SSCP #2 Exam Questions With Verified Answers

SSCP #2 Exam Questions With Verified Answers A. All DNS servers to avoid recursive lookups B. All non DNS servers C. Firewalls D. Routers B - ANS IPSEC resides at which layer of the OSI model? A. Layer 6 - Presentation B. Layer 3 - Network C. Layer 4 - Transport D. Layer 5 - Session E. Layer 2 - Data Link F. Layer 1 - Physical D - ANS DES, 3DES, Blowfish, and AES are all examples of what type of cryptography? "Pass Any Exam. Any Time." - Guaranteed 36 B. Message Digest C. Hash Algorithm D. Secret Key B - ANS Your ATM card is a form of two-factor authentication for what reason? A. It combines something you are with something you know B. It combines something you have with something you know C. It combines something you control with something you know D. It combines something you are with something you have Dumpster diving - ANS Attackers have been known to search through company trash bins in order to collect potentially useful information. This method of attack is known as _________________. B - ANS BIA - Business Impact Analysis deals strictly with financial assessment of a loss in relation to business operations? A. True B. False D - ANS Of the protocols list, which one is connection oriented? A. IP B. UDP ISC SSCP: Practice Exam "Pass Any Exam. Any Time." - Guaranteed 37 C. DNS D. TCP E. All protocols listed are connection oriented B - ANS The Internet service that converts to 216.230.195.151 is known as A. SMTP B. DNS C. HTTP D. FTP E. GOPHER B - ANS Corporate networks are safer if an end user connects through a VPN connection? A. True B. False Desktop Firewall - ANS A ___________ is a program that can be useful in preventing cookies and Java applets from accessing a system. C - ANS ___________ programs decrease the number of security incidents, educate users about procedures, and can potentially reduce losses. A. New hire orientation B. HR Briefings C. Security Awareness D. Employee Termination D - ANS What reference model describes computer communication services and protocols in a layered approach? A. IETF - Internet Engineering Task Force B. ISO - International Standards Organization C. IANA - Internet Assigned Numbers Authority D. OSI - Open System Interconnection B C D - ANS Government categories of data classification include which of the following? (Choose all that apply) A. Confidentiality B. Secret C. Top Secret D. Confidential E. Need to Know F. Availability C - ANS In the DoD accreditation process a __________ is the formal entity which ensures that information systems meet a certain criteria for secure operation. Once approved these machines are certified to operate with a set of listed safeguards. A. DISA - Defense Information Systems Agency B. ISC2 - International Information Systems Security Certification Consortium C. DAA - Designated Approving Authority D. ISACA - The Information Systems Audit and Control Association B - ANS TCP Wrappers is an example of which type of security tool? A. Network Based IDS B. Host Based IDS C. Personal Firewall D. All of the above E. None of the above D - ANS Trin00 is an example of what type of attack? A. Man in the Middle B. Spamming C. Spoofing D. Distributed Denial of Service E. Brute Force D - ANS Inference attacks involve ___________________________. A. Gathering pieces of secret information to predict or guess an outcome B. Deciphering encrypted communications C. Spoofing a connection to intercept plain text transmissions D. Collecting unclassified pieces of information to predict or guess an outcome B - ANS Of the following, which is NOT a r