Exam Code: SSCP
Exam Name: Systems Security Certified Practitioner
DES – Data Encryption standard has a 128 bit key and is very difficult to break.
What is the main difference between computer abuse and computer crime?
A. Amount of damage
B. Intentions of the perpetrator
C. Method of compromise
D. Abuse = company insider; crime = company outsider
A standardized list of the most common security weaknesses and exploits is the __________.
A. SANS Top 10
B. CSI/FBI Computer Crime Study
C. CVE – Common Vulnerabilities and Exposures
D. CERT Top 10
A salami attack refers to what type of activity?
A. Embedding or hiding data inside of a legitimate communication – a picture, etc.
B. Hijacking a session and stealing passwords
C. Committing computer crimes in such small doses that they almost go unnoticed
D. Setting a program to attack a website at11:59 am on New Year’s Eve
Multi-partite viruses perform which functions?
A. Infect multiple partitions
B. Infect multiple boot sectors
C. Infect numerous workstations
D. Combine both boot and file virus behavior
What security principle is based on the division of job responsibilities – designed to prevent fraud?
A. Mandatory Access Control
B. Separation of Duties
C. Information Systems Auditing
D. Concept of Least Privilege
________ is the authoritative entity which lists port assignments
C. Network Solutions
Cable modems are less secure than DSL connections because cable modems are shared with other subscribers?
____________ is a file system that was poorly designed and has numerous security flaws.
E. None of the above
Trend Analysis involves analyzing historical ___________ files in order to look for patterns of abuse or misuse.
Answer: Log files
HTTP, FTP, SMTP reside at which layer of the OSI model?
A. Layer 1 – Physical
B. Layer 3 – Network
C. Layer 4 – Transport
D. Layer 7 – Application
E. Layer 2 – Data Link
Layer 4 in the DoD model overlaps with which layer(s) of the OSI model?
A. Layer 7 – Application Layer
B. Layers 2, 3, & 4 – Data Link, Network, and Transport Layers
C. Layer 3 – Network Layer
D. Layers 5, 6, & 7 – Session, Presentation, and Application Layers
A Security Reference Monitor relates to which DoD security standard?
E. None of the items listed
The ability to identify and audit a user and his / her actions is known as ____________.
There are 5 classes of IP addresses available, but only 3 classes are in common use today, identify the three: (Choose three)
A. Class A: 1-126
B. Class B: 128-191
C. Class C: 192-223
D. Class D: 224-255
E. Class E: 0.0.0.0 – 127.0.0.1
The ultimate goal of a computer forensics specialist is to ___________________.
A. Testify in court as an expert witness
B. Preserve electronic evidence and protect it from any alteration
C. Protect the company’s reputation
D. Investigate the computer crime
One method that can reduce exposure to malicious code is to run applications as generic accounts with little or no privileges.
______________ is a major component of an overall risk management program.
Answer: Risk assessment
An attempt to break an encryption algorithm is called _____________.
If you want to pass ISC2 SSCP successfully, donot missing to read latest lead2pass ISC2 SSCP exam questions.
If you can master all lead2pass questions you will able to pass 100% guaranteed.
Why Choose Lead2pass?
If you want to pass the exam successfully in first attempt you have to choose the best IT study material provider, in my opinion, Lead2pass is one of the best way to prepare for the exam.
|One Time Purchase||✔||✖||✖||✖||✖|
|100% Pass Guarantee||✔||✖||✖||✖||✖|
|100% Money Back||✔||✖||✖||✖||✖|