SSCP Practice Tests with 125 Questions and Complete Answers.
5 views 0 purchase
Course
SSCP Practice
Institution
SSCP Practice
SSCP Practice Tests with 125 Questions and Complete Answers.SSCP Practice Tests with 125 Questions and Complete Answers.SSCP Practice Tests with 125 Questions and Complete Answers.
SSCP Practice Tests with 125 Questions and Complete
Answers.
How does IPSec verify that data arrived at the destination without intentional or
accidental corruption? - ANS By using a randomized hashing operation
How is quantitative risk analysis performed? - ANS Using calculations
Your company adopts a new end-user security awareness program. This training
includes malware introduction, social media issues, password guidelines, data
exposure, and lost devices. How often should end users receive this training? - ANS
upon new hire and once a year thereafter
Your organization experienced an impersonation attack recently that compromised the
network administrator's user account. In response, new security measures are being
implemented throughout the organization. You have been assigned the task of
improving authentication. You want a new authentication system that ensures the
following:
Eavesdropped passwords cannot be used by an attacker.
Passwords are only able to be used once.
Password predication must be prevented.
Passwords are only valid for a short period of time.
How can you accomplish these goals? - ANS Implement a synchronized, one-time
password token-based authentication system.
How can a user be assured that a file downloaded from a vendor's Web site is free from
malicious code? - ANS Check the file's signature and hash calculation.
Why do many security monitoring systems produce a visualization of the collected
results? - ANS It represents complex or bulky data in an easy to understand format.
What is the name of a cryptographic attack based on a database of pre-computed hash
values and the original plaintext values? - ANS Rainbow table attack
In addition to having at least one year of relevant experience in a domain of SSCP, what
is another requirement to be qualified to take the SSCP exam? - ANS Agreeing to abide
by the (ISC)2 Code Of Ethics
What is the definition of the principle of least privilege? - ANS Users are assigned
minimal privileges sufficient to accomplish job responsibilities.
A common attack against converged network communications is eavesdropping. How
can this attack be prevented? - ANS Use a VPN.
, What is the term used to describe an entry in a database describing a violation or
exploit which is used to match real-time events in order to detect and record attacks by
the continuous monitoring solution? - ANS Signature
What would the most successful means of attacking an environment relying upon guest
OSes that would result in the destruction or loss of use of the guest OSes be? - ANS
Compromise the host OS.
What is the technology that enables a user to authenticate to a company network from
their assigned workstation and then be able to interact with resources throughout the
private network without needing to enter additional credentials? - ANS Single sign-on
What is a means to ensure that endpoint devices can interact with the Internet while
minimizing risk of system compromise? - ANS Use a virtualized OS.
When designing end-user training to teach employees about using cryptography within
business tasks, which of the following is an important element to include? - ANS The
consequences of failing to encrypt
Which of the following is not considered an example of a non-discretionary access
control system? - ANS ACL
John works in an organization. He is trying to insert a password to log in his account on
the organization's login website. Which of the following best describes the use of
passwords for access control? - ANS Authentication
What virtual environment tool allows for testing and experimentation within a guest OS
while providing a means to roll-back to a previous stable state in just seconds? - ANS
Snapshots
What is the cost benefit equation? - ANS [ALE1 - ALE2] - CCM
When network access control (NAC) determines that a system lacks specific
configuration settings or is missing a required update, what should occur? - ANS
Quarantine
What is a common means to discover a violating event? - ANS Intrusion detection
system (IDS)
When performing system hardening, what are the two primary phases or operations to
be performed? - ANS Remove what is unnecessary, and lock down whatever remains.
Performing essential business processes in a cloud solution is an attractive concept for
many organizations. What needs to be crafted and reviewed carefully to ensure that a
cloud service provides the necessarily level of service and security demanded by your
organization and which is legally enforceable? - ANS SLA
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Lectjoe. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $25.49. You're not tied to anything after your purchase.
