March Sale Special - 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4sdisc65

SSCP PDF

$38.5

$109.99

3 Months Free Update

  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions

SSCP PDF + Testing Engine

$61.6

$175.99

3 Months Free Update

  • Exam Name: Systems Security Certified Practitioner
  • Last Update: Mar 4, 2024
  • Questions and Answers: 1074
  • Free Real Questions Demo
  • Recommended by Industry Experts
  • Best Economical Package
  • Immediate Access

SSCP Engine

$46.2

$131.99

3 Months Free Update

  • Best Testing Engine
  • One Click installation
  • Recommended by Teachers
  • Easy to use
  • 3 Modes of Learning
  • State of Art Technology
  • 100% Real Questions included

SSCP Systems Security Certified Practitioner Questions and Answers

Question # 6

What principle focuses on the uniqueness of separate objects that must be joined together to perform a task? It is sometimes referred to as “what each must bring” and joined together when getting access or decrypting a file. Each of which does not reveal the other?

A.

Dual control

B.

Separation of duties

C.

Split knowledge

D.

Need to know

Full Access
Question # 7

Unshielded Twisted Pair cabling is a:

A.

four-pair wire medium that is used in a variety of networks.

B.

three-pair wire medium that is used in a variety of networks.

C.

two-pair wire medium that is used in a variety of networks.

D.

one-pair wire medium that is used in a variety of networks.

Full Access
Question # 8

Which of the following is less likely to be used today in creating a Virtual Private Network?

A.

L2TP

B.

PPTP

C.

IPSec

D.

L2F

Full Access
Question # 9

A group of independent servers, which are managed as a single system, that provides higher availability, easier manageability, and greater scalability is:

A.

server cluster

B.

client cluster

C.

guest cluster

D.

host cluster

Full Access
Question # 10

A DMZ is located:

A.

right behind your first Internet facing firewall

B.

right in front of your first Internet facing firewall

C.

right behind your first network active firewall

D.

right behind your first network passive Internet http firewall

Full Access
Question # 11

What layer of the ISO/OSI model do routers normally operate at?

A.

Data link layer

B.

Session layer

C.

Transport layer

D.

Network layer

Full Access
Question # 12

How long are IPv4 addresses?

A.

32 bits long.

B.

64 bits long.

C.

128 bits long.

D.

16 bits long.

Full Access
Question # 13

The communications products and services, which ensure that the various components of a network (such as devices, protocols, and access methods) work together refers to:

A.

Netware Architecture.

B.

Network Architecture.

C.

WAN Architecture.

D.

Multiprotocol Architecture.

Full Access
Question # 14

What works as an E-mail message transfer agent?

A.

SMTP

B.

SNMP

C.

S-RPC

D.

S/MIME

Full Access
Question # 15

Which of the following would be used to detect and correct errors so that integrity and confidentiality of transactions over networks may be maintained while preventing unauthorize interception of the traffic?

A.

Information security

B.

Server security

C.

Client security

D.

Communications security

Full Access
Question # 16

Which of the following media is MOST resistant to tapping?

A.

microwave.

B.

twisted pair.

C.

coaxial cable.

D.

fiber optic.

Full Access
Question # 17

In which layer of the OSI Model are connection-oriented protocols located in the TCP/IP suite of protocols?

A.

Transport layer

B.

Application layer

C.

Physical layer

D.

Network layer

Full Access
Question # 18

Which of the following are REGISTERED PORTS as defined by IANA ?

A.

Ports 128 to 255

B.

Ports 1024 to 49151

C.

Ports 1025 to 65535

D.

Ports 1024 to 32767

Full Access
Question # 19

What is the primary role of cross certification?

A.

Creating trust between different PKIs

B.

Build an overall PKI hierarchy

C.

set up direct trust to a second root CA

D.

Prevent the nullification of user certificates by CA certificate revocation

Full Access
Question # 20

Which of the following is best provided by symmetric cryptography?

A.

Confidentiality

B.

Integrity

C.

Availability

D.

Non-repudiation

Full Access
Question # 21

Which of the following statements pertaining to key management is incorrect?

A.

The more a key is used, the shorter its lifetime should be.

B.

When not using the full keyspace, the key should be extremely random.

C.

Keys should be backed up or escrowed in case of emergencies.

D.

A key's lifetime should correspond with the sensitivity of the data it is protecting.

Full Access
Question # 22

Which of the following algorithms does NOT provide hashing?

A.

SHA-1

B.

MD2

C.

RC4

D.

MD5

Full Access
Question # 23

Which of the following BEST describes a function relying on a shared secret key that is used along with a hashing algorithm to verify the integrity of the communication content as well as the sender?

A.

Message Authentication Code - MAC

B.

PAM - Pluggable Authentication Module

C.

NAM - Negative Acknowledgement Message

D.

Digital Signature Certificate

Full Access
Question # 24

What can be defined as a digital certificate that binds a set of descriptive data items, other than a public key, either directly to a subject name or to the identifier of another certificate that is a public-key certificate?

A.

A public-key certificate

B.

An attribute certificate

C.

A digital certificate

D.

A descriptive certificate

Full Access
Question # 25

PGP uses which of the following to encrypt data?

A.

An asymmetric encryption algorithm

B.

A symmetric encryption algorithm

C.

A symmetric key distribution system

D.

An X.509 digital certificate

Full Access
Question # 26

Which of the following ciphers is a subset on which the Vigenere polyalphabetic cipher was based on?

A.

Caesar

B.

The Jefferson disks

C.

Enigma

D.

SIGABA

Full Access
Question # 27

Which of the following binds a subject name to a public key value?

A.

A public-key certificate

B.

A public key infrastructure

C.

A secret key infrastructure

D.

A private key certificate

Full Access
Question # 28

Which of the following is NOT an asymmetric key algorithm?

A.

RSA

B.

Elliptic Curve Cryptosystem (ECC)

C.

El Gamal

D.

Data Encryption System (DES)

Full Access
Question # 29

In a known plaintext attack, the cryptanalyst has knowledge of which of the following?

A.

the ciphertext and the key

B.

the plaintext and the secret key

C.

both the plaintext and the associated ciphertext of several messages

D.

the plaintext and the algorithm

Full Access
Question # 30

Which of the following is NOT a property of a one-way hash function?

A.

It converts a message of a fixed length into a message digest of arbitrary length.

B.

It is computationally infeasible to construct two different messages with the same digest.

C.

It converts a message of arbitrary length into a message digest of a fixed length.

D.

Given a digest value, it is computationally infeasible to find the corresponding message.

Full Access
Question # 31

The Diffie-Hellman algorithm is used for:

A.

Encryption

B.

Digital signature

C.

Key agreement

D.

Non-repudiation

Full Access
Question # 32

What can be defined as a data structure that enumerates digital certificates that were issued to CAs but have been invalidated by their issuer prior to when they were scheduled to expire?

A.

Certificate revocation list

B.

Certificate revocation tree

C.

Authority revocation list

D.

Untrusted certificate list

Full Access
Question # 33

Which type of algorithm is considered to have the highest strength per bit of key length of any of the asymmetric algorithms?

A.

Rivest, Shamir, Adleman (RSA)

B.

El Gamal

C.

Elliptic Curve Cryptography (ECC)

D.

Advanced Encryption Standard (AES)

Full Access
Question # 34

What is the name of the third party authority that vouches for the binding between the data items in a digital certificate?

A.

Registration authority

B.

Certification authority

C.

Issuing authority

D.

Vouching authority

Full Access
Question # 35

What is the name of a one way transformation of a string of characters into a usually shorter fixed-length value or key that represents the original string? Such a transformation cannot be reversed?

A.

One-way hash

B.

DES

C.

Transposition

D.

Substitution

Full Access
Question # 36

Which of the following protects Kerberos against replay attacks?

A.

Tokens

B.

Passwords

C.

Cryptography

D.

Time stamps

Full Access
Question # 37

Which one of the following statements about the advantages and disadvantages of network-based Intrusion detection systems is true

A.

Network-based IDSs are not vulnerable to attacks.

B.

Network-based IDSs are well suited for modern switch-based networks.

C.

Most network-based IDSs can automatically indicate whether or not an attack was successful.

D.

The deployment of network-based IDSs has little impact upon an existing network.

Full Access
Question # 38

In the process of gathering evidence from a computer attack, a system administrator took a series of actions which are listed below. Can you identify which one of these actions has compromised the whole evidence collection process?

A.

Using a write blocker

B.

Made a full-disk image

C.

Created a message digest for log files

D.

Displayed the contents of a folder

Full Access
Question # 39

Which of the following is not a preventive operational control?

A.

Protecting laptops, personal computers and workstations.

B.

Controlling software viruses.

C.

Controlling data media access and disposal.

D.

Conducting security awareness and technical training.

Full Access
Question # 40

In an online transaction processing system (OLTP), which of the following actions should be taken when erroneous or invalid transactions are detected?

A.

The transactions should be dropped from processing.

B.

The transactions should be processed after the program makes adjustments.

C.

The transactions should be written to a report and reviewed.

D.

The transactions should be corrected and reprocessed.

Full Access
Question # 41

Which of the following monitors network traffic in real time?

A.

network-based IDS

B.

host-based IDS

C.

application-based IDS

D.

firewall-based IDS

Full Access
Question # 42

Which of the following would assist the most in Host Based intrusion detection?

A.

audit trails.

B.

access control lists.

C.

security clearances

D.

host-based authentication

Full Access
Question # 43

Which of the following tools is less likely to be used by a hacker?

A.

l0phtcrack

B.

Tripwire

C.

OphCrack

D.

John the Ripper

Full Access
Question # 44

The fact that a network-based IDS reviews packets payload and headers enable which of the following?

A.

Detection of denial of service

B.

Detection of all viruses

C.

Detection of data corruption

D.

Detection of all password guessing attacks

Full Access
Question # 45

Which protocol is NOT implemented in the Network layer of the OSI Protocol Stack?

A.

hyper text transport protocol

B.

Open Shortest Path First

C.

Internet Protocol

D.

Routing Information Protocol

Full Access
Question # 46

A timely review of system access audit records would be an example of which of the basic security functions?

A.

avoidance

B.

deterrence

C.

prevention

D.

detection

Full Access
Question # 47

Which of the following is required in order to provide accountability?

A.

Authentication

B.

Integrity

C.

Confidentiality

D.

Audit trails

Full Access
Question # 48

Who should measure the effectiveness of Information System security related controls in an organization?

A.

The local security specialist

B.

The business manager

C.

The systems auditor

D.

The central security manager

Full Access
Question # 49

Which of the following are additional terms used to describe knowledge-based IDS and behavior-based IDS?

A.

signature-based IDS and statistical anomaly-based IDS, respectively

B.

signature-based IDS and dynamic anomaly-based IDS, respectively

C.

anomaly-based IDS and statistical-based IDS, respectively

D.

signature-based IDS and motion anomaly-based IDS, respectively.

Full Access
Question # 50

Who can best decide what are the adequate technical security controls in a computer-based application system in regards to the protection of the data being used, the criticality of the data, and it's sensitivity level ?

A.

System Auditor

B.

Data or Information Owner

C.

System Manager

D.

Data or Information user

Full Access
Question # 51

The Logical Link Control sub-layer is a part of which of the following?

A.

The ISO/OSI Data Link layer

B.

The Reference monitor

C.

The Transport layer of the TCP/IP stack model

D.

Change management control

Full Access
Question # 52

How many bits of a MAC address uniquely identify a vendor, as provided by the IEEE?

A.

6 bits

B.

12 bits

C.

16 bits

D.

24 bits

Full Access
Question # 53

What enables users to validate each other's certificate when they are certified under different certification hierarchies?

A.

Cross-certification

B.

Multiple certificates

C.

Redundant certification authorities

D.

Root certification authorities

Full Access
Question # 54

At what stage of the applications development process should the security department become involved?

A.

Prior to the implementation

B.

Prior to systems testing

C.

During unit testing

D.

During requirements development

Full Access
Question # 55

Which of the following is NOT a basic component of security architecture?

A.

Motherboard

B.

Central Processing Unit (CPU

C.

Storage Devices

D.

Peripherals (input/output devices)

Full Access
Question # 56

In what way could Java applets pose a security threat?

A.

Their transport can interrupt the secure distribution of World Wide Web pages over the Internet by removing SSL and S-HTTP

B.

Java interpreters do not provide the ability to limit system access that an applet could have on a client system.

C.

Executables from the Internet may attempt an intentional attack when they are downloaded on a client system.

D.

Java does not check the bytecode at runtime or provide other safety mechanisms for program isolation from the client system.

Full Access
Question # 57

If an operating system permits shared resources such as memory to be used sequentially by multiple users/application or subjects without a refresh of the objects/memory area, what security problem is MOST likely to exist?

A.

Disclosure of residual data.

B.

Unauthorized obtaining of a privileged execution state.

C.

Data leakage through covert channels.

D.

Denial of service through a deadly embrace.

Full Access
Question # 58

Which of the following are required for Life-Cycle Assurance?

A.

System Architecture and Design specification.

B.

Security Testing and Covert Channel Analysis.

C.

Security Testing and Trusted distribution.

D.

Configuration Management and Trusted Facility Management.

Full Access
Question # 59

What is it called when a computer uses more than one CPU in parallel to execute instructions?

A.

Multiprocessing

B.

Multitasking

C.

Multithreading

D.

Parallel running

Full Access
Question # 60

Which of the following would MOST likely ensure that a system development project meets business objectives?

A.

Development and tests are run by different individuals

B.

User involvement in system specification and acceptance

C.

Development of a project plan identifying all development activities

D.

Strict deadlines and budgets

Full Access
Question # 61

Which of the following rules is least likely to support the concept of least privilege?

A.

The number of administrative accounts should be kept to a minimum.

B.

Administrators should use regular accounts when performing routine operations like reading mail.

C.

Permissions on tools that are likely to be used by hackers should be as restrictive as possible.

D.

Only data to and from critical systems and applications should be allowed through the firewall.

Full Access
Question # 62

Who can best decide what are the adequate technical security controls in a computer-based application system in regards to the protection of the data being used, the criticality of the data, and it's sensitivity level ?

A.

System Auditor

B.

Data or Information Owner

C.

System Manager

D.

Data or Information user

Full Access
Question # 63

Which of the following is not one of the three goals of Integrity addressed by the Clark-Wilson model?

A.

Prevention of the modification of information by unauthorized users.

B.

Prevention of the unauthorized or unintentional modification of information by authorized users.

C.

Preservation of the internal and external consistency.

D.

Prevention of the modification of information by authorized users.

Full Access
Question # 64

Which of the following phases of a system development life-cycle is most concerned with establishing a good security policy as the foundation for design?

A.

Development/acquisition

B.

Implementation

C.

Initiation

D.

Maintenance

Full Access
Question # 65

Java is not:

A.

Object-oriented.

B.

Distributed.

C.

Architecture Specific.

D.

Multithreaded.

Full Access
Question # 66

What do the ILOVEYOU and Melissa virus attacks have in common?

A.

They are both denial-of-service (DOS) attacks.

B.

They have nothing in common.

C.

They are both masquerading attacks.

D.

They are both social engineering attacks.

Full Access
Question # 67

Which of the following technologies is a target of XSS or CSS (Cross-Site Scripting) attacks?

A.

Web Applications

B.

Intrusion Detection Systems

C.

Firewalls

D.

DNS Servers

Full Access
Question # 68

Which virus category has the capability of changing its own code, making it harder to detect by anti-virus software?

A.

Stealth viruses

B.

Polymorphic viruses

C.

Trojan horses

D.

Logic bombs

Full Access
Question # 69

Which of the following virus types changes some of its characteristics as it spreads?

A.

Boot Sector

B.

Parasitic

C.

Stealth

D.

Polymorphic

Full Access
Question # 70

Which of the following computer crime is MORE often associated with INSIDERS?

A.

IP spoofing

B.

Password sniffing

C.

Data diddling

D.

Denial of service (DOS)

Full Access
Question # 71

Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:

A.

Not possible

B.

Only possible with key recovery scheme of all user keys

C.

It is possible only if X509 Version 3 certificates are used

D.

It is possible only by "brute force" decryption

Full Access
Question # 72

In computing what is the name of a non-self-replicating type of malware program containing malicious code that appears to have some useful purpose but also contains code that has a malicious or harmful purpose imbedded in it, when executed, carries out actions that are unknown to the person installing it, typically causing loss or theft of data, and possible system harm.

A.

virus

B.

worm

C.

Trojan horse.

D.

trapdoor

Full Access
Question # 73

What best describes a scenario when an employee has been shaving off pennies from multiple accounts and depositing the funds into his own bank account?

A.

Data fiddling

B.

Data diddling

C.

Salami techniques

D.

Trojan horses

Full Access
Question # 74

The high availability of multiple all-inclusive, easy-to-use hacking tools that do NOT require much technical knowledge has brought a growth in the number of which type of attackers?

A.

Black hats

B.

White hats

C.

Script kiddies

D.

Phreakers

Full Access
Question # 75

What is malware that can spread itself over open network connections?

A.

Worm

B.

Rootkit

C.

Adware

D.

Logic Bomb

Full Access
Question # 76

Which of the following Kerberos components holds all users' and services' cryptographic keys?

A.

The Key Distribution Service

B.

The Authentication Service

C.

The Key Distribution Center

D.

The Key Granting Service

Full Access
Question # 77

Crackers today are MOST often motivated by their desire to:

A.

Help the community in securing their networks.

B.

Seeing how far their skills will take them.

C.

Getting recognition for their actions.

D.

Gaining Money or Financial Gains.

Full Access
Question # 78

What is the difference between Access Control Lists (ACLs) and Capability Tables?

A.

Access control lists are related/attached to a subject whereas capability tables are related/attached to an object.

B.

Access control lists are related/attached to an object whereas capability tables are related/attached to a subject.

C.

Capability tables are used for objects whereas access control lists are used for users.

D.

They are basically the same.

Full Access
Question # 79

What is called the act of a user professing an identity to a system, usually in the form of a log-on ID?

A.

Authentication

B.

Identification

C.

Authorization

D.

Confidentiality

Full Access
Question # 80

What is called an automated means of identifying or authenticating the identity of a living person based on physiological or behavioral characteristics?

A.

Biometrics

B.

Micrometrics

C.

Macrometrics

D.

MicroBiometrics

Full Access
Question # 81

Which of the following is NOT part of the Kerberos authentication protocol?

A.

Symmetric key cryptography

B.

Authentication service (AS)

C.

Principals

D.

Public Key

Full Access
Question # 82

Which of the following is needed for System Accountability?

A.

Audit mechanisms.

B.

Documented design as laid out in the Common Criteria.

C.

Authorization.

D.

Formal verification of system design.

Full Access
Question # 83

How should a doorway of a manned facility with automatic locks be configured?

A.

It should be configured to be fail-secure.

B.

It should be configured to be fail-safe.

C.

It should have a door delay cipher lock.

D.

It should not allow piggybacking.

Full Access
Question # 84

Which of the following classes is the first level (lower) defined in the TCSEC (Orange Book) as mandatory protection?

A.

B

B.

A

C.

C

D.

D

Full Access
Question # 85

A confidential number used as an authentication factor to verify a user's identity is called a:

A.

PIN

B.

User ID

C.

Password

D.

Challenge

Full Access
Question # 86

A central authority determines what subjects can have access to certain objects based on the organizational security policy is called:

A.

Mandatory Access Control

B.

Discretionary Access Control

C.

Non-Discretionary Access Control

D.

Rule-based Access control

Full Access
Question # 87

The following is NOT a security characteristic we need to consider while choosing a biometric identification systems:

A.

data acquisition process

B.

cost

C.

enrollment process

D.

speed and user interface

Full Access
Question # 88

Which of the following logical access exposures INVOLVES CHANGING data before, or as it is entered into the computer?

A.

Data diddling

B.

Salami techniques

C.

Trojan horses

D.

Viruses

Full Access
Question # 89

Which access control model would a lattice-based access control model be an example of?

A.

Mandatory access control.

B.

Discretionary access control.

C.

Non-discretionary access control.

D.

Rule-based access control.

Full Access
Question # 90

Which access model is most appropriate for companies with a high employee turnover?

A.

Role-based access control

B.

Mandatory access control

C.

Lattice-based access control

D.

Discretionary access control

Full Access
Question # 91

In the Bell-LaPadula model, the Star-property is also called:

A.

The simple security property

B.

The confidentiality property

C.

The confinement property

D.

The tranquility property

Full Access
Question # 92

Which of the following statements do not apply to a hot site?

A.

It is expensive.

B.

There are cases of common overselling of processing capabilities by the service provider.

C.

It provides a false sense of security.

D.

It is accessible on a first come first serve basis. In case of large disaster it might not be accessible.

Full Access
Question # 93

Which of the following is related to physical security and is not considered a technical control?

A.

Access control Mechanisms

B.

Intrusion Detection Systems

C.

Firewalls

D.

Locks

Full Access
Question # 94

Which of the following best describes what would be expected at a "hot site"?

A.

Computers, climate control, cables and peripherals

B.

Computers and peripherals

C.

Computers and dedicated climate control systems.

D.

Dedicated climate control systems

Full Access
Question # 95

What can be defined as a batch process dumping backup data through communications lines to a server at an alternate location?

A.

Remote journaling

B.

Electronic vaulting

C.

Data clustering

D.

Database shadowing

Full Access
Question # 96

To protect and/or restore lost, corrupted, or deleted information, thereby preserving the data integrity and availability is the purpose of:

A.

Remote journaling.

B.

Database shadowing.

C.

A tape backup method.

D.

Mirroring.

Full Access
Question # 97

Under the Business Exemption Rule to the hearsay evidence, which of the following exceptions would have no bearing on the inadmissibility of audit logs and audit trails in a court of law?

A.

Records are collected during the regular conduct of business.

B.

Records are collected by senior or executive management.

C.

Records are collected at or near the time of occurrence of the act being investigated to generate automated reports.

D.

You can prove no one could have changed the records/data/logs that were collected.

Full Access
Question # 98

Which of the following is NOT a common category/classification of threat to an IT system?

A.

Human

B.

Natural

C.

Technological

D.

Hackers

Full Access
Question # 99

What is a hot-site facility?

A.

A site with pre-installed computers, raised flooring, air conditioning, telecommunications and networking equipment, and UPS.

B.

A site in which space is reserved with pre-installed wiring and raised floors.

C.

A site with raised flooring, air conditioning, telecommunications, and networking equipment, and UPS.

D.

A site with ready made work space with telecommunications equipment, LANs, PCs, and terminals for work groups.

Full Access
Question # 100

What is the MOST critical piece to disaster recovery and continuity planning?

A.

Security policy

B.

Management support

C.

Availability of backup information processing facilities

D.

Staff training

Full Access
Question # 101

Organizations should not view disaster recovery as which of the following?

A.

Committed expense.

B.

Discretionary expense.

C.

Enforcement of legal statutes.

D.

Compliance with regulations.

Full Access
Question # 102

Which of the following tape formats can be used to backup data systems in addition to its original intended audio uses?

A.

Digital Video Tape (DVT).

B.

Digital Analog Tape (DAT).

C.

Digital Voice Tape (DVT).

D.

Digital Audio Tape (DAT).

Full Access
Question # 103

Qualitative loss resulting from the business interruption does NOT usually include:

A.

Loss of revenue

B.

Loss of competitive advantage or market share

C.

Loss of public confidence and credibility

D.

Loss of market leadership

Full Access
Question # 104

Which of the following assertions is NOT true about pattern matching and anomaly detection in intrusion detection?

A.

Anomaly detection tends to produce more data

B.

A pattern matching IDS can only identify known attacks

C.

Stateful matching scans for attack signatures by analyzing individual packets instead of traffic streams

D.

An anomaly-based engine develops baselines of normal traffic activity and throughput, and alerts on deviations from these baselines

Full Access
Question # 105

Out of the steps listed below, which one is not one of the steps conducted during the Business Impact Analysis (BIA)?

A.

Alternate site selection

B.

Create data-gathering techniques

C.

Identify the company’s critical business functions

D.

Select individuals to interview for data gathering

Full Access
Question # 106

What assesses potential loss that could be caused by a disaster?

A.

The Business Assessment (BA)

B.

The Business Impact Analysis (BIA)

C.

The Risk Assessment (RA)

D.

The Business Continuity Plan (BCP)

Full Access
Question # 107

Which backup method only copies files that have been recently added or changed and also leaves the archive bit unchanged?

A.

Full backup method

B.

Incremental backup method

C.

Fast backup method

D.

Differential backup method

Full Access
Question # 108

Which of the following recovery plan test results would be most useful to management?

A.

elapsed time to perform various activities.

B.

list of successful and unsuccessful activities.

C.

amount of work completed.

D.

description of each activity.

Full Access
Question # 109

What would be the Annualized Rate of Occurrence (ARO) of the threat "user input error", in the case where a company employs 100 data entry clerks and every one of them makes one input error each month?

A.

100

B.

120

C.

1

D.

1200

Full Access
Question # 110

Which backup method copies only files that have changed since the last full backup, but does not clear the archive bit?

A.

Differential backup method.

B.

Full backup method.

C.

Incremental backup method.

D.

Tape backup method.

Full Access
Question # 111

Which one of the following is NOT one of the outcomes of a vulnerability assessment?

A.

Quantative loss assessment

B.

Qualitative loss assessment

C.

Formal approval of BCP scope and initiation document

D.

Defining critical support areas

Full Access
Question # 112

Which of the following is a large hardware/software backup system that uses the RAID technology?

A.

Tape Array.

B.

Scale Array.

C.

Crimson Array

D.

Table Array.

Full Access
Question # 113

Which of the following focuses on sustaining an organization's business functions during and after a disruption?

A.

Business continuity plan

B.

Business recovery plan

C.

Continuity of operations plan

D.

Disaster recovery plan

Full Access
Question # 114

If your property Insurance has Actual Cash Valuation (ACV) clause, your damaged property will be compensated based on:

A.

Value of item on the date of loss

B.

Replacement with a new item for the old one regardless of condition of lost item

C.

Value of item one month before the loss

D.

Value of item on the date of loss plus 10 percent

Full Access
Question # 115

What can be defined as an instance of two different keys generating the same ciphertext from the same plaintext?

A.

Key collision

B.

Key clustering

C.

Hashing

D.

Ciphertext collision

Full Access
Question # 116

Why would a memory dump be admissible as evidence in court?

A.

Because it is used to demonstrate the truth of the contents.

B.

Because it is used to identify the state of the system.

C.

Because the state of the memory cannot be used as evidence.

D.

Because of the exclusionary rule.

Full Access
Question # 117

What is NOT true about a one-way hashing function?

A.

It provides authentication of the message

B.

A hash cannot be reverse to get the message used to create the hash

C.

The results of a one-way hash is a message digest

D.

It provides integrity of the message

Full Access
Question # 118

Which of the following keys has the SHORTEST lifespan?

A.

Secret key

B.

Public key

C.

Session key

D.

Private key

Full Access
Question # 119

A periodic review of user account management should not determine:

A.

Conformity with the concept of least privilege.

B.

Whether active accounts are still being used.

C.

Strength of user-chosen passwords.

D.

Whether management authorizations are up-to-date.

Full Access
Question # 120

Who is responsible for providing reports to the senior management on the effectiveness of the security controls?

A.

Information systems security professionals

B.

Data owners

C.

Data custodians

D.

Information systems auditors

Full Access
Question # 121

Which of the following is used to monitor network traffic or to monitor host audit logs in real time to determine violations of system security policy that have taken place?

A.

Intrusion Detection System

B.

Compliance Validation System

C.

Intrusion Management System (IMS)

D.

Compliance Monitoring System

Full Access
Question # 122

Which of the following best describes signature-based detection?

A.

Compare source code, looking for events or sets of events that could cause damage to a system or network.

B.

Compare system activity for the behaviour patterns of new attacks.

C.

Compare system activity, looking for events or sets of events that match a predefined pattern of events that describe a known attack.

D.

Compare network nodes looking for objects or sets of objects that match a predefined pattern of objects that may describe a known attack.

Full Access
Question # 123

Which of the following usually provides reliable, real-time information without consuming network or host resources?

A.

network-based IDS

B.

host-based IDS

C.

application-based IDS

D.

firewall-based IDS

Full Access
Question # 124

Network-based Intrusion Detection systems:

A.

Commonly reside on a discrete network segment and monitor the traffic on that network segment.

B.

Commonly will not reside on a discrete network segment and monitor the traffic on that network segment.

C.

Commonly reside on a discrete network segment and does not monitor the traffic on that network segment.

D.

Commonly reside on a host and and monitor the traffic on that specific host.

Full Access
Question # 125

Which of the following is needed for System Accountability?

A.

Audit mechanisms.

B.

Documented design as laid out in the Common Criteria.

C.

Authorization.

D.

Formal verification of system design.

Full Access
Question # 126

A host-based IDS is resident on which of the following?

A.

On each of the critical hosts

B.

decentralized hosts

C.

central hosts

D.

bastion hosts

Full Access
Question # 127

Which of the following is the BEST way to detect software license violations?

A.

Implementing a corporate policy on copyright infringements and software use.

B.

Requiring that all PCs be diskless workstations.

C.

Installing metering software on the LAN so applications can be accessed through the metered software.

D.

Regularly scanning PCs in use to ensure that unauthorized copies of software have not been loaded on the PC.

Full Access
Question # 128

RADIUS incorporates which of the following services?

A.

Authentication server and PIN codes.

B.

Authentication of clients and static passwords generation.

C.

Authentication of clients and dynamic passwords generation.

D.

Authentication server as well as support for Static and Dynamic passwords.

Full Access
Question # 129

Which security model ensures that actions that take place at a higher security level do not affect actions that take place at a lower level?

A.

The Bell-LaPadula model

B.

The information flow model

C.

The noninterference model

D.

The Clark-Wilson model

Full Access
Question # 130

Which of the following IEEE standards defines the token ring media access method?

A.

802.3

B.

802.11

C.

802.5

D.

802.2

Full Access
Question # 131

Which of the following DoD Model layer provides non-repudiation services?

A.

network layer.

B.

application layer.

C.

transport layer.

D.

data link layer.

Full Access
Question # 132

Which of the following services relies on UDP?

A.

FTP

B.

Telnet

C.

DNS

D.

SMTP

Full Access
Question # 133

The IP header contains a protocol field. If this field contains the value of 2, what type of data is contained within the IP datagram?

A.

TCP.

B.

ICMP.

C.

UDP.

D.

IGMP.

Full Access
Question # 134

Which of the following is an example of a connectionless communication protocol?

A.

UDP

B.

X.25

C.

Packet switching

D.

TCP

Full Access
Question # 135

Which one of the following is used to provide authentication and confidentiality for e-mail messages?

A.

Digital signature

B.

PGP

C.

IPSEC AH

D.

MD4

Full Access
Question # 136

Which of the following transmission media would NOT be affected by cross talk or interference?

A.

Copper cable

B.

Radio System

C.

Satellite radiolink

D.

Fiber optic cables

Full Access
Question # 137

The concept of best effort delivery is best associated with?

A.

TCP

B.

HTTP

C.

RSVP

D.

IP

Full Access
Question # 138

Which of the following protocols suite does the Internet use?

A.

IP/UDP/TCP

B.

IP/UDP/ICMP/TCP

C.

TCP/IP

D.

IMAP/SMTP/POP3

Full Access