Weekend Sale - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 65percent

Welcome To DumpsPedia

SSCP Sample Questions Answers

Questions 4

Of the following, which is NOT a specific loss criteria that should be considered while developing a BIA?

Options:

A.

Loss of skilled workers knowledge

B.

Loss in revenue

C.

Loss in profits

D.

Loss in reputation

Buy Now
Questions 5

The IP header contains a protocol field. If this field contains the value of 51, what type of data is contained within the ip datagram?

Options:

A.

Transmission Control Protocol (TCP)

B.

Authentication Header (AH)

C.

User datagram protocol (UDP)

D.

Internet Control Message Protocol (ICMP)

Buy Now
Questions 6

Which of the following tools is less likely to be used by a hacker?

Options:

A.

l0phtcrack

B.

Tripwire

C.

OphCrack

D.

John the Ripper

Buy Now
Questions 7

Which of the following would NOT violate the Due Diligence concept?

Options:

A.

Security policy being outdated

B.

Data owners not laying out the foundation of data protection

C.

Network administrator not taking mandatory two-week vacation as planned

D.

Latest security patches for servers being installed as per the Patch Management process

Buy Now
Questions 8

Which of the following is NOT a fundamental component of an alarm in an intrusion detection system?

Options:

A.

Communications

B.

Enunciator

C.

Sensor

D.

Response

Buy Now
Questions 9

Which of the following questions are least likely to help in assessing controls covering audit trails?

Options:

A.

Does the audit trail provide a trace of user actions?

B.

Are incidents monitored and tracked until resolved?

C.

Is access to online logs strictly controlled?

D.

Is there separation of duties between security personnel who administer the access control function and those who administer the audit trail?

Buy Now
Questions 10

The fact that a network-based IDS reviews packets payload and headers enable which of the following?

Options:

A.

Detection of denial of service

B.

Detection of all viruses

C.

Detection of data corruption

D.

Detection of all password guessing attacks

Buy Now
Questions 11

How often should a Business Continuity Plan be reviewed?

Options:

A.

At least once a month

B.

At least every six months

C.

At least once a year

D.

At least Quarterly

Buy Now
Questions 12

Who should measure the effectiveness of Information System security related controls in an organization?

Options:

A.

The local security specialist

B.

The business manager

C.

The systems auditor

D.

The central security manager

Buy Now
Questions 13

Why would anomaly detection IDSs often generate a large number of false positives?

Options:

A.

Because they can only identify correctly attacks they already know about.

B.

Because they are application-based are more subject to attacks.

C.

Because they can't identify abnormal behavior.

D.

Because normal patterns of user and system behavior can vary wildly.

Buy Now
Questions 14

Which one of the following statements about the advantages and disadvantages of network-based Intrusion detection systems is true

Options:

A.

Network-based IDSs are not vulnerable to attacks.

B.

Network-based IDSs are well suited for modern switch-based networks.

C.

Most network-based IDSs can automatically indicate whether or not an attack was successful.

D.

The deployment of network-based IDSs has little impact upon an existing network.

Buy Now
Questions 15

The viewing of recorded events after the fact using a closed-circuit TV camera is considered a

Options:

A.

Preventative control.

B.

Detective control

C.

Compensating control

D.

Corrective control

Buy Now
Questions 16

What is RAD?

Options:

A.

A development methodology

B.

A project management technique

C.

A measure of system complexity

D.

Risk-assessment diagramming

Buy Now
Questions 17

What is the appropriate role of the security analyst in the application system development or acquisition project?

Options:

A.

policeman

B.

control evaluator & consultant

C.

data owner

D.

application user

Buy Now
Questions 18

Which of the following statements pertaining to quantitative risk analysis is false?

Options:

A.

Portion of it can be automated

B.

It involves complex calculations

C.

It requires a high volume of information

D.

It requires little experience to apply

Buy Now
Questions 19

What would be the Annualized Rate of Occurrence (ARO) of the threat "user input error", in the case where a company employs 100 data entry clerks and every one of them makes one input error each month?

Options:

A.

100

B.

120

C.

1

D.

1200

Buy Now
Questions 20

Which protocol is NOT implemented in the Network layer of the OSI Protocol Stack?

Options:

A.

hyper text transport protocol

B.

Open Shortest Path First

C.

Internet Protocol

D.

Routing Information Protocol

Buy Now
Questions 21

Which of the following statements pertaining to ethical hacking is incorrect?

Options:

A.

An organization should use ethical hackers who do not sell auditing, hardware, software, firewall, hosting, and/or networking services.

B.

Testing should be done remotely to simulate external threats.

C.

Ethical hacking should not involve writing to or modifying the target systems negatively.

D.

Ethical hackers never use tools that have the potential of affecting servers or services.

Buy Now
Questions 22

Which of the following access control techniques best gives the security officers the ability to specify and enforce enterprise-specific security policies in a way that maps naturally to an organization's structure?

Options:

A.

Access control lists

B.

Discretionary access control

C.

Role-based access control

D.

Non-mandatory access control

Buy Now
Questions 23

Which of the following can be defined as a framework that supports multiple, optional authentication mechanisms for PPP, including cleartext passwords, challenge-response, and arbitrary dialog sequences?

Options:

A.

Extensible Authentication Protocol

B.

Challenge Handshake Authentication Protocol

C.

Remote Authentication Dial-In User Service

D.

Multilevel Authentication Protocol.

Buy Now
Questions 24

In an online transaction processing system (OLTP), which of the following actions should be taken when erroneous or invalid transactions are detected?

Options:

A.

The transactions should be dropped from processing.

B.

The transactions should be processed after the program makes adjustments.

C.

The transactions should be written to a report and reviewed.

D.

The transactions should be corrected and reprocessed.

Buy Now
Questions 25

Which of the following Intrusion Detection Systems (IDS) uses a database of attacks, known system vulnerabilities, monitoring current attempts to exploit those vulnerabilities, and then triggers an alarm if an attempt is found?

Options:

A.

Knowledge-Based ID System

B.

Application-Based ID System

C.

Host-Based ID System

D.

Network-Based ID System

Buy Now
Questions 26

Which of the following is most likely to be useful in detecting intrusions?

Options:

A.

Access control lists

B.

Security labels

C.

Audit trails

D.

Information security policies

Buy Now
Questions 27

If an organization were to monitor their employees' e-mail, it should not:

Options:

A.

Monitor only a limited number of employees.

B.

Inform all employees that e-mail is being monitored.

C.

Explain who can read the e-mail and how long it is backed up.

D.

Explain what is considered an acceptable use of the e-mail system.

Buy Now
Questions 28

Which of the following usually provides reliable, real-time information without consuming network or host resources?

Options:

A.

network-based IDS

B.

host-based IDS

C.

application-based IDS

D.

firewall-based IDS

Buy Now
Questions 29

Network-based Intrusion Detection systems:

Options:

A.

Commonly reside on a discrete network segment and monitor the traffic on that network segment.

B.

Commonly will not reside on a discrete network segment and monitor the traffic on that network segment.

C.

Commonly reside on a discrete network segment and does not monitor the traffic on that network segment.

D.

Commonly reside on a host and and monitor the traffic on that specific host.

Buy Now
Questions 30

Which of the following is an issue with signature-based intrusion detection systems?

Options:

A.

Only previously identified attack signatures are detected.

B.

Signature databases must be augmented with inferential elements.

C.

It runs only on the windows operating system

D.

Hackers can circumvent signature evaluations.

Buy Now
Questions 31

Which of the following is NOT a valid reason to use external penetration service firms rather than corporate resources?

Options:

A.

They are more cost-effective

B.

They offer a lack of corporate bias

C.

They use highly talented ex-hackers

D.

They ensure a more complete reporting

Buy Now
Questions 32

Which of the following would assist the most in Host Based intrusion detection?

Options:

A.

audit trails.

B.

access control lists.

C.

security clearances

D.

host-based authentication

Buy Now
Questions 33

Attributable data should be:

Options:

A.

always traced to individuals responsible for observing and recording the data

B.

sometimes traced to individuals responsible for observing and recording the data

C.

never traced to individuals responsible for observing and recording the data

D.

often traced to individuals responsible for observing and recording the data

Buy Now
Questions 34

Which of the following was not designed to be a proprietary encryption algorithm?

Options:

A.

RC2

B.

RC4

C.

Blowfish

D.

Skipjack

Buy Now
Questions 35

This type of backup management provides a continuous on-line backup by using optical or tape "jukeboxes," similar to WORMs (Write Once, Read Many):

Options:

A.

Hierarchical Storage Management (HSM).

B.

Hierarchical Resource Management (HRM).

C.

Hierarchical Access Management (HAM).

D.

Hierarchical Instance Management (HIM).

Buy Now
Questions 36

Who can best decide what are the adequate technical security controls in a computer-based application system in regards to the protection of the data being used, the criticality of the data, and it's sensitivity level ?

Options:

A.

System Auditor

B.

Data or Information Owner

C.

System Manager

D.

Data or Information user

Buy Now
Questions 37

Which of the following is NOT a type of motion detector?

Options:

A.

Photoelectric sensor

B.

Passive infrared sensors

C.

Microwave Sensor.

D.

Ultrasonic Sensor.

Buy Now
Questions 38

Which of the following is not a preventive operational control?

Options:

A.

Protecting laptops, personal computers and workstations.

B.

Controlling software viruses.

C.

Controlling data media access and disposal.

D.

Conducting security awareness and technical training.

Buy Now
Questions 39

When two or more separate entities (usually persons) operating in concert to protect sensitive functions or information must combine their knowledge to gain access to an asset, this is known as?

Options:

A.

Dual Control

B.

Need to know

C.

Separation of duties

D.

Segragation of duties

Buy Now
Questions 40

Which of the following would best classify as a management control?

Options:

A.

Review of security controls

B.

Personnel security

C.

Physical and environmental protection

D.

Documentation

Buy Now
Questions 41

Which of the following is NOT an example of an operational control?

Options:

A.

backup and recovery

B.

Auditing

C.

contingency planning

D.

operations procedures

Buy Now
Questions 42

When a biometric system is used, which error type deals with the possibility of GRANTING access to impostors who should be REJECTED?

Options:

A.

Type I error

B.

Type II error

C.

Type III error

D.

Crossover error

Buy Now
Questions 43

Which of the following statements pertaining to RADIUS is incorrect:

Options:

A.

A RADIUS server can act as a proxy server, forwarding client requests to other authentication domains.

B.

Most of RADIUS clients have a capability to query secondary RADIUS servers for redundancy.

C.

Most RADIUS servers have built-in database connectivity for billing and reporting purposes.

D.

Most RADIUS servers can work with DIAMETER servers.

Buy Now
Questions 44

Which of the following is not a two-factor authentication mechanism?

Options:

A.

Something you have and something you know.

B.

Something you do and a password.

C.

A smartcard and something you are.

D.

Something you know and a password.

Buy Now
Questions 45

Which of the following is implemented through scripts or smart agents that replays the users multiple log-ins against authentication servers to verify a user's identity which permit access to system services?

Options:

A.

Single Sign-On

B.

Dynamic Sign-On

C.

Smart cards

D.

Kerberos

Buy Now
Questions 46

Who first described the DoD multilevel military security policy in abstract, formal terms?

Options:

A.

David Bell and Leonard LaPadula

B.

Rivest, Shamir and Adleman

C.

Whitfield Diffie and Martin Hellman

D.

David Clark and David Wilson

Buy Now
Questions 47

Kerberos depends upon what encryption method?

Options:

A.

Public Key cryptography.

B.

Secret Key cryptography.

C.

El Gamal cryptography.

D.

Blowfish cryptography.

Buy Now
Questions 48

Which of the following encryption algorithms does not deal with discrete logarithms?

Options:

A.

El Gamal

B.

Diffie-Hellman

C.

RSA

D.

Elliptic Curve

Buy Now
Questions 49

In the Bell-LaPadula model, the Star-property is also called:

Options:

A.

The simple security property

B.

The confidentiality property

C.

The confinement property

D.

The tranquility property

Buy Now
Questions 50

What can best be described as an abstract machine which must mediate all access to subjects to objects?

Options:

A.

A security domain

B.

The reference monitor

C.

The security kernel

D.

The security perimeter

Buy Now
Questions 51

The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system is referred to as?

Options:

A.

Confidentiality

B.

Availability

C.

Integrity

D.

Reliability

Buy Now
Questions 52

Which of the following is BEST defined as a physical control?

Options:

A.

Monitoring of system activity

B.

Fencing

C.

Identification and authentication methods

D.

Logical access control mechanisms

Buy Now
Questions 53

Which of the following phases of a software development life cycle normally incorporates the security specifications, determines access controls, and evaluates encryption options?

Options:

A.

Detailed design

B.

Implementation

C.

Product design

D.

Software plans and requirements

Buy Now
Questions 54

According to private sector data classification levels, how would salary levels and medical information be classified?

Options:

A.

Public.

B.

Internal Use Only.

C.

Restricted.

D.

Confidential.

Buy Now
Questions 55

What can be described as an imaginary line that separates the trusted components of the TCB from those elements that are NOT trusted?

Options:

A.

The security kernel

B.

The reference monitor

C.

The security perimeter

D.

The reference perimeter

Buy Now
Questions 56

What is called the formal acceptance of the adequacy of a system's overall security by the management?

Options:

A.

Certification

B.

Acceptance

C.

Accreditation

D.

Evaluation

Buy Now
Questions 57

Which of the following would best describe the difference between white-box testing and black-box testing?

Options:

A.

White-box testing is performed by an independent programmer team.

B.

Black-box testing uses the bottom-up approach.

C.

White-box testing examines the program internal logical structure.

D.

Black-box testing involves the business units

Buy Now
Questions 58

Which of the following exemplifies proper separation of duties?

Options:

A.

Operators are not permitted modify the system time.

B.

Programmers are permitted to use the system console.

C.

Console operators are permitted to mount tapes and disks.

D.

Tape operators are permitted to use the system console.

Buy Now
Questions 59

Which of the following statements pertaining to a security policy is incorrect?

Options:

A.

Its main purpose is to inform the users, administrators and managers of their obligatory requirements for protecting technology and information assets.

B.

It specifies how hardware and software should be used throughout the organization.

C.

It needs to have the acceptance and support of all levels of employees within the organization in order for it to be appropriate and effective.

D.

It must be flexible to the changing environment.

Buy Now
Questions 60

Which of the following is best defined as a circumstance in which a collection of information items is required to be classified at a higher security level than any of the individual items that comprise it?

Options:

A.

Aggregation

B.

Inference

C.

Clustering

D.

Collision

Buy Now
Questions 61

Which software development model is actually a meta-model that incorporates a number of the software development models?

Options:

A.

The Waterfall model

B.

The modified Waterfall model

C.

The Spiral model

D.

The Critical Path Model (CPM)

Buy Now
Questions 62

Which of the following is best defined as a mode of system termination that automatically leaves system processes and components in a secure state when a failure occurs or is detected in a system?

Options:

A.

Fail proof

B.

Fail soft

C.

Fail safe

D.

Fail Over

Buy Now
Questions 63

Which of the following statements pertaining to the security kernel is incorrect?

Options:

A.

The security kernel is made up of mechanisms that fall under the TCB and implements and enforces the reference monitor concept.

B.

The security kernel must provide isolation for the processes carrying out the reference monitor concept and they must be tamperproof.

C.

The security kernel must be small enough to be able to be tested and verified in a complete and comprehensive manner.

D.

The security kernel is an access control concept, not an actual physical component.

Buy Now
Questions 64

Whose role is it to assign classification level to information?

Options:

A.

Security Administrator

B.

User

C.

Owner

D.

Auditor

Buy Now
Questions 65

What can best be defined as high-level statements, beliefs, goals and objectives?

Options:

A.

Standards

B.

Policies

C.

Guidelines

D.

Procedures

Buy Now
Questions 66

Who is ultimately responsible for the security of computer based information systems within an organization?

Options:

A.

The tech support team

B.

The Operation Team.

C.

The management team.

D.

The training team.

Buy Now
Questions 67

Which of the following security modes of operation involves the highest risk?

Options:

A.

Compartmented Security Mode

B.

Multilevel Security Mode

C.

System-High Security Mode

D.

Dedicated Security Mode

Buy Now
Questions 68

Who is responsible for initiating corrective measures and capabilities used when there are security violations?

Options:

A.

Information systems auditor

B.

Security administrator

C.

Management

D.

Data owners

Buy Now
Questions 69

In what way could Java applets pose a security threat?

Options:

A.

Their transport can interrupt the secure distribution of World Wide Web pages over the Internet by removing SSL and S-HTTP

B.

Java interpreters do not provide the ability to limit system access that an applet could have on a client system.

C.

Executables from the Internet may attempt an intentional attack when they are downloaded on a client system.

D.

Java does not check the bytecode at runtime or provide other safety mechanisms for program isolation from the client system.

Buy Now
Questions 70

Crackers today are MOST often motivated by their desire to:

Options:

A.

Help the community in securing their networks.

B.

Seeing how far their skills will take them.

C.

Getting recognition for their actions.

D.

Gaining Money or Financial Gains.

Buy Now
Questions 71

Which of the following computer crime is MORE often associated with INSIDERS?

Options:

A.

IP spoofing

B.

Password sniffing

C.

Data diddling

D.

Denial of service (DOS)

Buy Now
Questions 72

Java is not:

Options:

A.

Object-oriented.

B.

Distributed.

C.

Architecture Specific.

D.

Multithreaded.

Buy Now
Questions 73

The high availability of multiple all-inclusive, easy-to-use hacking tools that do NOT require much technical knowledge has brought a growth in the number of which type of attackers?

Options:

A.

Black hats

B.

White hats

C.

Script kiddies

D.

Phreakers

Buy Now
Questions 74

What is malware that can spread itself over open network connections?

Options:

A.

Worm

B.

Rootkit

C.

Adware

D.

Logic Bomb

Buy Now
Questions 75

What best describes a scenario when an employee has been shaving off pennies from multiple accounts and depositing the funds into his own bank account?

Options:

A.

Data fiddling

B.

Data diddling

C.

Salami techniques

D.

Trojan horses

Buy Now
Questions 76

Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:

Options:

A.

Not possible

B.

Only possible with key recovery scheme of all user keys

C.

It is possible only if X509 Version 3 certificates are used

D.

It is possible only by "brute force" decryption

Buy Now
Questions 77

What do the ILOVEYOU and Melissa virus attacks have in common?

Options:

A.

They are both denial-of-service (DOS) attacks.

B.

They have nothing in common.

C.

They are both masquerading attacks.

D.

They are both social engineering attacks.

Buy Now
Questions 78

Which of the following technologies is a target of XSS or CSS (Cross-Site Scripting) attacks?

Options:

A.

Web Applications

B.

Intrusion Detection Systems

C.

Firewalls

D.

DNS Servers

Buy Now
Questions 79

Which of the following protocols' primary function is to send messages between network devices regarding the health of the network?

Options:

A.

Reverse Address Resolution Protocol (RARP).

B.

Address Resolution Protocol (ARP).

C.

Internet Protocol (IP).

D.

Internet Control Message protocol (ICMP).

Buy Now
Questions 80

Which virus category has the capability of changing its own code, making it harder to detect by anti-virus software?

Options:

A.

Stealth viruses

B.

Polymorphic viruses

C.

Trojan horses

D.

Logic bombs

Buy Now
Questions 81

Which of the following virus types changes some of its characteristics as it spreads?

Options:

A.

Boot Sector

B.

Parasitic

C.

Stealth

D.

Polymorphic

Buy Now
Questions 82

In computing what is the name of a non-self-replicating type of malware program containing malicious code that appears to have some useful purpose but also contains code that has a malicious or harmful purpose imbedded in it, when executed, carries out actions that are unknown to the person installing it, typically causing loss or theft of data, and possible system harm.

Options:

A.

virus

B.

worm

C.

Trojan horse.

D.

trapdoor

Buy Now
Questions 83

What is a packet sniffer?

Options:

A.

It tracks network connections to off-site locations.

B.

It monitors network traffic for illegal packets.

C.

It scans network segments for cabling faults.

D.

It captures network traffic for later analysis.

Buy Now
Questions 84

Which layer of the DoD TCP/IP model controls the communication flow between hosts?

Options:

A.

Internet layer

B.

Host-to-host transport layer

C.

Application layer

D.

Network access layer

Buy Now
Questions 85

The Logical Link Control sub-layer is a part of which of the following?

Options:

A.

The ISO/OSI Data Link layer

B.

The Reference monitor

C.

The Transport layer of the TCP/IP stack model

D.

Change management control

Buy Now
Questions 86

Which of the following elements of telecommunications is not used in assuring confidentiality?

Options:

A.

Network security protocols

B.

Network authentication services

C.

Data encryption services

D.

Passwords

Buy Now
Questions 87

A common way to create fault tolerance with leased lines is to group several T1s together with an inverse multiplexer placed:

Options:

A.

at one end of the connection.

B.

at both ends of the connection.

C.

somewhere between both end points.

D.

in the middle of the connection.

Buy Now
Questions 88

At which layer of ISO/OSI does the fiber optics work?

Options:

A.

Network layer

B.

Transport layer

C.

Data link layer

D.

Physical layer

Buy Now
Questions 89

What is the framing specification used for transmitting digital signals at 1.544 Mbps on a T1 facility?

Options:

A.

DS-0

B.

DS-1

C.

DS-2

D.

DS-3

Buy Now
Questions 90

Which of the following would be used to detect and correct errors so that integrity and confidentiality of transactions over networks may be maintained while preventing unauthorize interception of the traffic?

Options:

A.

Information security

B.

Server security

C.

Client security

D.

Communications security

Buy Now
Questions 91

Which of the following best defines source routing?

Options:

A.

The packets hold the forwarding information so they don't need to let bridges and routers decide what is the best route or way to get to the destination.

B.

The packets hold source information in a fashion that source address cannot be forged.

C.

The packets are encapsulated to conceal source information.

D.

The packets hold information about redundant paths in order to provide a higher reliability.

Buy Now
Questions 92

Which of the following was designed to support multiple network types over the same serial link?

Options:

A.

Ethernet

B.

SLIP

C.

PPP

D.

PPTP

Buy Now
Questions 93

Which of the following statements pertaining to Asynchronous Transfer Mode (ATM) is false?

Options:

A.

It can be used for voice

B.

it can be used for data

C.

It carries various sizes of packets

D.

It can be used for video

Buy Now
Questions 94

Within the OSI model, at what layer are some of the SLIP, CSLIP, PPP control functions provided?

Options:

A.

Data Link

B.

Transport

C.

Presentation

D.

Application

Buy Now
Questions 95

What is the maximum length of cable that can be used for a twisted-pair, Category 5 10Base-T cable?

Options:

A.

80 meters

B.

100 meters

C.

185 meters

D.

500 meters

Buy Now
Questions 96

Which of the following statements pertaining to VPN protocol standards is false?

Options:

A.

L2TP is a combination of PPTP and L2F.

B.

L2TP and PPTP were designed for single point-to-point client to server communication.

C.

L2TP operates at the network layer.

D.

PPTP uses native PPP authentication and encryption services.

Buy Now
Questions 97

What type of attack involves IP spoofing, ICMP ECHO and a bounce site?

Options:

A.

IP spoofing attack

B.

Teardrop attack

C.

SYN attack

D.

Smurf attack

Buy Now
Questions 98

Which of the following is less likely to be used today in creating a Virtual Private Network?

Options:

A.

L2TP

B.

PPTP

C.

IPSec

D.

L2F

Buy Now
Questions 99

In which layer of the OSI Model are connection-oriented protocols located in the TCP/IP suite of protocols?

Options:

A.

Transport layer

B.

Application layer

C.

Physical layer

D.

Network layer

Buy Now
Questions 100

What is the primary difference between FTP and TFTP?

Options:

A.

Speed of negotiation

B.

Authentication

C.

Ability to automate

D.

TFTP is used to transfer configuration files to and from network equipment.

Buy Now
Questions 101

Which of the following is a LAN transmission method?

Options:

A.

Broadcast

B.

Carrier-sense multiple access with collision detection (CSMA/CD)

C.

Token ring

D.

Fiber Distributed Data Interface (FDDI)

Buy Now
Questions 102

What is the proper term to refer to a single unit of Ethernet data at the link layer of the DoD TCP model ?

Options:

A.

Ethernet Segment.

B.

Ethernet Datagram.

C.

Ethernet Frame.

D.

Ethernet Packet.

Buy Now
Questions 103

Which layer of the OSI/ISO model handles physical addressing, network topology, line discipline, error notification, orderly delivery of frames, and optional flow control?

Options:

A.

Physical

B.

Data link

C.

Network

D.

Session

Buy Now
Questions 104

Similar to Secure Shell (SSH-2), Secure Sockets Layer (SSL) uses symmetric encryption for encrypting the bulk of the data being sent over the session and it uses asymmetric or public key cryptography for:

Options:

A.

Peer Authentication

B.

Peer Identification

C.

Server Authentication

D.

Name Resolution

Buy Now
Questions 105

What attack involves the perpetrator sending spoofed packet(s) wich contains the same destination and source IP address as the remote host, the same port for the source and destination, having the SYN flag, and targeting any open ports that are open on the remote host?

Options:

A.

Boink attack

B.

Land attack

C.

Teardrop attack

D.

Smurf attack

Buy Now
Questions 106

Proxies works by transferring a copy of each accepted data packet from one network to another, thereby masking the:

Options:

A.

data's payload

B.

data's details

C.

data's owner

D.

data's origin

Buy Now
Questions 107

Which OSI/ISO layer is the Media Access Control (MAC) sublayer part of?

Options:

A.

Transport layer

B.

Network layer

C.

Data link layer

D.

Physical layer

Buy Now
Questions 108

Which Network Address Translation (NAT) is the most convenient and secure solution?

Options:

A.

Hiding Network Address Translation

B.

Port Address Translation

C.

Dedicated Address Translation

D.

Static Address Translation

Buy Now
Questions 109

Which of the following OSI layers provides routing and related services?

Options:

A.

Network Layer

B.

Presentation Layer

C.

Session Layer

D.

Physical Layer

Buy Now
Questions 110

Why are coaxial cables called "coaxial"?

Options:

A.

it includes two physical channels that carries the signal surrounded (after a layer of insulation) by another concentric physical channel, both running along the same axis.

B.

it includes one physical channel that carries the signal surrounded (after a layer of insulation) by another concentric physical channel, both running along the same axis

C.

it includes two physical channels that carries the signal surrounded (after a layer of insulation) by another two concentric physical channels, both running along the same axis.

D.

it includes one physical channel that carries the signal surrounded (after a layer of insulation) by another concentric physical channel, both running perpendicular and along the different axis

Buy Now
Questions 111

In the days before CIDR (Classless Internet Domain Routing), networks were commonly organized by classes. Which of the following would have been true of a Class B network?

Options:

A.

The first bit of the IP address would be set to zero.

B.

The first bit of the IP address would be set to one and the second bit set to zero.

C.

The first two bits of the IP address would be set to one, and the third bit set to zero.

D.

The first three bits of the IP address would be set to one.

Buy Now
Questions 112

Which of the following countermeasures would be the most appropriate to prevent possible intrusion or damage from wardialing attacks?

Options:

A.

Monitoring and auditing for such activity

B.

Require user authentication

C.

Making sure only necessary phone numbers are made public

D.

Using completely different numbers for voice and data accesses

Buy Now
Questions 113

In this type of attack, the intruder re-routes data traffic from a network device to a personal machine. This diversion allows an attacker to gain access to critical resources and user credentials, such as passwords, and to gain unauthorized access to critical systems of an organization. Pick the best choice below.

Options:

A.

Network Address Translation

B.

Network Address Hijacking

C.

Network Address Supernetting

D.

Network Address Sniffing

Buy Now
Questions 114

What is the primary reason why some sites choose not to implement Trivial File Transfer Protocol (TFTP)?

Options:

A.

It is too complex to manage user access restrictions under TFTP

B.

Due to the inherent security risks

C.

It does not offer high level encryption like FTP

D.

It cannot support the Lightwight Directory Access Protocol (LDAP)

Buy Now
Questions 115

Secure Electronic Transaction (SET) and Secure HTTP (S-HTTP) operate at which layer of the OSI model?

Options:

A.

Application Layer.

B.

Transport Layer.

C.

Session Layer.

D.

Network Layer.

Buy Now
Questions 116

Which of the following layers provides end-to-end data transfer service?

Options:

A.

Network Layer.

B.

Data Link Layer.

C.

Transport Layer.

D.

Presentation Layer.

Buy Now
Questions 117

Which of the following is an IP address that is private (i.e. reserved for internal networks, and not a valid address to use on the Internet)?

Options:

A.

172.12.42.5

B.

172.140.42.5

C.

172.31.42.5

D.

172.15.42.5

Buy Now
Questions 118

A proxy is considered a:

Options:

A.

first generation firewall.

B.

third generation firewall.

C.

second generation firewall.

D.

fourth generation firewall.

Buy Now
Questions 119

Which SSL version offers client-side authentication?

Options:

A.

SSL v1

B.

SSL v2

C.

SSL v3

D.

SSL v4

Buy Now
Questions 120

Which one of the following is usually not a benefit resulting from the use of firewalls?

Options:

A.

reduces the risks of external threats from malicious hackers.

B.

prevents the spread of viruses.

C.

reduces the threat level on internal system.

D.

allows centralized management and control of services.

Buy Now
Questions 121

Which of the following can best eliminate dial-up access through a Remote Access Server as a hacking vector?

Options:

A.

Using a TACACS+ server.

B.

Installing the Remote Access Server outside the firewall and forcing legitimate users to authenticate to the firewall.

C.

Setting modem ring count to at least 5.

D.

Only attaching modems to non-networked hosts.

Buy Now
Questions 122

The concept of best effort delivery is best associated with?

Options:

A.

TCP

B.

HTTP

C.

RSVP

D.

IP

Buy Now
Questions 123

What is a decrease in amplitude as a signal propagates along a transmission medium best known as?

Options:

A.

Crosstalk

B.

Noise

C.

Delay distortion

D.

Attenuation

Buy Now
Questions 124

ICMP and IGMP belong to which layer of the OSI model?

Options:

A.

Datagram Layer.

B.

Network Layer.

C.

Transport Layer.

D.

Data Link Layer.

Buy Now
Questions 125

How long are IPv4 addresses?

Options:

A.

32 bits long.

B.

64 bits long.

C.

128 bits long.

D.

16 bits long.

Buy Now
Questions 126

Which of the following prevents, detects, and corrects errors so that the integrity, availability, and confidentiality of transactions over networks may be maintained?

Options:

A.

Communications security management and techniques

B.

Information security management and techniques

C.

Client security management and techniques

D.

Server security management and techniques

Buy Now
Questions 127

Encapsulating Security Payload (ESP) provides some of the services of Authentication Headers (AH), but it is primarily designed to provide:

Options:

A.

Confidentiality

B.

Cryptography

C.

Digital signatures

D.

Access Control

Buy Now
Questions 128

Controls provide accountability for individuals who are accessing sensitive information. This accountability is accomplished:

Options:

A.

through access control mechanisms that require identification and authentication and through the audit function.

B.

through logical or technical controls involving the restriction of access to systems and the protection of information.

C.

through logical or technical controls but not involving the restriction of access to systems and the protection of information.

D.

through access control mechanisms that do not require identification and authentication and do not operate through the audit function.

Buy Now
Questions 129

Which backup method is used if backup time is critical and tape space is at an extreme premium?

Options:

A.

Incremental backup method.

B.

Differential backup method.

C.

Full backup method.

D.

Tape backup method.

Buy Now
Questions 130

Which of the following tape formats can be used to backup data systems in addition to its original intended audio uses?

Options:

A.

Digital Video Tape (DVT).

B.

Digital Analog Tape (DAT).

C.

Digital Voice Tape (DVT).

D.

Digital Audio Tape (DAT).

Buy Now
Questions 131

A timely review of system access audit records would be an example of which of the basic security functions?

Options:

A.

avoidance

B.

deterrence

C.

prevention

D.

detection

Buy Now
Questions 132

Which conceptual approach to intrusion detection system is the most common?

Options:

A.

Behavior-based intrusion detection

B.

Knowledge-based intrusion detection

C.

Statistical anomaly-based intrusion detection

D.

Host-based intrusion detection

Buy Now
Questions 133

What is the primary goal of setting up a honeypot?

Options:

A.

To lure hackers into attacking unused systems

B.

To entrap and track down possible hackers

C.

To set up a sacrificial lamb on the network

D.

To know when certain types of attacks are in progress and to learn about attack techniques so the network can be fortified.

Buy Now
Questions 134

Which of the following questions is less likely to help in assessing physical access controls?

Options:

A.

Does management regularly review the list of persons with physical access to sensitive facilities?

B.

Is the operating system configured to prevent circumvention of the security software and application controls?

C.

Are keys or other access devices needed to enter the computer room and media library?

D.

Are visitors to sensitive areas signed in and escorted?

Buy Now
Questions 135

RADIUS incorporates which of the following services?

Options:

A.

Authentication server and PIN codes.

B.

Authentication of clients and static passwords generation.

C.

Authentication of clients and dynamic passwords generation.

D.

Authentication server as well as support for Static and Dynamic passwords.

Buy Now
Questions 136

Why should batch files and scripts be stored in a protected area?

Options:

A.

Because of the least privilege concept.

B.

Because they cannot be accessed by operators.

C.

Because they may contain credentials.

D.

Because of the need-to-know concept.

Buy Now
Questions 137

Which of the following access control models requires defining classification for objects?

Options:

A.

Role-based access control

B.

Discretionary access control

C.

Identity-based access control

D.

Mandatory access control

Buy Now
Questions 138

An access system that grants users only those rights necessary for them to perform their work is operating on which security principle?

Options:

A.

Discretionary Access

B.

Least Privilege

C.

Mandatory Access

D.

Separation of Duties

Buy Now
Questions 139

Password management falls into which control category?

Options:

A.

Compensating

B.

Detective

C.

Preventive

D.

Technical

Buy Now
Questions 140

A timely review of system access audit records would be an example of which of the basic security functions?

Options:

A.

avoidance.

B.

deterrence.

C.

prevention.

D.

detection.

Buy Now
Questions 141

In non-discretionary access control using Role Based Access Control (RBAC), a central authority determines what subjects can have access to certain objects based on the organizational security policy. The access controls may be based on:

Options:

A.

The societies role in the organization

B.

The individual's role in the organization

C.

The group-dynamics as they relate to the individual's role in the organization

D.

The group-dynamics as they relate to the master-slave role in the organization

Buy Now
Questions 142

Technical controls such as encryption and access control can be built into the operating system, be software applications, or can be supplemental hardware/software units. Such controls, also known as logical controls, represent which pairing?

Options:

A.

Preventive/Administrative Pairing

B.

Preventive/Technical Pairing

C.

Preventive/Physical Pairing

D.

Detective/Technical Pairing

Buy Now
Questions 143

When submitting a passphrase for authentication, the passphrase is converted into ...

Options:

A.

a virtual password by the system

B.

a new passphrase by the system

C.

a new passphrase by the encryption technology

D.

a real password by the system which can be used forever

Buy Now
Questions 144

The end result of implementing the principle of least privilege means which of the following?

Options:

A.

Users would get access to only the info for which they have a need to know

B.

Users can access all systems.

C.

Users get new privileges added when they change positions.

D.

Authorization creep.

Buy Now
Questions 145

Almost all types of detection permit a system's sensitivity to be increased or decreased during an inspection process. If the system's sensitivity is increased, such as in a biometric authentication system, the system becomes increasingly selective and has the possibility of generating:

Options:

A.

Lower False Rejection Rate (FRR)

B.

Higher False Rejection Rate (FRR)

C.

Higher False Acceptance Rate (FAR)

D.

It will not affect either FAR or FRR

Buy Now
Questions 146

Kerberos is vulnerable to replay in which of the following circumstances?

Options:

A.

When a private key is compromised within an allotted time window.

B.

When a public key is compromised within an allotted time window.

C.

When a ticket is compromised within an allotted time window.

D.

When the KSD is compromised within an allotted time window.

Buy Now
Questions 147

Access control is the collection of mechanisms that permits managers of a system to exercise a directing or restraining influence over the behavior, use, and content of a system. It does not permit management to:

Options:

A.

specify what users can do

B.

specify which resources they can access

C.

specify how to restrain hackers

D.

specify what operations they can perform on a system.

Buy Now
Questions 148

In the context of access control, locks, gates, guards are examples of which of the following?

Options:

A.

Administrative controls

B.

Technical controls

C.

Physical controls

D.

Logical controls

Buy Now
Questions 149

Smart cards are an example of which type of control?

Options:

A.

Detective control

B.

Administrative control

C.

Technical control

D.

Physical control

Buy Now
Questions 150

Which of the following is NOT true of the Kerberos protocol?

Options:

A.

Only a single login is required per session.

B.

The initial authentication steps are done using public key algorithm.

C.

The KDC is aware of all systems in the network and is trusted by all of them

D.

It performs mutual authentication

Buy Now
Questions 151

A potential problem related to the physical installation of the Iris Scanner in regards to the usage of the iris pattern within a biometric system is:

Options:

A.

concern that the laser beam may cause eye damage

B.

the iris pattern changes as a person grows older.

C.

there is a relatively high rate of false accepts.

D.

the optical unit must be positioned so that the sun does not shine into the aperture.

Buy Now
Questions 152

The Computer Security Policy Model the Orange Book is based on is which of the following?

Options:

A.

Bell-LaPadula

B.

Data Encryption Standard

C.

Kerberos

D.

Tempest

Buy Now
Questions 153

In Discretionary Access Control the subject has authority, within certain limitations,

Options:

A.

but he is not permitted to specify what objects can be accessible and so we need to get an independent third party to specify what objects can be accessible.

B.

to specify what objects can be accessible.

C.

to specify on a aggregate basis without understanding what objects can be accessible.

D.

to specify in full detail what objects can be accessible.

Buy Now
Questions 154

Which of the following is not a security goal for remote access?

Options:

A.

Reliable authentication of users and systems

B.

Protection of confidential data

C.

Easy to manage access control to systems and network resources

D.

Automated login for remote users

Buy Now
Questions 155

In biometric identification systems, at the beginning, it was soon apparent that truly positive identification could only be based on :

Options:

A.

sex of a person

B.

physical attributes of a person

C.

age of a person

D.

voice of a person

Buy Now
Questions 156

Which of the following biometric parameters are better suited for authentication use over a long period of time?

Options:

A.

Iris pattern

B.

Voice pattern

C.

Signature dynamics

D.

Retina pattern

Buy Now
Questions 157

The controls that usually require a human to evaluate the input from sensors or cameras to determine if a real threat exists are associated with:

Options:

A.

Preventive/physical

B.

Detective/technical

C.

Detective/physical

D.

Detective/administrative

Buy Now
Questions 158

When preparing a business continuity plan, who of the following is responsible for identifying and prioritizing time-critical systems?

Options:

A.

Executive management staff

B.

Senior business unit management

C.

BCP committee

D.

Functional business units

Buy Now
Questions 159

Which of the following elements is NOT included in a Public Key Infrastructure (PKI)?

Options:

A.

Timestamping

B.

Repository

C.

Certificate revocation

D.

Internet Key Exchange (IKE)

Buy Now
Questions 160

What are the three most important functions that Digital Signatures perform?

Options:

A.

Integrity, Confidentiality and Authorization

B.

Integrity, Authentication and Nonrepudiation

C.

Authorization, Authentication and Nonrepudiation

D.

Authorization, Detection and Accountability

Buy Now
Questions 161

The RSA Algorithm uses which mathematical concept as the basis of its encryption?

Options:

A.

Geometry

B.

16-round ciphers

C.

PI (3.14159...)

D.

Two large prime numbers

Buy Now
Questions 162

What is the length of an MD5 message digest?

Options:

A.

128 bits

B.

160 bits

C.

256 bits

D.

varies depending upon the message size.

Buy Now
Questions 163

The RSA algorithm is an example of what type of cryptography?

Options:

A.

Asymmetric Key.

B.

Symmetric Key.

C.

Secret Key.

D.

Private Key.

Buy Now
Questions 164

Which of the following statements pertaining to Secure Sockets Layer (SSL) is false?

Options:

A.

The SSL protocol was developed by Netscape to secure Internet client-server transactions.

B.

The SSL protocol's primary use is to authenticate the client to the server using public key cryptography and digital certificates.

C.

Web pages using the SSL protocol start with HTTPS

D.

SSL can be used with applications such as Telnet, FTP and email protocols.

Buy Now
Questions 165

Why do buffer overflows happen? What is the main cause?

Options:

A.

Because buffers can only hold so much data

B.

Because of improper parameter checking within the application

C.

Because they are an easy weakness to exploit

D.

Because of insufficient system memory

Buy Now
Questions 166

Which of the following division is defined in the TCSEC (Orange Book) as minimal protection?

Options:

A.

Division D

B.

Division C

C.

Division B

D.

Division A

Buy Now
Questions 167

What can be defined as a table of subjects and objects indicating what actions individual subjects can take upon individual objects?

Options:

A.

A capacity table

B.

An access control list

C.

An access control matrix

D.

A capability table

Buy Now
Questions 168

Which security model is based on the military classification of data and people with clearances?

Options:

A.

Brewer-Nash model

B.

Clark-Wilson model

C.

Bell-LaPadula model

D.

Biba model

Buy Now
Questions 169

This baseline sets certain thresholds for specific errors or mistakes allowed and the amount of these occurrences that can take place before it is considered suspicious?

Options:

A.

Checkpoint level

B.

Ceiling level

C.

Clipping level

D.

Threshold level

Buy Now
Questions 170

The throughput rate is the rate at which individuals, once enrolled, can be processed and identified or authenticated by a biometric system. Acceptable throughput rates are in the range of:

Options:

A.

100 subjects per minute.

B.

25 subjects per minute.

C.

10 subjects per minute.

D.

50 subjects per minute.

Buy Now
Questions 171

Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:

Options:

A.

Not possible

B.

Only possible with key recovery scheme of all user keys

C.

It is possible only if X509 Version 3 certificates are used

D.

It is possible only by "brute force" decryption

Buy Now
Questions 172

Which of the following ciphers is a subset on which the Vigenere polyalphabetic cipher was based on?

Options:

A.

Caesar

B.

The Jefferson disks

C.

Enigma

D.

SIGABA

Buy Now
Questions 173

Which of the following cryptographic attacks describes when the attacker has a copy of the plaintext and the corresponding ciphertext?

Options:

A.

known plaintext

B.

brute force

C.

ciphertext only

D.

chosen plaintext

Buy Now
Questions 174

The Diffie-Hellman algorithm is primarily used to provide which of the following?

Options:

A.

Confidentiality

B.

Key Agreement

C.

Integrity

D.

Non-repudiation

Buy Now
Questions 175

What is the primary role of smartcards in a PKI?

Options:

A.

Transparent renewal of user keys

B.

Easy distribution of the certificates between the users

C.

Fast hardware encryption of the raw data

D.

Tamper resistant, mobile storage and application of private keys of the users

Buy Now
Questions 176

In a SSL session between a client and a server, who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session?

Options:

A.

Both client and server

B.

The client's browser

C.

The web server

D.

The merchant's Certificate Server

Buy Now
Questions 177

Complete the blanks. When using PKI, I digitally sign a message using my ______ key. The recipient verifies my signature using my ______ key.

Options:

A.

Private / Public

B.

Public / Private

C.

Symmetric / Asymmetric

D.

Private / Symmetric

Buy Now
Questions 178

Which of the following is best provided by symmetric cryptography?

Options:

A.

Confidentiality

B.

Integrity

C.

Availability

D.

Non-repudiation

Buy Now
Questions 179

The number of violations that will be accepted or forgiven before a violation record is produced is called which of the following?

Options:

A.

clipping level

B.

acceptance level

C.

forgiveness level

D.

logging level

Buy Now
Questions 180

Sensitivity labels are an example of what application control type?

Options:

A.

Preventive security controls

B.

Detective security controls

C.

Compensating administrative controls

D.

Preventive accuracy controls

Buy Now
Questions 181

Which of the following describes the major disadvantage of many Single Sign-On (SSO) implementations?

Options:

A.

Once an individual obtains access to the system through the initial log-on, they have access to all resources within the environment that the account has access to.

B.

The initial logon process is cumbersome to discourage potential intruders.

C.

Once a user obtains access to the system through the initial log-on, they only need to logon to some applications.

D.

Once a user obtains access to the system through the initial log-on, he has to logout from all other systems

Buy Now
Questions 182

Which of the following Operation Security controls is intended to prevent unauthorized intruders from internally or externally accessing the system, and to lower the amount and impact of unintentional errors that are entering the system?

Options:

A.

Detective Controls

B.

Preventative Controls

C.

Corrective Controls

D.

Directive Controls

Buy Now
Questions 183

There are parallels between the trust models in Kerberos and Public Key Infrastructure (PKI). When we compare them side by side, Kerberos tickets correspond most closely to which of the following?

Options:

A.

public keys

B.

private keys

C.

public-key certificates

D.

private-key certificates

Buy Now
Questions 184

A central authority determines what subjects can have access to certain objects based on the organizational security policy is called:

Options:

A.

Mandatory Access Control

B.

Discretionary Access Control

C.

Non-Discretionary Access Control

D.

Rule-based Access control

Buy Now
Questions 185

What key size is used by the Clipper Chip?

Options:

A.

40 bits

B.

56 bits

C.

64 bits

D.

80 bits

Buy Now
Questions 186

What algorithm has been selected as the AES algorithm, replacing the DES algorithm?

Options:

A.

RC6

B.

Twofish

C.

Rijndael

D.

Blowfish

Buy Now
Questions 187

A public key algorithm that does both encryption and digital signature is which of the following?

Options:

A.

RSA

B.

DES

C.

IDEA

D.

Diffie-Hellman

Buy Now
Questions 188

The Secure Hash Algorithm (SHA-1) creates:

Options:

A.

a fixed length message digest from a fixed length input message

B.

a variable length message digest from a variable length input message

C.

a fixed length message digest from a variable length input message

D.

a variable length message digest from a fixed length input message

Buy Now
Questions 189

What is the maximum allowable key size of the Rijndael encryption algorithm?

Options:

A.

128 bits

B.

192 bits

C.

256 bits

D.

512 bits

Buy Now
Questions 190

The Data Encryption Standard (DES) encryption algorithm has which of the following characteristics?

Options:

A.

64 bits of data input results in 56 bits of encrypted output

B.

128 bit key with 8 bits used for parity

C.

64 bit blocks with a 64 bit total key length

D.

56 bits of data input results in 56 bits of encrypted output

Buy Now
Questions 191

Which of the following was developed in order to protect against fraud in electronic fund transfers (EFT) by ensuring the message comes from its claimed originator and that it has not been altered in transmission?

Options:

A.

Secure Electronic Transaction (SET)

B.

Message Authentication Code (MAC)

C.

Cyclic Redundancy Check (CRC)

D.

Secure Hash Standard (SHS)

Buy Now
Questions 192

What is the maximum key size for the RC5 algorithm?

Options:

A.

128 bits

B.

256 bits

C.

1024 bits

D.

2040 bits

Buy Now
Questions 193

Which of the following best describes signature-based detection?

Options:

A.

Compare source code, looking for events or sets of events that could cause damage to a system or network.

B.

Compare system activity for the behaviour patterns of new attacks.

C.

Compare system activity, looking for events or sets of events that match a predefined pattern of events that describe a known attack.

D.

Compare network nodes looking for objects or sets of objects that match a predefined pattern of objects that may describe a known attack.

Buy Now
Questions 194

A Security Kernel is defined as a strict implementation of a reference monitor mechanism responsible for enforcing a security policy. To be secure, the kernel must meet three basic conditions, what are they?

Options:

A.

Confidentiality, Integrity, and Availability

B.

Policy, mechanism, and assurance

C.

Isolation, layering, and abstraction

D.

Completeness, Isolation, and Verifiability

Buy Now
Questions 195

Which of the following describes a computer processing architecture in which a language compiler or pre-processor breaks program instructions down into basic operations that can be performed by the processor at the same time?

Options:

A.

Very-Long Instruction-Word Processor (VLIW)

B.

Complex-Instruction-Set-Computer (CISC)

C.

Reduced-Instruction-Set-Computer (RISC)

D.

Super Scalar Processor Architecture (SCPA)

Buy Now
Questions 196

Which of the following BEST explains why computerized information systems frequently fail to meet the needs of users?

Options:

A.

Inadequate quality assurance (QA) tools.

B.

Constantly changing user needs.

C.

Inadequate user participation in defining the system's requirements.

D.

Inadequate project management.

Buy Now
Questions 197

One of these statements about the key elements of a good configuration process is NOT true

Options:

A.

Accommodate the reuse of proven standards and best practices

B.

Ensure that all requirements remain clear, concise, and valid

C.

Control modifications to system hardware in order to prevent resource changes

D.

Ensure changes, standards, and requirements are communicated promptly and precisely

Buy Now
Questions 198

A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?

Options:

A.

Covert channel

B.

Overt channel

C.

Opened channel

D.

Closed channel

Buy Now
Questions 199

Step-by-step instructions used to satisfy control requirements is called a:

Options:

A.

policy

B.

standard

C.

guideline

D.

procedure

Buy Now
Questions 200

Which of the following best describes the purpose of debugging programs?

Options:

A.

To generate random data that can be used to test programs before implementing them.

B.

To ensure that program coding flaws are detected and corrected.

C.

To protect, during the programming phase, valid changes from being overwritten by other changes.

D.

To compare source code versions before transferring to the test environment

Buy Now
Questions 201

What can be defined as an abstract machine that mediates all access to objects by subjects to ensure that subjects have the necessary access rights and to protect objects from unauthorized access?

Options:

A.

The Reference Monitor

B.

The Security Kernel

C.

The Trusted Computing Base

D.

The Security Domain

Buy Now
Questions 202

What can best be defined as the sum of protection mechanisms inside the computer, including hardware, firmware and software?

Options:

A.

Trusted system

B.

Security kernel

C.

Trusted computing base

D.

Security perimeter

Buy Now
Questions 203

The session layer provides a logical persistent connection between peer hosts. Which of the following is one of the modes used in the session layer to establish this connection?

Options:

A.

Full duplex

B.

Synchronous

C.

Asynchronous

D.

Half simplex

Buy Now
Questions 204

Which of the following tools is NOT likely to be used by a hacker?

Options:

A.

Nessus

B.

Saint

C.

Tripwire

D.

Nmap

Buy Now
Questions 205

In what way can violation clipping levels assist in violation tracking and analysis?

Options:

A.

Clipping levels set a baseline for acceptable normal user errors, and violations exceeding that threshold will be recorded for analysis of why the violations occurred.

B.

Clipping levels enable a security administrator to customize the audit trail to record only those violations which are deemed to be security relevant.

C.

Clipping levels enable the security administrator to customize the audit trail to record only actions for users with access to user accounts with a privileged status.

D.

Clipping levels enable a security administrator to view all reductions in security levels which have been made to user accounts which have incurred violations.

Buy Now
Questions 206

What IDS approach relies on a database of known attacks?

Options:

A.

Signature-based intrusion detection

B.

Statistical anomaly-based intrusion detection

C.

Behavior-based intrusion detection

D.

Network-based intrusion detection

Buy Now
Questions 207

Who is responsible for providing reports to the senior management on the effectiveness of the security controls?

Options:

A.

Information systems security professionals

B.

Data owners

C.

Data custodians

D.

Information systems auditors

Buy Now
Questions 208

Attributes that characterize an attack are stored for reference using which of the following Intrusion Detection System (IDS) ?

Options:

A.

signature-based IDS

B.

statistical anomaly-based IDS

C.

event-based IDS

D.

inferent-based IDS

Buy Now
Questions 209

A host-based IDS is resident on which of the following?

Options:

A.

On each of the critical hosts

B.

decentralized hosts

C.

central hosts

D.

bastion hosts

Buy Now
Questions 210

A periodic review of user account management should not determine:

Options:

A.

Conformity with the concept of least privilege.

B.

Whether active accounts are still being used.

C.

Strength of user-chosen passwords.

D.

Whether management authorizations are up-to-date.

Buy Now
Questions 211

Which of the following are additional terms used to describe knowledge-based IDS and behavior-based IDS?

Options:

A.

signature-based IDS and statistical anomaly-based IDS, respectively

B.

signature-based IDS and dynamic anomaly-based IDS, respectively

C.

anomaly-based IDS and statistical-based IDS, respectively

D.

signature-based IDS and motion anomaly-based IDS, respectively.

Buy Now
Questions 212

What ensures that the control mechanisms correctly implement the security policy for the entire life cycle of an information system?

Options:

A.

Accountability controls

B.

Mandatory access controls

C.

Assurance procedures

D.

Administrative controls

Buy Now
Questions 213

Knowledge-based Intrusion Detection Systems (IDS) are more common than:

Options:

A.

Network-based IDS

B.

Host-based IDS

C.

Behavior-based IDS

D.

Application-Based IDS

Buy Now
Questions 214

Which of the following is a disadvantage of a statistical anomaly-based intrusion detection system?

Options:

A.

it may truly detect a non-attack event that had caused a momentary anomaly in the system.

B.

it may falsely detect a non-attack event that had caused a momentary anomaly in the system.

C.

it may correctly detect a non-attack event that had caused a momentary anomaly in the system.

D.

it may loosely detect a non-attack event that had caused a momentary anomaly in the system.

Buy Now
Questions 215

Which of the following is an IDS that acquires data and defines a "normal" usage profile for the network or host?

Options:

A.

Statistical Anomaly-Based ID

B.

Signature-Based ID

C.

dynamical anomaly-based ID

D.

inferential anomaly-based ID

Buy Now
Questions 216

What is the essential difference between a self-audit and an independent audit?

Options:

A.

Tools used

B.

Results

C.

Objectivity

D.

Competence

Buy Now
Questions 217

Which of the following is needed for System Accountability?

Options:

A.

Audit mechanisms.

B.

Documented design as laid out in the Common Criteria.

C.

Authorization.

D.

Formal verification of system design.

Buy Now
Questions 218

Which of the following types of Intrusion Detection Systems uses behavioral characteristics of a system’s operation or network traffic to draw conclusions on whether the traffic represents a risk to the network or host?

Options:

A.

Network-based ID systems.

B.

Anomaly Detection.

C.

Host-based ID systems.

D.

Signature Analysis.

Buy Now
Questions 219

The DES algorithm is an example of what type of cryptography?

Options:

A.

Secret Key

B.

Two-key

C.

Asymmetric Key

D.

Public Key

Buy Now
Questions 220

Which of the following can be best defined as computing techniques for inseparably embedding unobtrusive marks or labels as bits in digital data and for detecting or extracting the marks later?

Options:

A.

Steganography

B.

Digital watermarking

C.

Digital enveloping

D.

Digital signature

Buy Now
Questions 221

Which of the following can best be defined as a key distribution protocol that uses hybrid encryption to convey session keys. This protocol establishes a long-term key once, and then requires no prior communication in order to establish or exchange keys on a session-by-session basis?

Options:

A.

Internet Security Association and Key Management Protocol (ISAKMP)

B.

Simple Key-management for Internet Protocols (SKIP)

C.

Diffie-Hellman Key Distribution Protocol

D.

IPsec Key exchange (IKE)

Buy Now
Questions 222

Which of the following is true about Kerberos?

Options:

A.

It utilizes public key cryptography.

B.

It encrypts data after a ticket is granted, but passwords are exchanged in plain text.

C.

It depends upon symmetric ciphers.

D.

It is a second party authentication system.

Buy Now
Questions 223

What is the key size of the International Data Encryption Algorithm (IDEA)?

Options:

A.

64 bits

B.

128 bits

C.

160 bits

D.

192 bits

Buy Now
Questions 224

In a Public Key Infrastructure, how are public keys published?

Options:

A.

They are sent via e-mail.

B.

Through digital certificates.

C.

They are sent by owners.

D.

They are not published.

Buy Now
Questions 225

Which of the following is true about link encryption?

Options:

A.

Each entity has a common key with the destination node.

B.

Encrypted messages are only decrypted by the final node.

C.

This mode does not provide protection if anyone of the nodes along the transmission path is compromised.

D.

Only secure nodes are used in this type of transmission.

Buy Now
Questions 226

Which of the following standards concerns digital certificates?

Options:

A.

X.400

B.

X.25

C.

X.509

D.

X.75

Buy Now
Questions 227

What is NOT an authentication method within IKE and IPsec?

Options:

A.

CHAP

B.

Pre shared key

C.

certificate based authentication

D.

Public key authentication

Buy Now
Questions 228

Which of the following is not a property of the Rijndael block cipher algorithm?

Options:

A.

It employs a round transformation that is comprised of three layers of distinct and invertible transformations.

B.

It is suited for high speed chips with no area restrictions.

C.

It operates on 64-bit plaintext blocks and uses a 128 bit key.

D.

It could be used on a smart card.

Buy Now
Questions 229

Which of the following statements pertaining to link encryption is false?

Options:

A.

It encrypts all the data along a specific communication path.

B.

It provides protection against packet sniffers and eavesdroppers.

C.

Information stays encrypted from one end of its journey to the other.

D.

User information, header, trailers, addresses and routing data that are part of the packets are encrypted.

Buy Now
Questions 230

What uses a key of the same length as the message where each bit or character from the plaintext is encrypted by a modular addition?

Options:

A.

Running key cipher

B.

One-time pad

C.

Steganography

D.

Cipher block chaining

Buy Now
Questions 231

Which of the following is defined as an Internet, IPsec, key-establishment protocol, partly based on OAKLEY, that is intended for putting in place authenticated keying material for use with ISAKMP and for other security associations?

Options:

A.

Internet Key exchange (IKE)

B.

Security Association Authentication Protocol (SAAP)

C.

Simple Key-management for Internet Protocols (SKIP)

D.

Key Exchange Algorithm (KEA)

Buy Now
Questions 232

In what type of attack does an attacker try, from several encrypted messages, to figure out the key used in the encryption process?

Options:

A.

Known-plaintext attack

B.

Ciphertext-only attack

C.

Chosen-Ciphertext attack

D.

Plaintext-only attack

Buy Now
Questions 233

What can be defined as a digital certificate that binds a set of descriptive data items, other than a public key, either directly to a subject name or to the identifier of another certificate that is a public-key certificate?

Options:

A.

A public-key certificate

B.

An attribute certificate

C.

A digital certificate

D.

A descriptive certificate

Buy Now
Questions 234

What is the effective key size of DES?

Options:

A.

56 bits

B.

64 bits

C.

128 bits

D.

1024 bits

Buy Now
Questions 235

A code, as is pertains to cryptography:

Options:

A.

Is a generic term for encryption.

B.

Is specific to substitution ciphers.

C.

Deals with linguistic units.

D.

Is specific to transposition ciphers.

Buy Now
Questions 236

Which of the following encryption methods is known to be unbreakable?

Options:

A.

Symmetric ciphers.

B.

DES codebooks.

C.

One-time pads.

D.

Elliptic Curve Cryptography.

Buy Now
Questions 237

Which is NOT a suitable method for distributing certificate revocation information?

Options:

A.

CA revocation mailing list

B.

Delta CRL

C.

OCSP (online certificate status protocol)

D.

Distribution point CRL

Buy Now
Questions 238

PGP uses which of the following to encrypt data?

Options:

A.

An asymmetric encryption algorithm

B.

A symmetric encryption algorithm

C.

A symmetric key distribution system

D.

An X.509 digital certificate

Buy Now
Questions 239

Which of the following answers is described as a random value used in cryptographic algorithms to ensure that patterns are not created during the encryption process?

Options:

A.

IV - Initialization Vector

B.

Stream Cipher

C.

OTP - One Time Pad

D.

Ciphertext

Buy Now
Questions 240

To be admissible in court, computer evidence must be which of the following?

Options:

A.

Relevant

B.

Decrypted

C.

Edited

D.

Incriminating

Buy Now
Questions 241

Valuable paper insurance coverage does not cover damage to which of the following?

Options:

A.

Inscribed, printed and Written documents

B.

Manuscripts

C.

Records

D.

Money and Securities

Buy Now
Questions 242

Which of the following is a problem regarding computer investigation issues?

Options:

A.

Information is tangible.

B.

Evidence is easy to gather.

C.

Computer-generated records are only considered secondary evidence, thus are not as reliable as best evidence.

D.

In many instances, an expert or specialist is not required.

Buy Now
Questions 243

Which element must computer evidence have to be admissible in court?

Options:

A.

It must be relevant.

B.

It must be annotated.

C.

It must be printed.

D.

It must contain source code.

Buy Now
Questions 244

Why would a memory dump be admissible as evidence in court?

Options:

A.

Because it is used to demonstrate the truth of the contents.

B.

Because it is used to identify the state of the system.

C.

Because the state of the memory cannot be used as evidence.

D.

Because of the exclusionary rule.

Buy Now
Questions 245

Which one of the following is NOT one of the outcomes of a vulnerability assessment?

Options:

A.

Quantative loss assessment

B.

Qualitative loss assessment

C.

Formal approval of BCP scope and initiation document

D.

Defining critical support areas

Buy Now
Questions 246

When a possible intrusion into your organization's information system has been detected, which of the following actions should be performed first?

Options:

A.

Eliminate all means of intruder access.

B.

Contain the intrusion.

C.

Determine to what extent systems and data are compromised.

D.

Communicate with relevant parties.

Buy Now
Questions 247

A contingency plan should address:

Options:

A.

Potential risks.

B.

Residual risks.

C.

Identified risks.

D.

All answers are correct.

Buy Now
Questions 248

Which of the following is less likely to accompany a contingency plan, either within the plan itself or in the form of an appendix?

Options:

A.

Contact information for all personnel.

B.

Vendor contact information, including offsite storage and alternate site.

C.

Equipment and system requirements lists of the hardware, software, firmware and other resources required to support system operations.

D.

The Business Impact Analysis.

Buy Now
Questions 249

Risk mitigation and risk reduction controls for providing information security are classified within three main categories, which of the following are being used?

Options:

A.

preventive, corrective, and administrative

B.

detective, corrective, and physical

C.

Physical, technical, and administrative

D.

Administrative, operational, and logical

Buy Now
Questions 250

Which of the following statements pertaining to disaster recovery is incorrect?

Options:

A.

A recovery team's primary task is to get the pre-defined critical business functions at the alternate backup processing site.

B.

A salvage team's task is to ensure that the primary site returns to normal processing conditions.

C.

The disaster recovery plan should include how the company will return from the alternate site to the primary site.

D.

When returning to the primary site, the most critical applications should be brought back first.

Buy Now
Questions 251

Which of the following is NOT a transaction redundancy implementation?

Options:

A.

on-site mirroring

B.

Electronic Vaulting

C.

Remote Journaling

D.

Database Shadowing

Buy Now
Questions 252

Which backup method copies only files that have changed since the last full backup, but does not clear the archive bit?

Options:

A.

Differential backup method.

B.

Full backup method.

C.

Incremental backup method.

D.

Tape backup method.

Buy Now
Questions 253

Which approach to a security program ensures people responsible for protecting the company's assets are DRIVING the program?

Options:

A.

The Delphi approach

B.

The top-down approach

C.

The bottom-up approach

D.

The technology approach

Buy Now
Questions 254

Which of the following backup methods is primarily run when time and tape space permits, and is used for the system archive or baselined tape sets?

Options:

A.

full backup method.

B.

incremental backup method.

C.

differential backup method.

D.

tape backup method.

Buy Now
Questions 255

Which of the following is the most critical item from a disaster recovery point of view?

Options:

A.

Data

B.

Hardware/Software

C.

Communication Links

D.

Software Applications

Buy Now
Questions 256

What can be defined as the maximum acceptable length of time that elapses before the unavailability of the system severely affects the organization?

Options:

A.

Recovery Point Objectives (RPO)

B.

Recovery Time Objectives (RTO)

C.

Recovery Time Period (RTP)

D.

Critical Recovery Time (CRT)

Buy Now
Questions 257

Which of the following statements pertaining to a Criticality Survey is incorrect?

Options:

A.

It is implemented to gather input from all personnel that is going to be part of the recovery teams.

B.

The purpose of the survey must be clearly stated.

C.

Management's approval should be obtained before distributing the survey.

D.

Its intent is to find out what services and systems are critical to keeping the organization in business.

Buy Now
Questions 258

Qualitative loss resulting from the business interruption does NOT usually include:

Options:

A.

Loss of revenue

B.

Loss of competitive advantage or market share

C.

Loss of public confidence and credibility

D.

Loss of market leadership

Buy Now
Questions 259

Which of the following backup methods is most appropriate for off-site archiving?

Options:

A.

Incremental backup method

B.

Off-site backup method

C.

Full backup method

D.

Differential backup method

Buy Now
Questions 260

Which of the following outlined how senior management are responsible for the computer and information security decisions that they make and what actually took place within their organizations?

Options:

A.

The Computer Security Act of 1987.

B.

The Federal Sentencing Guidelines of 1991.

C.

The Economic Espionage Act of 1996.

D.

The Computer Fraud and Abuse Act of 1986.

Buy Now
Questions 261

Which of the following questions is less likely to help in assessing an organization's contingency planning controls?

Options:

A.

Is damaged media stored and/or destroyed?

B.

Are the backup storage site and alternate site geographically far enough from the primary site?

C.

Is there an up-to-date copy of the plan stored securely off-site?

D.

Is the location of stored backups identified?

Buy Now
Questions 262

Which one of the following represents an ALE calculation?

Options:

A.

single loss expectancy x annualized rate of occurrence.

B.

gross loss expectancy x loss frequency.

C.

actual replacement cost - proceeds of salvage.

D.

asset value x loss expectancy.

Buy Now
Questions 263

Which of the following item would best help an organization to gain a common understanding of functions that are critical to its survival?

Options:

A.

A risk assessment

B.

A business assessment

C.

A disaster recovery plan

D.

A business impact analysis

Buy Now
Questions 264

Which of the following cannot be undertaken in conjunction or while computer incident handling is ongoing?

Options:

A.

System development activity

B.

Help-desk function

C.

System Imaging

D.

Risk management process

Buy Now
Questions 265

Which of the following is the most important consideration in locating an alternate computing facility during the development of a disaster recovery plan?

Options:

A.

It is unlikely to be affected by the same disaster.

B.

It is close enough to become operational quickly.

C.

It is close enough to serve its users.

D.

It is convenient to airports and hotels.

Buy Now
Questions 266

Business Continuity and Disaster Recovery Planning (Primarily) addresses the:

Options:

A.

Availability of the CIA triad

B.

Confidentiality of the CIA triad

C.

Integrity of the CIA triad

D.

Availability, Confidentiality and Integrity of the CIA triad

Buy Now
Questions 267

Which of the following focuses on sustaining an organization's business functions during and after a disruption?

Options:

A.

Business continuity plan

B.

Business recovery plan

C.

Continuity of operations plan

D.

Disaster recovery plan

Buy Now
Questions 268

Because ordinary cable introduces a toxic hazard in the event of fire, special cabling is required in a separate area provided for air circulation for heating, ventilation, and air-conditioning (sometimes referred to as HVAC) and typically provided in the space between the structural ceiling and a drop-down ceiling. This area is referred to as the:

Options:

A.

smoke boundry area

B.

fire detection area

C.

Plenum area

D.

Intergen area

Buy Now
Questions 269

A Business Continuity Plan should be tested:

Options:

A.

Once a month.

B.

At least twice a year.

C.

At least once a year.

D.

At least once every two years.

Buy Now
Questions 270

Which of the following specifically addresses cyber attacks against an organization's IT systems?

Options:

A.

Continuity of support plan

B.

Business continuity plan

C.

Incident response plan

D.

Continuity of operations plan

Buy Now
Questions 271

Which of the following could be BEST defined as the likelihood of a threat agent taking advantage of a vulnerability?

Options:

A.

A risk

B.

A residual risk

C.

An exposure

D.

A countermeasure

Buy Now
Questions 272

Business Continuity Planning (BCP) is not defined as a preparation that facilitates:

Options:

A.

the rapid recovery of mission-critical business operations

B.

the continuation of critical business functions

C.

the monitoring of threat activity for adjustment of technical controls

D.

the reduction of the impact of a disaster

Buy Now
Questions 273

Which of the following best describes what would be expected at a "hot site"?

Options:

A.

Computers, climate control, cables and peripherals

B.

Computers and peripherals

C.

Computers and dedicated climate control systems.

D.

Dedicated climate control systems

Buy Now
Questions 274

Which of the following is the most complete disaster recovery plan test type, to be performed after successfully completing the Parallel test?

Options:

A.

Full Interruption test

B.

Checklist test

C.

Simulation test

D.

Structured walk-through test

Buy Now
Questions 275

Another example of Computer Incident Response Team (CIRT) activities is:

Options:

A.

Management of the netware logs, including collection, retention, review, and analysis of data

B.

Management of the network logs, including collection and analysis of data

C.

Management of the network logs, including review and analysis of data

D.

Management of the network logs, including collection, retention, review, and analysis of data

Buy Now
Questions 276

How is Annualized Loss Expectancy (ALE) derived from a threat?

Options:

A.

ARO x (SLE - EF)

B.

SLE x ARO

C.

SLE/EF

D.

AV x EF

Buy Now
Exam Code: SSCP
Exam Name: Systems Security Certified Practitioner
Last Update: Oct 7, 2024
Questions: 1074
$56  $159.99
$42  $119.99
$35  $99.99
buy now SSCP