Page |1
Official (ISC)² SSCP Questions and Correct
Answers/ Latest Update / Already Graded
Access Control Object
Ans: A passive entity that typically receives or contains some
form of data.
Access Control Subject
Ans: An active entity and can be any user, program, or process
that requests permission to cause data to flow from an access
control object to the access control subject or between access
control objects.
Asynchronous Password Token
Ans: A one-time password is generated without the use of a
clock, either from a one-time pad or cryptographic algorithm.
Authorization
Ans: Determines whether a user is permitted to access a
particular resource.
Connected Tokens
All rights reserved © 2025/ 2026 |
, Page |2
Ans: Must be physically connected to the computer to which
the user is authenticating.
Contactless Tokens
Ans: Form a logical connection to the client computer but do
not require a physical connection.
Disconnected Tokens
Ans: Have neither a physical nor logical connection to the
client computer.
Entitlement
Ans: A set of rules, defined by the resource owner, for
managing access to a resource (asset, service, or entity) and for
what purpose.
Identity Management
Ans: The task of controlling information about users on
computers.
Proof of Identity
All rights reserved © 2025/ 2026 |
, Page |3
Ans: Verify people's identities before the enterprise issues
them accounts and credentials.
Kerberos
Ans: A popular network authentication protocol for indirect
(third-party) authentication services.
Lightweight Directory Access Protocol (LDAP)
Ans: A client/server-based directory query protocol loosely
based on X.500, commonly used to manage user information.
LDAP is a front end and not used to manage or synchronize
data per se as opposed to DNS.
Single Sign-On (SSO)
Ans: Designed to provide strong authentication using secret -
key cryptography, allowing a single identity to be shared across
multiple applications.
Static Password Token
Ans: The device contains a password that is physically hidden
(not visible to the possessor) but that is transmitted for each
authentication.
All rights reserved © 2025/ 2026 |
, Page |4
Synchronous Dynamic Password Token
Ans: A timer is used to rotate through various combina tions
produced by a cryptographic algorithm.
Trust Path
Ans: A series of trust relationships that authentication requests
must follow between domains
6to4
Ans: Transition mechanism for migrating from IPv4 to IPv6. It
allows systems to use IPv6 to communicate if their traffic has to
transverse an IPv4 network.
Absolute addresses
Ans: Hardware addresses used by the CPU.
Abstraction
Ans: The capability to suppress unnecessary details so the
important, inherent properties can be examined and reviewed.
All rights reserved © 2025/ 2026 |
Official (ISC)² SSCP Questions and Correct
Answers/ Latest Update / Already Graded
Access Control Object
Ans: A passive entity that typically receives or contains some
form of data.
Access Control Subject
Ans: An active entity and can be any user, program, or process
that requests permission to cause data to flow from an access
control object to the access control subject or between access
control objects.
Asynchronous Password Token
Ans: A one-time password is generated without the use of a
clock, either from a one-time pad or cryptographic algorithm.
Authorization
Ans: Determines whether a user is permitted to access a
particular resource.
Connected Tokens
All rights reserved © 2025/ 2026 |
, Page |2
Ans: Must be physically connected to the computer to which
the user is authenticating.
Contactless Tokens
Ans: Form a logical connection to the client computer but do
not require a physical connection.
Disconnected Tokens
Ans: Have neither a physical nor logical connection to the
client computer.
Entitlement
Ans: A set of rules, defined by the resource owner, for
managing access to a resource (asset, service, or entity) and for
what purpose.
Identity Management
Ans: The task of controlling information about users on
computers.
Proof of Identity
All rights reserved © 2025/ 2026 |
, Page |3
Ans: Verify people's identities before the enterprise issues
them accounts and credentials.
Kerberos
Ans: A popular network authentication protocol for indirect
(third-party) authentication services.
Lightweight Directory Access Protocol (LDAP)
Ans: A client/server-based directory query protocol loosely
based on X.500, commonly used to manage user information.
LDAP is a front end and not used to manage or synchronize
data per se as opposed to DNS.
Single Sign-On (SSO)
Ans: Designed to provide strong authentication using secret -
key cryptography, allowing a single identity to be shared across
multiple applications.
Static Password Token
Ans: The device contains a password that is physically hidden
(not visible to the possessor) but that is transmitted for each
authentication.
All rights reserved © 2025/ 2026 |
, Page |4
Synchronous Dynamic Password Token
Ans: A timer is used to rotate through various combina tions
produced by a cryptographic algorithm.
Trust Path
Ans: A series of trust relationships that authentication requests
must follow between domains
6to4
Ans: Transition mechanism for migrating from IPv4 to IPv6. It
allows systems to use IPv6 to communicate if their traffic has to
transverse an IPv4 network.
Absolute addresses
Ans: Hardware addresses used by the CPU.
Abstraction
Ans: The capability to suppress unnecessary details so the
important, inherent properties can be examined and reviewed.
All rights reserved © 2025/ 2026 |
