SSCP PRACTICE TEST FINAL
QUESTIONS AND ANSWERS
Jack works as an investigating officer in Private Corporate Investigation Agency
Services. He wants to save an evidence, that he collected from the location where an
incident happened, for future use so that he can have that information whenever
needed. Which is the most volatile memory he can use to save the collected evidence?
- Correct Answers -CPU cache
Which choice best describes Bluetooth? - Correct Answers -A method of data
synchronization between devices
Authorization for multiple applications using one set of credentials is best described by
which of the following? - Correct Answers -Single Sign-on
How is separation of duties typically implemented? - Correct Answers -Segment
administrative tasks into compartments, and then assign one or more distinct
administrators into each compartment.
When considering a disaster which of the following is not a commonly accepted
definition? - Correct Answers -An occurrence that is outside the normal functional
baselines
A type of wireless network attack monitors wireless signals for clients making requests
to connect to wireless base stations. It then takes the details from those requests to
spoof the identity of the requested base station in order to fool the client devices into
connecting to the false version of their trusted network. Which attack is this describing?
- Correct Answers -Evil twin
How does mandatory access control determine which objects a subject can access? -
Correct Answers -Through the use of classification labels
Which of the following is NOT a method by which devices are assigned to VLAN
network segments? - Correct Answers -Transport-layer port assignment
Which of the following best describes the time that it takes to register with a biometric
system, by providing samples of a personal characteristic? - Correct Answers -
Enrollment time
,How can a company ensure protection against eavesdropping and session hijacking for
its workers connecting to a public cloud? - Correct Answers -Use a VPN.
Which type of client-side program always runs in a sandbox? - Correct Answers -Java
applet
When hashing a message, which of the following security goals is being provided? -
Correct Answers -Integrity
How does a typical SIEM or systems management console retrieve event details from a
source system? - Correct Answers -SNMP
A company is concerned about unauthorized entities attacking their wireless network.
The company has chosen to disable SSID broadcast in order to hide their base station
and prevent unauthorized connections. Which of the following statements are correct of
this scenario? - Correct Answers -It does not resolve the issue because the SSID is still
present in most other management frames.
Which of the following is true about biometric scan technology? - Correct Answers -A
number of points extracted from the item scanned are stored.
A business asset is best described by which of the following? - Correct Answers -
Competitive advantage, capability, credibility, or goodwill
Which term is used to indicate the function of access control or defining which subjects
can perform various tasks on specific objects? - Correct Answers -Authorization
Other than implementing preventative measures and planning out response and
recovery strategies, what is another important element that will help minimize data loss
in the event of a harmful event that would trigger a disaster recovery policy (DRP)? -
Correct Answers -Prior warning of impending harm
To prevent any one person from having too much control or power, or performing
fraudulent acts, which of the following solutions should not be implemented? - Correct
Answers -Job rotation
Which of the following best describes an endpoint device? - Correct Answers -Computer
printer
What is the correct description of a certificate? - Correct Answers -A certificate contains
the owner's public key.
A backup site is best described by which of the following options? - Correct Answers -A
computer facility with power and HVAC and all servers and communications. All
applications are ready to be installed and configured, and recent data is available to be
restored to the site.
,What does an acceptable use policy AUP state? - Correct Answers -The acceptable
and unacceptable uses for organizational resources
Which option provides the best description of the first action to take during incident
response? - Correct Answers -Follow the procedures in the incident response plan.
Which of the following best describes maximum tolerable downtime? - Correct Answers
-The amount of time a business process may be off-line before the viability of the
organization is in severe jeopardy
Which choice best describes a zombie? - Correct Answers -A member of a botnet
Which option is not part of the prevention primary security category? - Correct Answers
-Using an alternate site after a disaster
What type of attack cannot be blocked or resolved with a software fix or a hardware
upgrade? - Correct Answers -Social engineering
Crossover error rate (CER) refers to which of the following graphical intersections? -
Correct Answers -False rejection rate and false acceptance rate
Which of the following is a term used for a rogue Wi-Fi access point that appears to be
legitimate but actually has been set up to intercept wireless communications? - Correct
Answers -Evil twin
Your company is about to launch a new Web site offering services and features that are
commonly requested but rarely offered by other existing sites. The market research
shows that the new site will be very popular and will have significant user growth for
years. You have been given the responsibility to set up user authentication. Your
requirements are the following:
Each user must be uniquely identified.
Multifactor authentication should be supported.
Authentication should provide protection of a user's identity even if your Web site's
servers are compromised by hackers.
How would you implement the authentication for this Web site? - Correct Answers -Set
up a one-way federated access with an existing major social network site.
Which of the following is part of a business continuity plan? - Correct Answers -The
recovery point objective
A clipping level does which of the following? - Correct Answers -Defines a threshold of
activity that, after crossed, sets off an operator alarm or alert
How does PGP provide e-mail confidentiality? - Correct Answers -Through random
symmetric keys and the use of public keys
, What are the three categories of controls? - Correct Answers -Physical, logical
(technical), and administrative
Encapsulation provides what type of action? - Correct Answers -Places one type of
packet inside another
Evidence should be tracked utilizing which of the following methods? - Correct Answers
-Chain of custody
Which answer is most accurate regarding firewalls? - Correct Answers -They filter traffic
based upon inspecting packets.
Why is multifactor authentication considered more secure than single-factor
authentication? - Correct Answers -Multifactor authentication requires multiple distinct
attacks to perform impersonation.
What is a significant difference between the secure protocols of TLS-encrypted SMTP
and the use of S/MIME for the protection of e-mail communications? - Correct Answers
-One provides end-to-end protection of messages, while the other only secures a local
link.
Which group represents the most likely source of an asset being lost through
inappropriate computer use? - Correct Answers -Employees
What must every policy possess in order to be successfully implemented? - Correct
Answers -Senior executive endorsement
Which of the following best describes privileged users? - Correct Answers -They are
super-users or administrators
During an access system audit, a number of active accounts were discovered from
employees who had left the company over the past two years. What are these accounts
called? - Correct Answers -Orphaned accounts
Which option most accurately defines a threat? - Correct Answers -Possibility for a
source to exploit a specific vulnerability
Which security plan is used to restore normal operations in the event of the full
interruption of mission critical business functions? - Correct Answers -Disaster recovery
plan
Which of the following is not a control category? - Correct Answers -Preventative
What is the component of IPSec that handles key generation and distribution? - Correct
Answers -Internet Key Exchange
QUESTIONS AND ANSWERS
Jack works as an investigating officer in Private Corporate Investigation Agency
Services. He wants to save an evidence, that he collected from the location where an
incident happened, for future use so that he can have that information whenever
needed. Which is the most volatile memory he can use to save the collected evidence?
- Correct Answers -CPU cache
Which choice best describes Bluetooth? - Correct Answers -A method of data
synchronization between devices
Authorization for multiple applications using one set of credentials is best described by
which of the following? - Correct Answers -Single Sign-on
How is separation of duties typically implemented? - Correct Answers -Segment
administrative tasks into compartments, and then assign one or more distinct
administrators into each compartment.
When considering a disaster which of the following is not a commonly accepted
definition? - Correct Answers -An occurrence that is outside the normal functional
baselines
A type of wireless network attack monitors wireless signals for clients making requests
to connect to wireless base stations. It then takes the details from those requests to
spoof the identity of the requested base station in order to fool the client devices into
connecting to the false version of their trusted network. Which attack is this describing?
- Correct Answers -Evil twin
How does mandatory access control determine which objects a subject can access? -
Correct Answers -Through the use of classification labels
Which of the following is NOT a method by which devices are assigned to VLAN
network segments? - Correct Answers -Transport-layer port assignment
Which of the following best describes the time that it takes to register with a biometric
system, by providing samples of a personal characteristic? - Correct Answers -
Enrollment time
,How can a company ensure protection against eavesdropping and session hijacking for
its workers connecting to a public cloud? - Correct Answers -Use a VPN.
Which type of client-side program always runs in a sandbox? - Correct Answers -Java
applet
When hashing a message, which of the following security goals is being provided? -
Correct Answers -Integrity
How does a typical SIEM or systems management console retrieve event details from a
source system? - Correct Answers -SNMP
A company is concerned about unauthorized entities attacking their wireless network.
The company has chosen to disable SSID broadcast in order to hide their base station
and prevent unauthorized connections. Which of the following statements are correct of
this scenario? - Correct Answers -It does not resolve the issue because the SSID is still
present in most other management frames.
Which of the following is true about biometric scan technology? - Correct Answers -A
number of points extracted from the item scanned are stored.
A business asset is best described by which of the following? - Correct Answers -
Competitive advantage, capability, credibility, or goodwill
Which term is used to indicate the function of access control or defining which subjects
can perform various tasks on specific objects? - Correct Answers -Authorization
Other than implementing preventative measures and planning out response and
recovery strategies, what is another important element that will help minimize data loss
in the event of a harmful event that would trigger a disaster recovery policy (DRP)? -
Correct Answers -Prior warning of impending harm
To prevent any one person from having too much control or power, or performing
fraudulent acts, which of the following solutions should not be implemented? - Correct
Answers -Job rotation
Which of the following best describes an endpoint device? - Correct Answers -Computer
printer
What is the correct description of a certificate? - Correct Answers -A certificate contains
the owner's public key.
A backup site is best described by which of the following options? - Correct Answers -A
computer facility with power and HVAC and all servers and communications. All
applications are ready to be installed and configured, and recent data is available to be
restored to the site.
,What does an acceptable use policy AUP state? - Correct Answers -The acceptable
and unacceptable uses for organizational resources
Which option provides the best description of the first action to take during incident
response? - Correct Answers -Follow the procedures in the incident response plan.
Which of the following best describes maximum tolerable downtime? - Correct Answers
-The amount of time a business process may be off-line before the viability of the
organization is in severe jeopardy
Which choice best describes a zombie? - Correct Answers -A member of a botnet
Which option is not part of the prevention primary security category? - Correct Answers
-Using an alternate site after a disaster
What type of attack cannot be blocked or resolved with a software fix or a hardware
upgrade? - Correct Answers -Social engineering
Crossover error rate (CER) refers to which of the following graphical intersections? -
Correct Answers -False rejection rate and false acceptance rate
Which of the following is a term used for a rogue Wi-Fi access point that appears to be
legitimate but actually has been set up to intercept wireless communications? - Correct
Answers -Evil twin
Your company is about to launch a new Web site offering services and features that are
commonly requested but rarely offered by other existing sites. The market research
shows that the new site will be very popular and will have significant user growth for
years. You have been given the responsibility to set up user authentication. Your
requirements are the following:
Each user must be uniquely identified.
Multifactor authentication should be supported.
Authentication should provide protection of a user's identity even if your Web site's
servers are compromised by hackers.
How would you implement the authentication for this Web site? - Correct Answers -Set
up a one-way federated access with an existing major social network site.
Which of the following is part of a business continuity plan? - Correct Answers -The
recovery point objective
A clipping level does which of the following? - Correct Answers -Defines a threshold of
activity that, after crossed, sets off an operator alarm or alert
How does PGP provide e-mail confidentiality? - Correct Answers -Through random
symmetric keys and the use of public keys
, What are the three categories of controls? - Correct Answers -Physical, logical
(technical), and administrative
Encapsulation provides what type of action? - Correct Answers -Places one type of
packet inside another
Evidence should be tracked utilizing which of the following methods? - Correct Answers
-Chain of custody
Which answer is most accurate regarding firewalls? - Correct Answers -They filter traffic
based upon inspecting packets.
Why is multifactor authentication considered more secure than single-factor
authentication? - Correct Answers -Multifactor authentication requires multiple distinct
attacks to perform impersonation.
What is a significant difference between the secure protocols of TLS-encrypted SMTP
and the use of S/MIME for the protection of e-mail communications? - Correct Answers
-One provides end-to-end protection of messages, while the other only secures a local
link.
Which group represents the most likely source of an asset being lost through
inappropriate computer use? - Correct Answers -Employees
What must every policy possess in order to be successfully implemented? - Correct
Answers -Senior executive endorsement
Which of the following best describes privileged users? - Correct Answers -They are
super-users or administrators
During an access system audit, a number of active accounts were discovered from
employees who had left the company over the past two years. What are these accounts
called? - Correct Answers -Orphaned accounts
Which option most accurately defines a threat? - Correct Answers -Possibility for a
source to exploit a specific vulnerability
Which security plan is used to restore normal operations in the event of the full
interruption of mission critical business functions? - Correct Answers -Disaster recovery
plan
Which of the following is not a control category? - Correct Answers -Preventative
What is the component of IPSec that handles key generation and distribution? - Correct
Answers -Internet Key Exchange
