WGU C845 SSCP Exam Prep – ISC2™ Systems
Security Certified Practitioner | Latest Update
2026 | Graded A+
Designed by MasterCard and Visa, this type of protocol offers protection to electronic
transactions? - correct answerSET
Which of the following is a hardware token that generates a random string of characters
to enter into a corresponding authentication application? - correct answerKey fob
Which is NOT a characteristic of the RSA algorithm? - correct answerIs based on
symmetric algorithm
Which logical topology usually has a physical star topology - correct answer
What type of malicious code disguises itself as a legitimate or serviceable program? -
correct answerTrojan Horse
What access control locks information used in mission critical systems and applications
based on sensitivity levels (Confidential, Top Secret, etc.)? - correct answerMAC -
Mandatory Access Control
What is the nickname given to the Trusted Computer Security Evaluation Criteria
(TCSEC) book, according to IT professionals? - correct answerThe orange book
PEM and PGP programs use which form of encryption, enabling users to send and
receive encrypted messages? - correct answerRSA
If your organization wants the most efficient restore from backup, which type of backup
would you choose? - correct answerFull
What is considered the most dangerous component of a virus program? - correct
answerPayload
Choose the password configuration rules enforced by the Passfilt.dll Windows add-on. -
correct answerPassword must have a combination of upper case, lower case, numbers,
and special characters; including a 6 character minimum password length
Encryption is attained at what layer of the OSI model? - correct answerPresentation
Layer - Layer 6
,Which of the following are effective email controls? - correct answerSpam filtering, anti-
virus, monitor outbound traffic, and train employees on the secure use of personal email
What program is designed to intentionally create a clandestine avenue of access or a
security gap within an information system? - correct answerBackdoor
Which technology includes the X.500 protocol? - correct answerLDAP
What is the main difference between a phreak and a hacker? - correct answerPhreaks
specifically target telephone networks
What categories do password cracking tools belong to? - correct answerBrute Force
and Dictionary
What is the collection of hardware, firmware, and software that implements the
reference monitor concept? - correct answerSecurity Kernel
What is the first phase of most life-cycle models for IT systems? - correct
answerInitiation
The most common security weaknesses and exploits are in which standardized list? -
correct answerCVE - Common Vulnerabilities and Exposures
Stronger security controls help overcome the weakness of human error and lack of
training and awareness. - correct answerFalse
Which is an information path within a computer system not used for communications
under normal circumstances? - correct answerCovert channel
How are clipping levels useful to an information security professional? - correct
answerReduce the amount of data to be evaluated
Based on the OSI Model, which layer includes FTP, HTTP, and SMTP? - correct
answerLayer 7 - Application
Password policies apply to which of the following? - correct answerAll of the above
Which low tech attack remains an effective method to gain unauthorized access to
network systems? - correct answerSocial Engineering
Which of the following is the "brain" of virtualization? - correct answerHybervisor
(Hypervisor)
Which of the following security mechanisms is most sophisticated, but least widely
employed? - correct answerBiometrics
, Which of the following is NOT one of the trust categories regarding Web of Trust? -
correct answer
Which attribute constitutes the ability to identify and/or audit a user and his/her actions?
- correct answerAccountability
Stronger security controls help overcome the weakness of human error and lack of
training and awareness. - correct answerFalse
After vulnerabilities have been classified and countermeasures have been deployed,
what is the risk that remains? - correct answerResidual risk
Which of the following is used to set the largest packet size that can be sent over a
network? - correct answerMaximum transmission unit MTU
Which of the following is a set of system, software, and communications protocols
employed to use, manage, and control public key crypto? - correct answerPublic Key
Infrastructure (PKI)
A computer forensics specialist should be attempting to attain which ultimate goal? -
correct answerPreserve electronic evidence and protect it from any alteration
What are the mandatory steps for the proper collection of digital evidence? - correct
answerConduct a bit-level backup of data and document the chain of evidence by taking
good notes
Through what method of deduction is two-factor authentication achieved using your
ATM card? - correct answerIt combines something you have with something you know
Which category of tools or initiatives is implemented for the goal of neutralizing threats
and vulnerabilities? - correct answerCountermeasures
Based on the control categories listed below, which of the following would include an
intrusion detection system? - correct answerDetective
What type of algorithm best describes MD5? - correct answerOne way hash
External trust relationships often feature transitive control. - correct answerFalse
A server offering AAA services must provide which services? - correct
answerAccounting, Authentication, and Authorization
What style of attack is characterized by the act of intercepting the first message in a
public key exchange, followed by the substitution of an original key by a bogus key? -
correct answerMan in the Middle
Security Certified Practitioner | Latest Update
2026 | Graded A+
Designed by MasterCard and Visa, this type of protocol offers protection to electronic
transactions? - correct answerSET
Which of the following is a hardware token that generates a random string of characters
to enter into a corresponding authentication application? - correct answerKey fob
Which is NOT a characteristic of the RSA algorithm? - correct answerIs based on
symmetric algorithm
Which logical topology usually has a physical star topology - correct answer
What type of malicious code disguises itself as a legitimate or serviceable program? -
correct answerTrojan Horse
What access control locks information used in mission critical systems and applications
based on sensitivity levels (Confidential, Top Secret, etc.)? - correct answerMAC -
Mandatory Access Control
What is the nickname given to the Trusted Computer Security Evaluation Criteria
(TCSEC) book, according to IT professionals? - correct answerThe orange book
PEM and PGP programs use which form of encryption, enabling users to send and
receive encrypted messages? - correct answerRSA
If your organization wants the most efficient restore from backup, which type of backup
would you choose? - correct answerFull
What is considered the most dangerous component of a virus program? - correct
answerPayload
Choose the password configuration rules enforced by the Passfilt.dll Windows add-on. -
correct answerPassword must have a combination of upper case, lower case, numbers,
and special characters; including a 6 character minimum password length
Encryption is attained at what layer of the OSI model? - correct answerPresentation
Layer - Layer 6
,Which of the following are effective email controls? - correct answerSpam filtering, anti-
virus, monitor outbound traffic, and train employees on the secure use of personal email
What program is designed to intentionally create a clandestine avenue of access or a
security gap within an information system? - correct answerBackdoor
Which technology includes the X.500 protocol? - correct answerLDAP
What is the main difference between a phreak and a hacker? - correct answerPhreaks
specifically target telephone networks
What categories do password cracking tools belong to? - correct answerBrute Force
and Dictionary
What is the collection of hardware, firmware, and software that implements the
reference monitor concept? - correct answerSecurity Kernel
What is the first phase of most life-cycle models for IT systems? - correct
answerInitiation
The most common security weaknesses and exploits are in which standardized list? -
correct answerCVE - Common Vulnerabilities and Exposures
Stronger security controls help overcome the weakness of human error and lack of
training and awareness. - correct answerFalse
Which is an information path within a computer system not used for communications
under normal circumstances? - correct answerCovert channel
How are clipping levels useful to an information security professional? - correct
answerReduce the amount of data to be evaluated
Based on the OSI Model, which layer includes FTP, HTTP, and SMTP? - correct
answerLayer 7 - Application
Password policies apply to which of the following? - correct answerAll of the above
Which low tech attack remains an effective method to gain unauthorized access to
network systems? - correct answerSocial Engineering
Which of the following is the "brain" of virtualization? - correct answerHybervisor
(Hypervisor)
Which of the following security mechanisms is most sophisticated, but least widely
employed? - correct answerBiometrics
, Which of the following is NOT one of the trust categories regarding Web of Trust? -
correct answer
Which attribute constitutes the ability to identify and/or audit a user and his/her actions?
- correct answerAccountability
Stronger security controls help overcome the weakness of human error and lack of
training and awareness. - correct answerFalse
After vulnerabilities have been classified and countermeasures have been deployed,
what is the risk that remains? - correct answerResidual risk
Which of the following is used to set the largest packet size that can be sent over a
network? - correct answerMaximum transmission unit MTU
Which of the following is a set of system, software, and communications protocols
employed to use, manage, and control public key crypto? - correct answerPublic Key
Infrastructure (PKI)
A computer forensics specialist should be attempting to attain which ultimate goal? -
correct answerPreserve electronic evidence and protect it from any alteration
What are the mandatory steps for the proper collection of digital evidence? - correct
answerConduct a bit-level backup of data and document the chain of evidence by taking
good notes
Through what method of deduction is two-factor authentication achieved using your
ATM card? - correct answerIt combines something you have with something you know
Which category of tools or initiatives is implemented for the goal of neutralizing threats
and vulnerabilities? - correct answerCountermeasures
Based on the control categories listed below, which of the following would include an
intrusion detection system? - correct answerDetective
What type of algorithm best describes MD5? - correct answerOne way hash
External trust relationships often feature transitive control. - correct answerFalse
A server offering AAA services must provide which services? - correct
answerAccounting, Authentication, and Authorization
What style of attack is characterized by the act of intercepting the first message in a
public key exchange, followed by the substitution of an original key by a bogus key? -
correct answerMan in the Middle
