Package deal
SSCP ( Systems Security Certified Practitioner) TESTS COMPILATION BUNDLE
SSCP ( Systems Security Certified Practitioner) TESTS COMPILATION BUNDLE
[Show more]SSCP ( Systems Security Certified Practitioner) TESTS COMPILATION BUNDLE
[Show more]Access Control Object correct answer: A passive entity that typically receives or contains some form of data. 
 
Access Control Subject correct answer: An active entity and can be any user, program, or process that requests permission to cause data to flow from an access control object to the acce...
Preview 2 out of 15 pages
Add to cartAccess Control Object correct answer: A passive entity that typically receives or contains some form of data. 
 
Access Control Subject correct answer: An active entity and can be any user, program, or process that requests permission to cause data to flow from an access control object to the acce...
3DES Triple DES A symmetric encryption algorithm that uses either two (key 1 and key 3 are the same) or three keys and improves upon the Data Encryption Standard algorithm. 
 
AAA Triple A Referred to as the AAA of access control- authentication, authorization, and accounting. 
 
access contro...
Preview 2 out of 13 pages
Add to cart3DES Triple DES A symmetric encryption algorithm that uses either two (key 1 and key 3 are the same) or three keys and improves upon the Data Encryption Standard algorithm. 
 
AAA Triple A Referred to as the AAA of access control- authentication, authorization, and accounting. 
 
access contro...
Malicious Code 
(Malicious Code Naming Conventions) a type of code introduced into a computer system with the purpose of corrupting data, deleting documents, making systems unavailable, or simply defacing web pages. 
 
Domains that provide the framework for IT security best practice. 
(Malicious ...
Preview 4 out of 48 pages
Add to cartMalicious Code 
(Malicious Code Naming Conventions) a type of code introduced into a computer system with the purpose of corrupting data, deleting documents, making systems unavailable, or simply defacing web pages. 
 
Domains that provide the framework for IT security best practice. 
(Malicious ...
[Security Fundamentals] 
 
How many years of experience are required to earn the Associate of (ISC)2 designation? 
 
A. Zero 
B. One 
C. Two 
D. Five A 
 
[Security Fundamentals] 
 
What are the three elements of the security triad? 
 
A. Authentication authorization, and accounting 
B. Confid...
Preview 4 out of 58 pages
Add to cart[Security Fundamentals] 
 
How many years of experience are required to earn the Associate of (ISC)2 designation? 
 
A. Zero 
B. One 
C. Two 
D. Five A 
 
[Security Fundamentals] 
 
What are the three elements of the security triad? 
 
A. Authentication authorization, and accounting 
B. Confid...
Incidents are what? correct answer: Events that are violations or imminent treat of a violation of computer security policies, acceptable use policies or standard security practices 
 
Are events incidents? correct answer: no, but all incidents are events 
 
What are Incident handling preparations...
Preview 2 out of 10 pages
Add to cartIncidents are what? correct answer: Events that are violations or imminent treat of a violation of computer security policies, acceptable use policies or standard security practices 
 
Are events incidents? correct answer: no, but all incidents are events 
 
What are Incident handling preparations...
What makes up the CIA triad? correct answer: Confidentiality Integrity Availability 
 
A term that refers to the minimum amount of people to perform a highly sensitive action. correct answer: M of N control 
multiple agents with the capability (M), and the minimum number of these agents (N) in ord...
Preview 4 out of 58 pages
Add to cartWhat makes up the CIA triad? correct answer: Confidentiality Integrity Availability 
 
A term that refers to the minimum amount of people to perform a highly sensitive action. correct answer: M of N control 
multiple agents with the capability (M), and the minimum number of these agents (N) in ord...
Risk refers to what? correct answer: The probability of an incident occurring that can result in some negative impact 
 
Effective way to ensure zero risk? correct answer: None 
not engaging in the activity that introduces that risk 
 
Risk Register correct answer: Detailed document of compiled ...
Preview 1 out of 4 pages
Add to cartRisk refers to what? correct answer: The probability of an incident occurring that can result in some negative impact 
 
Effective way to ensure zero risk? correct answer: None 
not engaging in the activity that introduces that risk 
 
Risk Register correct answer: Detailed document of compiled ...
How many years of experience are required to earn the Associate of (ISC)2 designation? 
 
A. Zero 
B. One 
C. Two 
D. Five correct answer: [Security Fundamentals] 
 
A. You don't need to meet the experience requirement to earn the Associate of (ISC)2 designation, so zero years of experience are ...
Preview 4 out of 77 pages
Add to cartHow many years of experience are required to earn the Associate of (ISC)2 designation? 
 
A. Zero 
B. One 
C. Two 
D. Five correct answer: [Security Fundamentals] 
 
A. You don't need to meet the experience requirement to earn the Associate of (ISC)2 designation, so zero years of experience are ...
The most common security weaknesses and exploits are in which standardized list? correct answer: D. CVE - Common Vulnerabilities and Exposures 
 
Choose the password configuration rules enforced by the P Windows add-on. correct answer: C. Password must have a combination of upper case, lower case,...
Preview 1 out of 3 pages
Add to cartThe most common security weaknesses and exploits are in which standardized list? correct answer: D. CVE - Common Vulnerabilities and Exposures 
 
Choose the password configuration rules enforced by the P Windows add-on. correct answer: C. Password must have a combination of upper case, lower case,...
Access Control Object correct answer: A passive entity that typically receives or contains some form of data. 
 
Access Control Subject correct answer: An active entity and can be any user, program, or process that requests permission to cause data to flow from an access control object to the acce...
Preview 2 out of 10 pages
Add to cartAccess Control Object correct answer: A passive entity that typically receives or contains some form of data. 
 
Access Control Subject correct answer: An active entity and can be any user, program, or process that requests permission to cause data to flow from an access control object to the acce...
DES - Data Encryption standard has a 128 bit key and is very difficult to break. 
 
A. True 
B. False correct answer: B 
 
What is the main difference between computer abuse and computer crime? 
 
A. Amount of damage 
B. Intentions of the perpetrator 
C. Method of compromise 
D. Abuse = company ins...
Preview 3 out of 20 pages
Add to cartDES - Data Encryption standard has a 128 bit key and is very difficult to break. 
 
A. True 
B. False correct answer: B 
 
What is the main difference between computer abuse and computer crime? 
 
A. Amount of damage 
B. Intentions of the perpetrator 
C. Method of compromise 
D. Abuse = company ins...
A worm recently infected the company network. You have identified that this issue occured due to employees accessing a malicious web site. You need to prevent employees from accessing this site in the future. What should you do? correct answer: Configure an ACL on the border router 
 
What is defin...
Preview 3 out of 22 pages
Add to cartA worm recently infected the company network. You have identified that this issue occured due to employees accessing a malicious web site. You need to prevent employees from accessing this site in the future. What should you do? correct answer: Configure an ACL on the border router 
 
What is defin...
Caesar cipher is a type of __. correct answer: substitution (cipher) 
 
two plaintexts results in the same hash value correct answer: collision 
 
Type of impact analysis that identifies areas for immediate improvement correct answer: qualitative (impact analysis) 
 
tunneling (between networks) ...
Preview 2 out of 10 pages
Add to cartCaesar cipher is a type of __. correct answer: substitution (cipher) 
 
two plaintexts results in the same hash value correct answer: collision 
 
Type of impact analysis that identifies areas for immediate improvement correct answer: qualitative (impact analysis) 
 
tunneling (between networks) ...
What is salt in the IT World? correct answer: random piece of additional input data that provided to a one way hashing function 
 
Salting is often used with what? correct answer: passwords and passphrases 
 
In Salting what is stored? correct answer: the hash is stored not the actual password or...
Preview 1 out of 4 pages
Add to cartWhat is salt in the IT World? correct answer: random piece of additional input data that provided to a one way hashing function 
 
Salting is often used with what? correct answer: passwords and passphrases 
 
In Salting what is stored? correct answer: the hash is stored not the actual password or...
Availability correct answer: Refers to the ability to access and use information systems when and as needed to support an organization's operations. 
 
Breach correct answer: The intentional or unintentional release of secure information to an untrusted environment. 
 
CMDB correct answer: A con...
Preview 2 out of 10 pages
Add to cartAvailability correct answer: Refers to the ability to access and use information systems when and as needed to support an organization's operations. 
 
Breach correct answer: The intentional or unintentional release of secure information to an untrusted environment. 
 
CMDB correct answer: A con...
ARO correct answer: Incidents/year 
 
What does STRIDE stand for? correct answer: Spoofing 
Tampering 
Repudiation 
Information disclosure 
Denial of service 
Elevation of privilege 
 
Reduction Analysis correct answer: Breaks a system down into smaller components 
 
What does repeated software ...
Preview 3 out of 17 pages
Add to cartARO correct answer: Incidents/year 
 
What does STRIDE stand for? correct answer: Spoofing 
Tampering 
Repudiation 
Information disclosure 
Denial of service 
Elevation of privilege 
 
Reduction Analysis correct answer: Breaks a system down into smaller components 
 
What does repeated software ...
Referred to as the AAA of access control: authentication, authorization, 
and accounting correct answer: AAA, Triple A 
 
A list of subjects and assigned rights used in access control. correct answer: access control list (ACL) 
 
Referred to as the AAA of access control: authentication, authorizat...
Preview 3 out of 22 pages
Add to cartReferred to as the AAA of access control: authentication, authorization, 
and accounting correct answer: AAA, Triple A 
 
A list of subjects and assigned rights used in access control. correct answer: access control list (ACL) 
 
Referred to as the AAA of access control: authentication, authorizat...
CIANA Security Paradigm correct answer: 1. Confidentiality 
2. Integrity 
3. Authorization 
4. Nonrepudiation 
5. Authentication 
 
Confidentiality correct answer: violated if any process or person can read, copy, redistribute, or make use of data we deem private or of competitive advantage worth...
Preview 4 out of 35 pages
Add to cartCIANA Security Paradigm correct answer: 1. Confidentiality 
2. Integrity 
3. Authorization 
4. Nonrepudiation 
5. Authentication 
 
Confidentiality correct answer: violated if any process or person can read, copy, redistribute, or make use of data we deem private or of competitive advantage worth...
A mode of operation for a block cipher, with the 
characteristic that each possible block of plaintext has a defined corresponding ciphertext 
value, and vice versa correct answer: Electronic Code Book (ECB) 
 
Which block cipher mode is MOST susceptible to plaintext attacks? correct answer: ECB 
...
Preview 3 out of 17 pages
Add to cartA mode of operation for a block cipher, with the 
characteristic that each possible block of plaintext has a defined corresponding ciphertext 
value, and vice versa correct answer: Electronic Code Book (ECB) 
 
Which block cipher mode is MOST susceptible to plaintext attacks? correct answer: ECB 
...
DES - Data Encryption standard has a 128 bit key and is very difficult to break. 
 
A. True 
B. False correct answer: B 
 
What is the main difference between computer abuse and computer crime? 
 
A. Amount of damage 
B. Intentions of the perpetrator 
C. Method of compromise 
D. Abuse = company ins...
Preview 4 out of 47 pages
Add to cartDES - Data Encryption standard has a 128 bit key and is very difficult to break. 
 
A. True 
B. False correct answer: B 
 
What is the main difference between computer abuse and computer crime? 
 
A. Amount of damage 
B. Intentions of the perpetrator 
C. Method of compromise 
D. Abuse = company ins...
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Stuvia is a marketplace, so you are not buying this document from us, but from seller Classroom. Stuvia facilitates payment to the seller.
No, you only buy these notes for $30.49. You're not tied to anything after your purchase.
4.6 stars on Google & Trustpilot (+1000 reviews)
76799 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now