WGU C846 Information Systems Security SSCP
Comprehensive Resource To Help You Ace 2026-
2027 Includes Frequently Tested Questions With
ELABORATED 100% Correct COMPLETE
SOLUTIONS
Guaranteed Pass First Attempt!!
Current Update!!
1. What type of virus is characterized by the use of two or more different
propagation mechanisms to improve its likelihood of spreading between systems?
- ANSWER Multipartite virus - Multipartite viruses use multiple propagation
mechanisms to spread between systems. This improves their likelihood of
successfully infecting a system because it provides alternative infection
mechanisms that may be successful against systems that are not vulnerable to the
primary infection mechanism.
2. Which one of the following provides an authentication mechanism that would
be appropriate for pairing with a password to achieve multifactor authentication?
- ANSWER Fingerprint Scan - A fingerprint scan is an example of a "something
you are" factor, which would be appropriate for pairing with a "something you
know" password to achieve multifactor authentication. A username is not an
authentication factor. PINs and security questions are both "something you know,"
which would not achieve multifactor authentication when paired with a password
because both methods would come from the same category, failing the
requirement for multifactor authentication.
,3. Colleen is conducting a business impact assessment for her organization. What
metric provides important information about the amount of time that the
organization may be without a service before causing irreparable harm?
- ANSWER MTD - The maximum tolerable downtime (MTD) is the amount of
time that a business may be without a service before irreparable harm occurs.
This measure is sometimes also called maximum tolerable outage (MTO).
4. The separation of network infrastructure from the control layer, combined with
the ability to centrally program a network design in a vendor-neutral, standards-
based implementation, is an example of what important concept?
- ANSWER SDN, a converged protocol that allows network virtualization -
Software-defined networking (SDN) is a converged protocol that allows
virtualization concepts and practices to be applied to networks. MPLS handles a
wide range of protocols like ATM, DSL, and others, but isn't intended to provide
the centralization capabilities that SDN does. Content distribution network (CDN)
is not a converged protocol, and FCoE is Fibre Channel over Ethernet, a converged
protocol for storage.
5. Ben is selecting an encryption algorithm for use in an organization with 10,000
employees. He must facilitate communication between any two employees within
the organization. Which one of the following algorithms would allow him to meet
this goal with the least time dedicated to key management?
- ANSWER RSA - RSA is an asymmetric encryption algorithm that requires only
two keys for each user. IDEA, 3DES, and Skipjack are all symmetric encryption
algorithms and would require a key for every unique pair of users in the system.
6. Which of the following is used only to encrypt data in transit over a network
and cannot be used to encrypt data at rest?
- ANSWER TKIP - TKIP is used only as a means to encrypt transmissions and is
not used for data at rest. RSA, AES, and 3DES are all used on data at rest as well as
data in transit.
,7. Which one of the following tools may be used to achieve the goal of
nonrepudiation?
- ANSWER Digital signature - Applying a digital signature to a message allows
the sender to achieve the goal of nonrepudiation. This allows the recipient of a
message to prove to a third party that the message came from the purported
sender. Symmetric encryption does not support nonrepudiation. Firewalls and IDS
are network security tools that are not used to provide nonrepudiation.
8. When should an organization conduct a review of the privileged access that a
user has to sensitive systems?
A. On a periodic basis
B. When a user leaves the organization
C. When a user changes roles
D. All of the above
- ANSWER All of the above - Privileged access reviews are one of the most
critical components of an organization's security program because they ensure
that only authorized users have access to perform the most sensitive operations.
They should take place whenever a user with privileged access leaves the
organization or changes roles as well as on a regular, recurring basis.
9. Nessus, OpenVAS, and SAINT are all examples of what type of tool?
- ANSWER Vulnerability scanners - Nessus, OpenVAS, and SAINT are all
vulnerability scanning tools. All provide port scanning capabilities as well but are
more than simple port scanning tools.
10. Kolin is searching for a network security solution that will allow him to help
reduce zero-day attacks while using identities to enforce a security policy on
systems before they connect to the network. What type of solution should Kolin
implement?
- ANSWER A NAC system - Network access control (NAC) systems can be used
to authenticate users and then validate their system's compliance with a security
standard before they are allowed to connect to the network. Enforcing security
, profiles can help reduce zero-day attacks, making NAC a useful solution. A firewall
can't enforce system security policies, whereas an IDS can only monitor for attacks
and alarm when they happen. Thus, neither a firewall nor an IDS meets Kolin's
needs. Finally, port security is a MAC address-based security feature that can
restrict only which systems or devices can connect to a given port.
11. How many possible keys exist when using a cryptographic algorithm that has
an 8-bit binary encryption key?
- ANSWER 256 - Binary keyspaces contain a number of keys equal to 2 raised
to the power of the number of bits. Two to the eighth power is 256, so an 8-bit
keyspace contains 256 possible keys.
12. In what cloud computing model does the customer build a cloud computing
environment in his or her own data center or build an environment in another
data center that is for the customer's exclusive use?
- ANSWER Private cloud - In the private cloud computing model, the cloud
computing environment is dedicated to a single organization and does not follow
the shared tenancy model. The environment may be built by the company in its
own data center or built by a vendor at a co-location site.
13. What major issue often results from decentralized access control?
- ANSWER Control is not consistent. - Decentralized access control can result
in less consistency because the individuals tasked with control may interpret
policies and requirements differently and may perform their roles in different
ways. Access outages, overly granular control, and training costs may occur,
depending on specific implementations, but they are not commonly identified
issues with decentralized access control.
14. In what model of cloud computing do two or more organizations collaborate
to build a shared cloud computing environment that is for their own use?
- ANSWER Community cloud - In the community cloud computing model, two
or more organizations pool their resources to create a cloud environment that
they then share.
Comprehensive Resource To Help You Ace 2026-
2027 Includes Frequently Tested Questions With
ELABORATED 100% Correct COMPLETE
SOLUTIONS
Guaranteed Pass First Attempt!!
Current Update!!
1. What type of virus is characterized by the use of two or more different
propagation mechanisms to improve its likelihood of spreading between systems?
- ANSWER Multipartite virus - Multipartite viruses use multiple propagation
mechanisms to spread between systems. This improves their likelihood of
successfully infecting a system because it provides alternative infection
mechanisms that may be successful against systems that are not vulnerable to the
primary infection mechanism.
2. Which one of the following provides an authentication mechanism that would
be appropriate for pairing with a password to achieve multifactor authentication?
- ANSWER Fingerprint Scan - A fingerprint scan is an example of a "something
you are" factor, which would be appropriate for pairing with a "something you
know" password to achieve multifactor authentication. A username is not an
authentication factor. PINs and security questions are both "something you know,"
which would not achieve multifactor authentication when paired with a password
because both methods would come from the same category, failing the
requirement for multifactor authentication.
,3. Colleen is conducting a business impact assessment for her organization. What
metric provides important information about the amount of time that the
organization may be without a service before causing irreparable harm?
- ANSWER MTD - The maximum tolerable downtime (MTD) is the amount of
time that a business may be without a service before irreparable harm occurs.
This measure is sometimes also called maximum tolerable outage (MTO).
4. The separation of network infrastructure from the control layer, combined with
the ability to centrally program a network design in a vendor-neutral, standards-
based implementation, is an example of what important concept?
- ANSWER SDN, a converged protocol that allows network virtualization -
Software-defined networking (SDN) is a converged protocol that allows
virtualization concepts and practices to be applied to networks. MPLS handles a
wide range of protocols like ATM, DSL, and others, but isn't intended to provide
the centralization capabilities that SDN does. Content distribution network (CDN)
is not a converged protocol, and FCoE is Fibre Channel over Ethernet, a converged
protocol for storage.
5. Ben is selecting an encryption algorithm for use in an organization with 10,000
employees. He must facilitate communication between any two employees within
the organization. Which one of the following algorithms would allow him to meet
this goal with the least time dedicated to key management?
- ANSWER RSA - RSA is an asymmetric encryption algorithm that requires only
two keys for each user. IDEA, 3DES, and Skipjack are all symmetric encryption
algorithms and would require a key for every unique pair of users in the system.
6. Which of the following is used only to encrypt data in transit over a network
and cannot be used to encrypt data at rest?
- ANSWER TKIP - TKIP is used only as a means to encrypt transmissions and is
not used for data at rest. RSA, AES, and 3DES are all used on data at rest as well as
data in transit.
,7. Which one of the following tools may be used to achieve the goal of
nonrepudiation?
- ANSWER Digital signature - Applying a digital signature to a message allows
the sender to achieve the goal of nonrepudiation. This allows the recipient of a
message to prove to a third party that the message came from the purported
sender. Symmetric encryption does not support nonrepudiation. Firewalls and IDS
are network security tools that are not used to provide nonrepudiation.
8. When should an organization conduct a review of the privileged access that a
user has to sensitive systems?
A. On a periodic basis
B. When a user leaves the organization
C. When a user changes roles
D. All of the above
- ANSWER All of the above - Privileged access reviews are one of the most
critical components of an organization's security program because they ensure
that only authorized users have access to perform the most sensitive operations.
They should take place whenever a user with privileged access leaves the
organization or changes roles as well as on a regular, recurring basis.
9. Nessus, OpenVAS, and SAINT are all examples of what type of tool?
- ANSWER Vulnerability scanners - Nessus, OpenVAS, and SAINT are all
vulnerability scanning tools. All provide port scanning capabilities as well but are
more than simple port scanning tools.
10. Kolin is searching for a network security solution that will allow him to help
reduce zero-day attacks while using identities to enforce a security policy on
systems before they connect to the network. What type of solution should Kolin
implement?
- ANSWER A NAC system - Network access control (NAC) systems can be used
to authenticate users and then validate their system's compliance with a security
standard before they are allowed to connect to the network. Enforcing security
, profiles can help reduce zero-day attacks, making NAC a useful solution. A firewall
can't enforce system security policies, whereas an IDS can only monitor for attacks
and alarm when they happen. Thus, neither a firewall nor an IDS meets Kolin's
needs. Finally, port security is a MAC address-based security feature that can
restrict only which systems or devices can connect to a given port.
11. How many possible keys exist when using a cryptographic algorithm that has
an 8-bit binary encryption key?
- ANSWER 256 - Binary keyspaces contain a number of keys equal to 2 raised
to the power of the number of bits. Two to the eighth power is 256, so an 8-bit
keyspace contains 256 possible keys.
12. In what cloud computing model does the customer build a cloud computing
environment in his or her own data center or build an environment in another
data center that is for the customer's exclusive use?
- ANSWER Private cloud - In the private cloud computing model, the cloud
computing environment is dedicated to a single organization and does not follow
the shared tenancy model. The environment may be built by the company in its
own data center or built by a vendor at a co-location site.
13. What major issue often results from decentralized access control?
- ANSWER Control is not consistent. - Decentralized access control can result
in less consistency because the individuals tasked with control may interpret
policies and requirements differently and may perform their roles in different
ways. Access outages, overly granular control, and training costs may occur,
depending on specific implementations, but they are not commonly identified
issues with decentralized access control.
14. In what model of cloud computing do two or more organizations collaborate
to build a shared cloud computing environment that is for their own use?
- ANSWER Community cloud - In the community cloud computing model, two
or more organizations pool their resources to create a cloud environment that
they then share.
