OFFICIAL (ISC)² SSCP EXAM REVIEW QUESTIONS AND ANSWERS, GRADED A+[LATEST EXAM UPDATES]

OFFICIAL (ISC)² SSCP EXAM REVIEW QUESTIONS AND ANSWERS, GRADED A+ Access Control Object - -A passive entity that typically receives or contains some form of data. Access Control Subject - -An active entity and can be any user, program, or process that requests permission to cause data to flow from an access control object to the access control subject or between access control objects. Asynchronous Password Token - -A one-time password is generated without the use of a clock, either from a one-time pad or cryptographic algorithm. Authorization - -Determines whether a user is permitted to access a particular resource. Connected Tokens - -Must be physically connected to the computer to which the user is authenticating. Contactless Tokens - -Form a logical connection to the client computer but do not require a physical connection. Disconnected Tokens - -Have neither a physical nor logical connection to the client computer. Entitlement - -A set of rules, defined by the resource owner, for managing access to a resource (asset, service, or entity) and for what purpose. Identity Management - -The task of controlling information about users on computers. Proof of Identity - -Verify people's identities before the enterprise issues them accounts and credentials. Kerberos - -A popular network authentication protocol for indirect (third-party) authentication services. Lightweight Directory Access Protocol (LDAP) - -A client/server-based directory query protocol loosely based on X.500, commonly used to manage user information. LDAP is a front end and not used to manage or synchronize data per se as opposed to DNS. Single Sign-On (SSO) - -Designed to provide strong authentication using secret-key cryptography, allowing a single identity to be shared across multiple applications. Static Password Token - -The device contains a password that is physically hidden (not visible to the possessor) but that is transmitted for each authentication. Synchronous Dynamic Password Token - -A timer is used to rotate through various combinations produced by a cryptographic algorithm.