SSCP #2 questions
with complete verified
solutions (graded A+)
B - answer BIND should be disabled on which of the following?
A. All DNS servers to avoid recursive lookups
B. All non DNS servers
C. Firewalls
D. Routers
B - answer IPSEC resides at which layer of the OSI model?
A. Layer 6 - Presentation
B. Layer 3 - Network
C. Layer 4 - Transport
D. Layer 5 - Session
E. Layer 2 - Data Link
F. Layer 1 - Physical
D - answer DES, 3DES, Blowfish, and AES are all examples of what type of
cryptography?
"Pass Any Exam. Any Time." - Guaranteed 36
B. Message Digest
C. Hash Algorithm
,D. Secret Key
B - answer Your ATM card is a form of two-factor authentication for what
reason?
A. It combines something you are with something you know
B. It combines something you have with something you know
C. It combines something you control with something you know
D. It combines something you are with something you have
Dumpster diving - answer Attackers have been known to search through
company trash bins in order to collect potentially
useful information. This method of attack is known as _________________.
B - answer BIA - Business Impact Analysis deals strictly with financial
assessment of a loss in relation to
business operations?
A. True
B. False
D - answer Of the protocols list, which one is connection oriented?
A. IP
B. UDP
ISC SSCP: Practice Exam
"Pass Any Exam. Any Time." - Guaranteed 37
C. DNS
D. TCP
E. All protocols listed are connection oriented
,B - answer The Internet service that converts www.soundbodyworks.com
to 216.230.195.151 is known as
A. SMTP
B. DNS
C. HTTP
D. FTP
E. GOPHER
B - answer Corporate networks are safer if an end user connects through a
VPN connection?
A. True
B. False
Desktop Firewall - answer A ___________ is a program that can be useful in
preventing cookies and Java applets from
accessing a system.
C - answer ___________ programs decrease the number of security incidents,
educate users about
procedures, and can potentially reduce losses.
A. New hire orientation
B. HR Briefings
C. Security Awareness
D. Employee Termination
D - answer What reference model describes computer communication
services and protocols in a layered
approach?
, A. IETF - Internet Engineering Task Force
B. ISO - International Standards Organization
C. IANA - Internet Assigned Numbers Authority
D. OSI - Open System Interconnection
B C D - answer Government categories of data classification include which
of the following? (Choose all that
apply)
A. Confidentiality
B. Secret
C. Top Secret
D. Confidential
E. Need to Know
F. Availability
C - answer In the DoD accreditation process a __________ is the formal entity
which ensures that information
systems meet a certain criteria for secure operation. Once approved these
machines are certified
to operate with a set of listed safeguards.
A. DISA - Defense Information Systems Agency
B. ISC2 - International Information Systems Security Certification
Consortium
C. DAA - Designated Approving Authority
D. ISACA - The Information Systems Audit and Control Association
B - answer TCP Wrappers is an example of which type of security tool?
with complete verified
solutions (graded A+)
B - answer BIND should be disabled on which of the following?
A. All DNS servers to avoid recursive lookups
B. All non DNS servers
C. Firewalls
D. Routers
B - answer IPSEC resides at which layer of the OSI model?
A. Layer 6 - Presentation
B. Layer 3 - Network
C. Layer 4 - Transport
D. Layer 5 - Session
E. Layer 2 - Data Link
F. Layer 1 - Physical
D - answer DES, 3DES, Blowfish, and AES are all examples of what type of
cryptography?
"Pass Any Exam. Any Time." - Guaranteed 36
B. Message Digest
C. Hash Algorithm
,D. Secret Key
B - answer Your ATM card is a form of two-factor authentication for what
reason?
A. It combines something you are with something you know
B. It combines something you have with something you know
C. It combines something you control with something you know
D. It combines something you are with something you have
Dumpster diving - answer Attackers have been known to search through
company trash bins in order to collect potentially
useful information. This method of attack is known as _________________.
B - answer BIA - Business Impact Analysis deals strictly with financial
assessment of a loss in relation to
business operations?
A. True
B. False
D - answer Of the protocols list, which one is connection oriented?
A. IP
B. UDP
ISC SSCP: Practice Exam
"Pass Any Exam. Any Time." - Guaranteed 37
C. DNS
D. TCP
E. All protocols listed are connection oriented
,B - answer The Internet service that converts www.soundbodyworks.com
to 216.230.195.151 is known as
A. SMTP
B. DNS
C. HTTP
D. FTP
E. GOPHER
B - answer Corporate networks are safer if an end user connects through a
VPN connection?
A. True
B. False
Desktop Firewall - answer A ___________ is a program that can be useful in
preventing cookies and Java applets from
accessing a system.
C - answer ___________ programs decrease the number of security incidents,
educate users about
procedures, and can potentially reduce losses.
A. New hire orientation
B. HR Briefings
C. Security Awareness
D. Employee Termination
D - answer What reference model describes computer communication
services and protocols in a layered
approach?
, A. IETF - Internet Engineering Task Force
B. ISO - International Standards Organization
C. IANA - Internet Assigned Numbers Authority
D. OSI - Open System Interconnection
B C D - answer Government categories of data classification include which
of the following? (Choose all that
apply)
A. Confidentiality
B. Secret
C. Top Secret
D. Confidential
E. Need to Know
F. Availability
C - answer In the DoD accreditation process a __________ is the formal entity
which ensures that information
systems meet a certain criteria for secure operation. Once approved these
machines are certified
to operate with a set of listed safeguards.
A. DISA - Defense Information Systems Agency
B. ISC2 - International Information Systems Security Certification
Consortium
C. DAA - Designated Approving Authority
D. ISACA - The Information Systems Audit and Control Association
B - answer TCP Wrappers is an example of which type of security tool?
