SSCP CERTIFICATION QUESTIONS AND
ANSWERS
Which of the following statements pertaining to protection rings is false? - Correct
Answers -They provide users with a direct access to peripherals.
Which of the following choices describe a condition when RAM and secondary storage
are used together? - Correct Answers -Virtual Storage
Which of the following embodies all of the detailed actions that personnel are required
to follow? - Correct Answers -Procedures
Related to information security, the guarantee that the message sent is the message
received with the assurance that the message was not intentionally or unintentionally
altered is an example of which of the following? - Correct Answers -Integrity
Related to information security, the prevention of the intentional or unintentional
unauthorized disclosure of contents is which of the following? - Correct Answers -
Confidentiality
Related to information security, availability is the opposite of which of the following? -
Correct Answers -Destruction
Which of the following is not a responsibility of an information (data) owner? - Correct
Answers -Running regular backups and periodically testing the validity of the backup
data.
Which of the following would be the best criterion to consider in determining the
classification of an information asset? - Correct Answers -Value
According to the private sector data classification levels, how would salary levels and
medical information be classified? - Correct Answers -Confidential
Within the context of the CBK, (common body of knowledge) which of the following
provides a MINIMUM level of security ACCEPTABLE for an environment? - Correct
Answers -A baseline
What are the three FUNDAMENTAL principles of security? - Correct Answers -
Confidentiality, integrity, and availability
ANSWERS
Which of the following statements pertaining to protection rings is false? - Correct
Answers -They provide users with a direct access to peripherals.
Which of the following choices describe a condition when RAM and secondary storage
are used together? - Correct Answers -Virtual Storage
Which of the following embodies all of the detailed actions that personnel are required
to follow? - Correct Answers -Procedures
Related to information security, the guarantee that the message sent is the message
received with the assurance that the message was not intentionally or unintentionally
altered is an example of which of the following? - Correct Answers -Integrity
Related to information security, the prevention of the intentional or unintentional
unauthorized disclosure of contents is which of the following? - Correct Answers -
Confidentiality
Related to information security, availability is the opposite of which of the following? -
Correct Answers -Destruction
Which of the following is not a responsibility of an information (data) owner? - Correct
Answers -Running regular backups and periodically testing the validity of the backup
data.
Which of the following would be the best criterion to consider in determining the
classification of an information asset? - Correct Answers -Value
According to the private sector data classification levels, how would salary levels and
medical information be classified? - Correct Answers -Confidential
Within the context of the CBK, (common body of knowledge) which of the following
provides a MINIMUM level of security ACCEPTABLE for an environment? - Correct
Answers -A baseline
What are the three FUNDAMENTAL principles of security? - Correct Answers -
Confidentiality, integrity, and availability
