outdated

B.

Data owners not laying out the foundation of data protection

C.

Network administrator not taking mandatory two-week vacation as planned

D.

Latest security patches for servers being installed as per the Patch Management process

Buy Now
Questions 118

The end result of implementing the principle of least privilege means which of the following?

Options:

A.

Users would get access to only the info for which they have a need to know

B.

Users can access all systems.

C.

Users get new privileges added when they change positions.

D.

Authorization creep.

Buy Now
Questions 119

Which access control model enables the OWNER of the resource to specify what subjects can access specific resources based on their identity?

Options:

A.

Discretionary Access Control

B.

Mandatory Access Control

C.

Sensitive Access Control

D.

Role-based Access Control

Buy Now
Questions 120

Why do buffer overflows happen? What is the main cause?

Options:

A.

Because buffers can only hold so much data

B.

Because of improper parameter checking within the application

C.

Because they are an easy weakness to exploit

D.

Because of insufficient system memory

Buy Now
Questions 121

Which of the following is NOT a system-sensing wireless proximity card?

Options:

A.

magnetically striped card

B.

passive device

C.

field-powered device

D.

transponder

Buy Now
Questions 122

Which of the following exemplifies proper separation of duties?

Options:

A.

Operators are not permitted modify the system time.

B.

Programmers are permitted to use the system console.

C.

Console operators are permitted to mount tapes and disks.

D.

Tape operators are permitted to use the system console.

Buy Now
Questions 123

The type of discretionary access control (DAC) that is based on an individual's identity is also called:

Options:

A.

Identity-based Access control

B.

Rule-based Access control

C.

Non-Discretionary Access Control

D.

Lattice-based Access control

Buy Now
Questions 124

Which type of password token involves time synchronization?

Options:

A.

Static password tokens

B.

Synchronous dynamic password tokens

C.

Asynchronous dynamic password tokens

D.

Challenge-response tokens

Buy Now
Questions 125

What is a common problem when using vibration detection devices for perimeter control?

Options:

A.

They are vulnerable to non-adversarial disturbances.

B.

They can be defeated by electronic means.

C.

Signal amplitude is affected by weather conditions.

D.

They must be buried below the frost line.

Buy Now
Questions 126

Physical security is accomplished through proper facility construction, fire and water protection, anti-theft mechanisms, intrusion detection systems, and security procedures that are adhered to and enforced. Which of the following is not a component that achieves this type of security?

Options:

A.

Administrative control mechanisms

B.

Integrity control mechanisms

C.

Technical control mechanisms

D.

Physical control mechanisms

Buy Now
Questions 127

Controls provide accountability for individuals who are accessing sensitive information. This accountability is accomplished:

Options:

A.

through access control mechanisms that require identification and authentication and through the audit function.

B.

through logical or technical controls involving the restriction of access to systems and the protection of information.

C.

through logical or technical controls but not involving the restriction of access to systems and the protection of information.

D.

through access control mechanisms that do not require identification and authentication and do not operate through the audit function.

Buy Now
Questions 128

What does the Clark-Wilson security model focus on?

Options:

A.

Confidentiality

B.

Integrity

C.

Accountability

D.

Availability

Buy Now
Questions 129

Which of the following floors would be most appropriate to locate information processing facilities in a 6-stories building?

Options:

A.

Basement

B.

Ground floor

C.

Third floor

D.

Sixth floor

Buy Now
Questions 130

Access Control techniques do not include which of the following?

Options:

A.

Rule-Based Access Controls

B.

Role-Based Access Control

C.

Mandatory Access Control

D.

Random Number Based Access Control

Buy Now
Questions 131

The number of violations that will be accepted or forgiven before a violation record is produced is called which of the following?

Options:

A.

clipping level

B.

acceptance level

C.

forgiveness level

D.

logging level

Buy Now
Questions 132

Which of the following protocols does not operate at the data link layer (layer 2)?

Options:

A.

PPP

B.

RARP

C.

L2F

D.

ICMP

Buy Now
Questions 133

Before the advent of classless addressing, the address 128.192.168.16 would have been considered part of:

Options:

A.

a class A network.

B.

a class B network.

C.

a class C network.

D.

a class D network.

Buy Now
Questions 134

Which ISO/OSI layer establishes the communications link between individual devices over a physical link or channel?

Options:

A.

Transport layer

B.

Network layer

C.

Data link layer

D.

Physical layer

Buy Now
Questions 135

Which xDSL flavour can deliver up to 52 Mbps downstream over a single copper twisted pair?

Options:

A.

VDSL

B.

SDSL

C.

HDSL

D.

ADSL

Buy Now
Questions 136

A Packet Filtering Firewall system is considered a:

Options:

A.

first generation firewall.

B.

second generation firewall.

C.

third generation firewall.

D.

fourth generation firewall.

Buy Now
Questions 137

Which of the following was designed to support multiple network types over the same serial link?

Options:

A.

Ethernet

B.

SLIP

C.

PPP

D.

PPTP

Buy Now
Questions 138

Remote Procedure Call (RPC) is a protocol that one program can use to request a service from a program located in another computer in a network. Within which OSI/ISO layer is RPC implemented?

Options:

A.

Session layer

B.

Transport layer

C.

Data link layer

D.

Network layer

Buy Now
Questions 139

Similar to Secure Shell (SSH-2), Secure Sockets Layer (SSL) uses symmetric encryption for encrypting the bulk of the data being sent over the session and it uses asymmetric or public key cryptography for:

Options:

A.

Peer Authentication

B.

Peer Identification

C.

Server Authentication

D.

Name Resolution

Buy Now
Questions 140

Which of the following should NOT normally be allowed through a firewall?

Options:

A.

SNMP

B.

SMTP

C.

HTTP

D.

SSH

Buy Now
Questions 141

Which of the following is the biggest concern with firewall security?

Options:

A.

Internal hackers

B.

Complex configuration rules leading to misconfiguration

C.

Buffer overflows

D.

Distributed denial of service (DDOS) attacks

Buy Now
Questions 142

A packet containing a long string of NOP's followed by a command is usually indicative of what?

Options:

A.

A syn scan.

B.

A half-port scan.

C.

A buffer overflow attack.

D.

A packet destined for the network's broadcast address.

Buy Now
Questions 143

Why does fiber optic communication technology have significant security advantage over other transmission technology?

Options:

A.

Higher data rates can be transmitted.

B.

Interception of data traffic is more difficult.

C.

Traffic analysis is prevented by multiplexing.

D.

Single and double-bit errors are correctable.

Buy Now
Questions 144

Which of the following networking devices allows the connection of two or more homogeneous LANs in a simple way where they forward the traffic based on the MAC address ?

Options:

A.

Gateways

B.

Routers

C.

Bridges

D.

Firewalls

Buy Now
Questions 145

A proxy can control which services (FTP and so on) are used by a workstation , and also aids in protecting the network from outsiders who may be trying to get information about the:

Options:

A.

network's design

B.

user base

C.

operating system design

D.

net BIOS' design

Buy Now
Questions 146

Which one of the following is used to provide authentication and confidentiality for e-mail messages?

Options:

A.

Digital signature

B.

PGP

C.

IPSEC AH

D.

MD4

Buy Now
Questions 147

Which of the following is the primary reason why a user would choose a dial-up modem connection to the Internet when they have a faster, secure Internet connection through the organization's network?

Options:

A.

To access web sites that blocked by the organization's proxy server.

B.

To set up public services using the organization's resources.

C.

To check their personal e-mail.

D.

To circumvent the organization's security policy.

Buy Now
Questions 148

In a SSL session between a client and a server, who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session?

Options:

A.

Both client and server

B.

The client's browser

C.

The web server

D.

The merchant's Certificate Server

Buy Now
Questions 149

Which of the following category of UTP cables is specified to be able to handle gigabit Ethernet (1 Gbps) according to the EIA/TIA-568-B standards?

Options:

A.

Category 5e UTP

B.

Category 2 UTP

C.

Category 3 UTP

D.

Category 1e UTP

Buy Now
Exam Code: SSCP
Exam Name: Systems Security Certified Practitioner
Last Update: Feb 27, 2024
Questions: 1074
$64  $159.99
$48  $119.99
$40  $99.99
buy now SSCP