(ISC)2 SSCP Systems Security
Certified Practitioner Official
Practice Tests - Part 1 Of 5
questions with complete
verified solutions (graded A+)
Which of the following is not a type of attack used against access
controls?
A. Dictionary attack
B. Brute-force attack
C. Teardrop
D. Man-in-the-middle attack - answer C. Teardrop
Dictionary, brute-force, and man-in-the-middle attacks are all types of
attacks that are frequently aimed at access controls. Teardrop attacks are
a type of denial-of-service attack.
George is assisting a prosecutor with a case against a hacker who
attempted to break into the computer systems at George's company. He
provides system logs to the prosecutor for use as evidence, but the
prosecutor insists that George testify in court about how he gathered the
logs. What rule of evidence requires George's testimony?
A. Testimonial evidence rule
B. Parol evidence rule
C. Best evidence rule
D. Hearsay rule - answer D. Hearsay rule
The hearsay rule says that a witness cannot testify about what someone
else told them, except under specific exceptions. The courts have applied
the hearsay rule to include the concept that attorneys may not introduce
, logs into evidence unless they are authenticated by the system
administrator. The best evidence rule states that copies of documents may
not be submitted into evidence if the originals are available. The parol
evidence rule states that if two parties enter into a written agreement,
that written document is assumed to contain all the terms of the
agreement. Testimonial evidence is a type of evidence, not a rule of
evidence.
Jim has been asked to individually identify devices that users are bringing
to work as part of a new BYOD policy. The devices will not be joined to a
central management system like Active Directory, but he still needs to
uniquely identify the systems. Which of the following options will provide
Jim with the best means of reliably identifying each unique device?
A. Record the MAC address of each system.
B. Require users to fill out a form to register each system.
C. Scan each system using a port scanner.
D. Use device fingerprinting via a web-based registration system. - answer
D. Use device fingerprinting via a web-based registration system.
Device fingerprinting via a web portal can require user authentication and
can gather data like operating systems, versions, software information,
and many other factors that can uniquely identify systems. Using an
automated fingerprinting system is preferable to handling manual
registration, and pairing user authentication with data gathering provides
more detail than a port scan. MAC addresses can be spoofed, and systems
may have more than one depending on how many network interfaces they
have, which can make unique identification challenging.
Greg would like to implement application control technology in his
organization. He would like to limit users to installing only approved
software on their systems. What type of application control would be
appropriate in this situation?
A. Blacklisting
B. Graylisting
C. Whitelisting
D. Bluelisting - answer C. Whitelisting
Certified Practitioner Official
Practice Tests - Part 1 Of 5
questions with complete
verified solutions (graded A+)
Which of the following is not a type of attack used against access
controls?
A. Dictionary attack
B. Brute-force attack
C. Teardrop
D. Man-in-the-middle attack - answer C. Teardrop
Dictionary, brute-force, and man-in-the-middle attacks are all types of
attacks that are frequently aimed at access controls. Teardrop attacks are
a type of denial-of-service attack.
George is assisting a prosecutor with a case against a hacker who
attempted to break into the computer systems at George's company. He
provides system logs to the prosecutor for use as evidence, but the
prosecutor insists that George testify in court about how he gathered the
logs. What rule of evidence requires George's testimony?
A. Testimonial evidence rule
B. Parol evidence rule
C. Best evidence rule
D. Hearsay rule - answer D. Hearsay rule
The hearsay rule says that a witness cannot testify about what someone
else told them, except under specific exceptions. The courts have applied
the hearsay rule to include the concept that attorneys may not introduce
, logs into evidence unless they are authenticated by the system
administrator. The best evidence rule states that copies of documents may
not be submitted into evidence if the originals are available. The parol
evidence rule states that if two parties enter into a written agreement,
that written document is assumed to contain all the terms of the
agreement. Testimonial evidence is a type of evidence, not a rule of
evidence.
Jim has been asked to individually identify devices that users are bringing
to work as part of a new BYOD policy. The devices will not be joined to a
central management system like Active Directory, but he still needs to
uniquely identify the systems. Which of the following options will provide
Jim with the best means of reliably identifying each unique device?
A. Record the MAC address of each system.
B. Require users to fill out a form to register each system.
C. Scan each system using a port scanner.
D. Use device fingerprinting via a web-based registration system. - answer
D. Use device fingerprinting via a web-based registration system.
Device fingerprinting via a web portal can require user authentication and
can gather data like operating systems, versions, software information,
and many other factors that can uniquely identify systems. Using an
automated fingerprinting system is preferable to handling manual
registration, and pairing user authentication with data gathering provides
more detail than a port scan. MAC addresses can be spoofed, and systems
may have more than one depending on how many network interfaces they
have, which can make unique identification challenging.
Greg would like to implement application control technology in his
organization. He would like to limit users to installing only approved
software on their systems. What type of application control would be
appropriate in this situation?
A. Blacklisting
B. Graylisting
C. Whitelisting
D. Bluelisting - answer C. Whitelisting
