CERTPREPS - SSCP PRACTICE EXAM 2
QUESTIONS AND ANSWERS
1. An organization has enforced endpoint encryption for all mobile devices. What is the
primary benefit of implementing whole disk encryption on these devices?
A. It improves the performance of mobile devices.
B. It protects data at rest from unauthorized access.
C. It enables secure data transmission over the internet.
D. It allows for easy recovery of lost or stolen devices. - Correct Answers -B. It protects
data at rest from unauthorized access.
Whole disk encryption protects data at rest from unauthorized access (B) by ensuring
that all data on the device is encrypted and cannot be read without the appropriate key
or password. While performance improvements (A) are not a typical benefit of
encryption, secure data transmission (C) is unrelated as it pertains to data in transit.
Easy recovery of lost or stolen devices (D) is also not a function of encryption but rather
a matter of device management.
2. An organization is assessing the implementation of its new data encryption protocol.
What is the key metric to evaluate its effectiveness?
A. The speed of data encryption and decryption processes.
B. The number of data breaches reported since implementation.
C. The ease of integration with existing systems.
D. The user feedback on encryption processes. - Correct Answers -B. The number of
data breaches reported since implementation.
The number of data breaches reported since implementation (B) is the key metric to
evaluate the effectiveness of a new data encryption protocol, as it directly indicates
whether the protocol is successful in protecting sensitive data. The speed of encryption
and decryption (A) affects performance but not the effectiveness of security. The ease
of integration (C) is important for usability but does not measure security effectiveness.
User feedback on encryption processes (D) may reflect usability issues but does not
directly measure the protocol's effectiveness in preventing breaches.
3. A multinational company needs to ensure that sensitive data transferred between
their headquarters and regional offices remains secure over a public network. Which
solution should they implement?
,A. Intranet
B. VPN over the Internet
C. Extranet
D. Public Wi-Fi - Correct Answers -B. VPN over the Internet
A VPN over the internet (B) provides a secure, encrypted tunnel for data transfer
between different locations, ensuring the confidentiality and integrity of sensitive
information over a public network. An intranet (A) is limited to internal use and does not
span multiple locations. An extranet (C) is used for controlled access by external
partners, not for secure data transfer between company offices. Public Wi-Fi (D) is
inherently insecure and unsuitable for transferring sensitive data.
4. A company's security team has detected a large number of devices communicating
with a remote server in a coordinated manner, performing malicious tasks such as
sending spam and launching attacks against other networks. What type of malicious
activity does this best describe?
A. Botnet
B. Advanced Persistent Threat (APT)
C. Data theft
D. Insider threat - Correct Answers -A. Botnet
The scenario describes devices communicating with a remote server and performing
coordinated malicious tasks, which is characteristic of a botnet (A). A botnet is a
collection of compromised devices that are controlled remotely by an attacker to
perform various malicious activities, such as sending spam and launching attacks. An
Advanced Persistent Threat (APT) (B) is a prolonged and targeted cyber attack,
typically aimed at stealing information over time, but does not describe a large number
of devices performing coordinated tasks. Data theft (C) involves unauthorized access
and exfiltration of sensitive information but does not involve coordinated device activity.
Insider threat (D) involves malicious activities from within the organization, not
coordinated external device control.
5. A company experiences a phishing attack that successfully compromised credentials
used in a virtual environment. What is the best countermeasure to prevent such attacks
in the future?
A. Conduct regular phishing awareness training for all employees
B. Disable all email communication to external domains
C. Implement single sign-on (SSO) for the virtual environment
D. Increase the complexity requirements for passwords - Correct Answers -A. Conduct
regular phishing awareness training for all employees
Conducting regular phishing awareness training (A) is the best countermeasure as it
educates employees on recognizing and avoiding phishing attacks, reducing the
likelihood of credential compromise. Disabling all email communication to external
,domains (B) is impractical and disrupts business operations. Implementing single sign-
on (SSO) (C) can improve security but does not directly prevent phishing attacks.
Increasing password complexity (D) is beneficial but does not address the social
engineering aspect of phishing.
6. During a security audit, it is discovered that unauthorized changes were made to
several configuration files on a critical server. Which monitoring technique would be
most effective in detecting such unauthorized changes in the future?
A. Implementing file integrity monitoring.
B. Performing regular vulnerability scans.
C. Enforcing strict access controls.
D. Conducting periodic audits. - Correct Answers -A. Implementing file integrity
monitoring.
Implementing file integrity monitoring (A) is the most effective technique for detecting
unauthorized changes to configuration files, as it tracks changes to files in real-time and
alerts administrators of any modifications. Performing regular vulnerability scans (B)
helps identify potential weaknesses but doesn't monitor file changes. Enforcing strict
access controls (C) is essential for preventing unauthorized access but does not detect
changes once they occur. Conducting periodic audits (D) helps in assessing overall
security but is not real-time and may miss unauthorized changes between audits.
7. A company implements blockchain technology for its supply chain management. How
does this technology support non-repudiation?
A. By encrypting all data transactions
B. By providing an immutable and transparent ledger
C. By restricting access to authorized users
D. By performing regular security assessments - Correct Answers -B. By providing an
immutable and transparent ledger
Blockchain technology supports non-repudiation by providing an immutable and
transparent ledger where all transactions are recorded and cannot be altered or deleted.
This ensures that all parties involved can verify the authenticity and origin of each
transaction. Encrypting all data transactions (A) ensures confidentiality but does not
provide non-repudiation. Restricting access to authorized users (C) is an access control
measure. Performing regular security assessments (D) ensures the overall security
posture but does not specifically address non-repudiation.
8. During a security impact analysis for a planned network architecture change, it is
discovered that the change might expose sensitive data to unauthorized access. What
is the most appropriate action to take in response to this finding?
A. Proceed with the change but monitor the network closely.
B. Implement additional security controls to mitigate the risk.
C. Cancel the planned network change.
, D. Inform users of the potential risk but proceed as planned. - Correct Answers -B.
Implement additional security controls to mitigate the risk.
Implementing additional security controls to mitigate the risk (B) is the most appropriate
action. This approach addresses the potential vulnerability identified during the security
impact analysis and ensures that sensitive data is protected. Proceeding with the
change without addressing the risk (A, D) is not advisable as it leaves the network
exposed. Canceling the change (C) may not be necessary if the risk can be mitigated
effectively.
9. A security team is tasked with ensuring the integrity of financial transactions
processed by their company's systems. Which of the following measures will best
achieve this goal?
A. Encrypting all financial data
B. Implementing digital signatures for transactions
C. Using intrusion detection systems (IDS)
D. Conducting regular audits of financial records - Correct Answers -B. Implementing
digital signatures for transactions
Implementing digital signatures for transactions is the best measure to ensure the
integrity of financial transactions. Digital signatures use cryptographic techniques to
verify that the transaction data has not been altered and to authenticate the sender.
Encrypting financial data (A) ensures confidentiality but does not provide integrity
verification. Intrusion detection systems (IDS) (C) help detect unauthorized access but
do not verify the integrity of transactions. Regular audits of financial records (D) are
important for detecting discrepancies but do not provide real-time assurance of
transaction integrity.
10. A company wants to ensure that employees use secure connections for sensitive
work-related activities. What browser configuration should be enforced to achieve this
goal?
A. Enable strict cookie settings.
B. Set the browser to default to private browsing mode.
C. Enforce the use of HTTPS for all websites.
D. Disable JavaScript in the browser. - Correct Answers -C. Enforce the use of HTTPS
for all websites.
Enforcing the use of HTTPS for all websites (C) ensures that sensitive information
transmitted through the browser is encrypted, thereby protecting it from interception.
Strict cookie settings (A) enhance privacy but do not secure data transmission. Private
browsing mode (B) prevents the browser from storing data locally but does not ensure
secure connections. Disabling JavaScript (D) can break functionality on many sites and
is not practical for most users.
QUESTIONS AND ANSWERS
1. An organization has enforced endpoint encryption for all mobile devices. What is the
primary benefit of implementing whole disk encryption on these devices?
A. It improves the performance of mobile devices.
B. It protects data at rest from unauthorized access.
C. It enables secure data transmission over the internet.
D. It allows for easy recovery of lost or stolen devices. - Correct Answers -B. It protects
data at rest from unauthorized access.
Whole disk encryption protects data at rest from unauthorized access (B) by ensuring
that all data on the device is encrypted and cannot be read without the appropriate key
or password. While performance improvements (A) are not a typical benefit of
encryption, secure data transmission (C) is unrelated as it pertains to data in transit.
Easy recovery of lost or stolen devices (D) is also not a function of encryption but rather
a matter of device management.
2. An organization is assessing the implementation of its new data encryption protocol.
What is the key metric to evaluate its effectiveness?
A. The speed of data encryption and decryption processes.
B. The number of data breaches reported since implementation.
C. The ease of integration with existing systems.
D. The user feedback on encryption processes. - Correct Answers -B. The number of
data breaches reported since implementation.
The number of data breaches reported since implementation (B) is the key metric to
evaluate the effectiveness of a new data encryption protocol, as it directly indicates
whether the protocol is successful in protecting sensitive data. The speed of encryption
and decryption (A) affects performance but not the effectiveness of security. The ease
of integration (C) is important for usability but does not measure security effectiveness.
User feedback on encryption processes (D) may reflect usability issues but does not
directly measure the protocol's effectiveness in preventing breaches.
3. A multinational company needs to ensure that sensitive data transferred between
their headquarters and regional offices remains secure over a public network. Which
solution should they implement?
,A. Intranet
B. VPN over the Internet
C. Extranet
D. Public Wi-Fi - Correct Answers -B. VPN over the Internet
A VPN over the internet (B) provides a secure, encrypted tunnel for data transfer
between different locations, ensuring the confidentiality and integrity of sensitive
information over a public network. An intranet (A) is limited to internal use and does not
span multiple locations. An extranet (C) is used for controlled access by external
partners, not for secure data transfer between company offices. Public Wi-Fi (D) is
inherently insecure and unsuitable for transferring sensitive data.
4. A company's security team has detected a large number of devices communicating
with a remote server in a coordinated manner, performing malicious tasks such as
sending spam and launching attacks against other networks. What type of malicious
activity does this best describe?
A. Botnet
B. Advanced Persistent Threat (APT)
C. Data theft
D. Insider threat - Correct Answers -A. Botnet
The scenario describes devices communicating with a remote server and performing
coordinated malicious tasks, which is characteristic of a botnet (A). A botnet is a
collection of compromised devices that are controlled remotely by an attacker to
perform various malicious activities, such as sending spam and launching attacks. An
Advanced Persistent Threat (APT) (B) is a prolonged and targeted cyber attack,
typically aimed at stealing information over time, but does not describe a large number
of devices performing coordinated tasks. Data theft (C) involves unauthorized access
and exfiltration of sensitive information but does not involve coordinated device activity.
Insider threat (D) involves malicious activities from within the organization, not
coordinated external device control.
5. A company experiences a phishing attack that successfully compromised credentials
used in a virtual environment. What is the best countermeasure to prevent such attacks
in the future?
A. Conduct regular phishing awareness training for all employees
B. Disable all email communication to external domains
C. Implement single sign-on (SSO) for the virtual environment
D. Increase the complexity requirements for passwords - Correct Answers -A. Conduct
regular phishing awareness training for all employees
Conducting regular phishing awareness training (A) is the best countermeasure as it
educates employees on recognizing and avoiding phishing attacks, reducing the
likelihood of credential compromise. Disabling all email communication to external
,domains (B) is impractical and disrupts business operations. Implementing single sign-
on (SSO) (C) can improve security but does not directly prevent phishing attacks.
Increasing password complexity (D) is beneficial but does not address the social
engineering aspect of phishing.
6. During a security audit, it is discovered that unauthorized changes were made to
several configuration files on a critical server. Which monitoring technique would be
most effective in detecting such unauthorized changes in the future?
A. Implementing file integrity monitoring.
B. Performing regular vulnerability scans.
C. Enforcing strict access controls.
D. Conducting periodic audits. - Correct Answers -A. Implementing file integrity
monitoring.
Implementing file integrity monitoring (A) is the most effective technique for detecting
unauthorized changes to configuration files, as it tracks changes to files in real-time and
alerts administrators of any modifications. Performing regular vulnerability scans (B)
helps identify potential weaknesses but doesn't monitor file changes. Enforcing strict
access controls (C) is essential for preventing unauthorized access but does not detect
changes once they occur. Conducting periodic audits (D) helps in assessing overall
security but is not real-time and may miss unauthorized changes between audits.
7. A company implements blockchain technology for its supply chain management. How
does this technology support non-repudiation?
A. By encrypting all data transactions
B. By providing an immutable and transparent ledger
C. By restricting access to authorized users
D. By performing regular security assessments - Correct Answers -B. By providing an
immutable and transparent ledger
Blockchain technology supports non-repudiation by providing an immutable and
transparent ledger where all transactions are recorded and cannot be altered or deleted.
This ensures that all parties involved can verify the authenticity and origin of each
transaction. Encrypting all data transactions (A) ensures confidentiality but does not
provide non-repudiation. Restricting access to authorized users (C) is an access control
measure. Performing regular security assessments (D) ensures the overall security
posture but does not specifically address non-repudiation.
8. During a security impact analysis for a planned network architecture change, it is
discovered that the change might expose sensitive data to unauthorized access. What
is the most appropriate action to take in response to this finding?
A. Proceed with the change but monitor the network closely.
B. Implement additional security controls to mitigate the risk.
C. Cancel the planned network change.
, D. Inform users of the potential risk but proceed as planned. - Correct Answers -B.
Implement additional security controls to mitigate the risk.
Implementing additional security controls to mitigate the risk (B) is the most appropriate
action. This approach addresses the potential vulnerability identified during the security
impact analysis and ensures that sensitive data is protected. Proceeding with the
change without addressing the risk (A, D) is not advisable as it leaves the network
exposed. Canceling the change (C) may not be necessary if the risk can be mitigated
effectively.
9. A security team is tasked with ensuring the integrity of financial transactions
processed by their company's systems. Which of the following measures will best
achieve this goal?
A. Encrypting all financial data
B. Implementing digital signatures for transactions
C. Using intrusion detection systems (IDS)
D. Conducting regular audits of financial records - Correct Answers -B. Implementing
digital signatures for transactions
Implementing digital signatures for transactions is the best measure to ensure the
integrity of financial transactions. Digital signatures use cryptographic techniques to
verify that the transaction data has not been altered and to authenticate the sender.
Encrypting financial data (A) ensures confidentiality but does not provide integrity
verification. Intrusion detection systems (IDS) (C) help detect unauthorized access but
do not verify the integrity of transactions. Regular audits of financial records (D) are
important for detecting discrepancies but do not provide real-time assurance of
transaction integrity.
10. A company wants to ensure that employees use secure connections for sensitive
work-related activities. What browser configuration should be enforced to achieve this
goal?
A. Enable strict cookie settings.
B. Set the browser to default to private browsing mode.
C. Enforce the use of HTTPS for all websites.
D. Disable JavaScript in the browser. - Correct Answers -C. Enforce the use of HTTPS
for all websites.
Enforcing the use of HTTPS for all websites (C) ensures that sensitive information
transmitted through the browser is encrypted, thereby protecting it from interception.
Strict cookie settings (A) enhance privacy but do not secure data transmission. Private
browsing mode (B) prevents the browser from storing data locally but does not ensure
secure connections. Disabling JavaScript (D) can break functionality on many sites and
is not practical for most users.
