Voordeelbundel
SSCP ( Systems Security Certified Practitioner) TESTS COMPILATION BUNDLE
SSCP ( Systems Security Certified Practitioner) TESTS COMPILATION BUNDLE
[Meer zien]SSCP ( Systems Security Certified Practitioner) TESTS COMPILATION BUNDLE
[Meer zien]Access Control Object correct answer: A passive entity that typically receives or contains some form of data. 
 
Access Control Subject correct answer: An active entity and can be any user, program, or process that requests permission to cause data to flow from an access control object to the acce...
Voorbeeld 2 van de 15 pagina's
In winkelwagenAccess Control Object correct answer: A passive entity that typically receives or contains some form of data. 
 
Access Control Subject correct answer: An active entity and can be any user, program, or process that requests permission to cause data to flow from an access control object to the acce...
3DES Triple DES A symmetric encryption algorithm that uses either two (key 1 and key 3 are the same) or three keys and improves upon the Data Encryption Standard algorithm. 
 
AAA Triple A Referred to as the AAA of access control- authentication, authorization, and accounting. 
 
access contro...
Voorbeeld 2 van de 13 pagina's
In winkelwagen3DES Triple DES A symmetric encryption algorithm that uses either two (key 1 and key 3 are the same) or three keys and improves upon the Data Encryption Standard algorithm. 
 
AAA Triple A Referred to as the AAA of access control- authentication, authorization, and accounting. 
 
access contro...
Malicious Code 
(Malicious Code Naming Conventions) a type of code introduced into a computer system with the purpose of corrupting data, deleting documents, making systems unavailable, or simply defacing web pages. 
 
Domains that provide the framework for IT security best practice. 
(Malicious ...
Voorbeeld 4 van de 48 pagina's
In winkelwagenMalicious Code 
(Malicious Code Naming Conventions) a type of code introduced into a computer system with the purpose of corrupting data, deleting documents, making systems unavailable, or simply defacing web pages. 
 
Domains that provide the framework for IT security best practice. 
(Malicious ...
[Security Fundamentals] 
 
How many years of experience are required to earn the Associate of (ISC)2 designation? 
 
A. Zero 
B. One 
C. Two 
D. Five A 
 
[Security Fundamentals] 
 
What are the three elements of the security triad? 
 
A. Authentication authorization, and accounting 
B. Confid...
Voorbeeld 4 van de 58 pagina's
In winkelwagen[Security Fundamentals] 
 
How many years of experience are required to earn the Associate of (ISC)2 designation? 
 
A. Zero 
B. One 
C. Two 
D. Five A 
 
[Security Fundamentals] 
 
What are the three elements of the security triad? 
 
A. Authentication authorization, and accounting 
B. Confid...
Incidents are what? correct answer: Events that are violations or imminent treat of a violation of computer security policies, acceptable use policies or standard security practices 
 
Are events incidents? correct answer: no, but all incidents are events 
 
What are Incident handling preparations...
Voorbeeld 2 van de 10 pagina's
In winkelwagenIncidents are what? correct answer: Events that are violations or imminent treat of a violation of computer security policies, acceptable use policies or standard security practices 
 
Are events incidents? correct answer: no, but all incidents are events 
 
What are Incident handling preparations...
What makes up the CIA triad? correct answer: Confidentiality Integrity Availability 
 
A term that refers to the minimum amount of people to perform a highly sensitive action. correct answer: M of N control 
multiple agents with the capability (M), and the minimum number of these agents (N) in ord...
Voorbeeld 4 van de 58 pagina's
In winkelwagenWhat makes up the CIA triad? correct answer: Confidentiality Integrity Availability 
 
A term that refers to the minimum amount of people to perform a highly sensitive action. correct answer: M of N control 
multiple agents with the capability (M), and the minimum number of these agents (N) in ord...
Risk refers to what? correct answer: The probability of an incident occurring that can result in some negative impact 
 
Effective way to ensure zero risk? correct answer: None 
not engaging in the activity that introduces that risk 
 
Risk Register correct answer: Detailed document of compiled ...
Voorbeeld 1 van de 4 pagina's
In winkelwagenRisk refers to what? correct answer: The probability of an incident occurring that can result in some negative impact 
 
Effective way to ensure zero risk? correct answer: None 
not engaging in the activity that introduces that risk 
 
Risk Register correct answer: Detailed document of compiled ...
How many years of experience are required to earn the Associate of (ISC)2 designation? 
 
A. Zero 
B. One 
C. Two 
D. Five correct answer: [Security Fundamentals] 
 
A. You don't need to meet the experience requirement to earn the Associate of (ISC)2 designation, so zero years of experience are ...
Voorbeeld 4 van de 77 pagina's
In winkelwagenHow many years of experience are required to earn the Associate of (ISC)2 designation? 
 
A. Zero 
B. One 
C. Two 
D. Five correct answer: [Security Fundamentals] 
 
A. You don't need to meet the experience requirement to earn the Associate of (ISC)2 designation, so zero years of experience are ...
The most common security weaknesses and exploits are in which standardized list? correct answer: D. CVE - Common Vulnerabilities and Exposures 
 
Choose the password configuration rules enforced by the P Windows add-on. correct answer: C. Password must have a combination of upper case, lower case,...
Voorbeeld 1 van de 3 pagina's
In winkelwagenThe most common security weaknesses and exploits are in which standardized list? correct answer: D. CVE - Common Vulnerabilities and Exposures 
 
Choose the password configuration rules enforced by the P Windows add-on. correct answer: C. Password must have a combination of upper case, lower case,...
Access Control Object correct answer: A passive entity that typically receives or contains some form of data. 
 
Access Control Subject correct answer: An active entity and can be any user, program, or process that requests permission to cause data to flow from an access control object to the acce...
Voorbeeld 2 van de 10 pagina's
In winkelwagenAccess Control Object correct answer: A passive entity that typically receives or contains some form of data. 
 
Access Control Subject correct answer: An active entity and can be any user, program, or process that requests permission to cause data to flow from an access control object to the acce...
DES - Data Encryption standard has a 128 bit key and is very difficult to break. 
 
A. True 
B. False correct answer: B 
 
What is the main difference between computer abuse and computer crime? 
 
A. Amount of damage 
B. Intentions of the perpetrator 
C. Method of compromise 
D. Abuse = company ins...
Voorbeeld 3 van de 20 pagina's
In winkelwagenDES - Data Encryption standard has a 128 bit key and is very difficult to break. 
 
A. True 
B. False correct answer: B 
 
What is the main difference between computer abuse and computer crime? 
 
A. Amount of damage 
B. Intentions of the perpetrator 
C. Method of compromise 
D. Abuse = company ins...
A worm recently infected the company network. You have identified that this issue occured due to employees accessing a malicious web site. You need to prevent employees from accessing this site in the future. What should you do? correct answer: Configure an ACL on the border router 
 
What is defin...
Voorbeeld 3 van de 22 pagina's
In winkelwagenA worm recently infected the company network. You have identified that this issue occured due to employees accessing a malicious web site. You need to prevent employees from accessing this site in the future. What should you do? correct answer: Configure an ACL on the border router 
 
What is defin...
Caesar cipher is a type of __. correct answer: substitution (cipher) 
 
two plaintexts results in the same hash value correct answer: collision 
 
Type of impact analysis that identifies areas for immediate improvement correct answer: qualitative (impact analysis) 
 
tunneling (between networks) ...
Voorbeeld 2 van de 10 pagina's
In winkelwagenCaesar cipher is a type of __. correct answer: substitution (cipher) 
 
two plaintexts results in the same hash value correct answer: collision 
 
Type of impact analysis that identifies areas for immediate improvement correct answer: qualitative (impact analysis) 
 
tunneling (between networks) ...
What is salt in the IT World? correct answer: random piece of additional input data that provided to a one way hashing function 
 
Salting is often used with what? correct answer: passwords and passphrases 
 
In Salting what is stored? correct answer: the hash is stored not the actual password or...
Voorbeeld 1 van de 4 pagina's
In winkelwagenWhat is salt in the IT World? correct answer: random piece of additional input data that provided to a one way hashing function 
 
Salting is often used with what? correct answer: passwords and passphrases 
 
In Salting what is stored? correct answer: the hash is stored not the actual password or...
Availability correct answer: Refers to the ability to access and use information systems when and as needed to support an organization's operations. 
 
Breach correct answer: The intentional or unintentional release of secure information to an untrusted environment. 
 
CMDB correct answer: A con...
Voorbeeld 2 van de 10 pagina's
In winkelwagenAvailability correct answer: Refers to the ability to access and use information systems when and as needed to support an organization's operations. 
 
Breach correct answer: The intentional or unintentional release of secure information to an untrusted environment. 
 
CMDB correct answer: A con...
ARO correct answer: Incidents/year 
 
What does STRIDE stand for? correct answer: Spoofing 
Tampering 
Repudiation 
Information disclosure 
Denial of service 
Elevation of privilege 
 
Reduction Analysis correct answer: Breaks a system down into smaller components 
 
What does repeated software ...
Voorbeeld 3 van de 17 pagina's
In winkelwagenARO correct answer: Incidents/year 
 
What does STRIDE stand for? correct answer: Spoofing 
Tampering 
Repudiation 
Information disclosure 
Denial of service 
Elevation of privilege 
 
Reduction Analysis correct answer: Breaks a system down into smaller components 
 
What does repeated software ...
Referred to as the AAA of access control: authentication, authorization, 
and accounting correct answer: AAA, Triple A 
 
A list of subjects and assigned rights used in access control. correct answer: access control list (ACL) 
 
Referred to as the AAA of access control: authentication, authorizat...
Voorbeeld 3 van de 22 pagina's
In winkelwagenReferred to as the AAA of access control: authentication, authorization, 
and accounting correct answer: AAA, Triple A 
 
A list of subjects and assigned rights used in access control. correct answer: access control list (ACL) 
 
Referred to as the AAA of access control: authentication, authorizat...
CIANA Security Paradigm correct answer: 1. Confidentiality 
2. Integrity 
3. Authorization 
4. Nonrepudiation 
5. Authentication 
 
Confidentiality correct answer: violated if any process or person can read, copy, redistribute, or make use of data we deem private or of competitive advantage worth...
Voorbeeld 4 van de 35 pagina's
In winkelwagenCIANA Security Paradigm correct answer: 1. Confidentiality 
2. Integrity 
3. Authorization 
4. Nonrepudiation 
5. Authentication 
 
Confidentiality correct answer: violated if any process or person can read, copy, redistribute, or make use of data we deem private or of competitive advantage worth...
A mode of operation for a block cipher, with the 
characteristic that each possible block of plaintext has a defined corresponding ciphertext 
value, and vice versa correct answer: Electronic Code Book (ECB) 
 
Which block cipher mode is MOST susceptible to plaintext attacks? correct answer: ECB 
...
Voorbeeld 3 van de 17 pagina's
In winkelwagenA mode of operation for a block cipher, with the 
characteristic that each possible block of plaintext has a defined corresponding ciphertext 
value, and vice versa correct answer: Electronic Code Book (ECB) 
 
Which block cipher mode is MOST susceptible to plaintext attacks? correct answer: ECB 
...
DES - Data Encryption standard has a 128 bit key and is very difficult to break. 
 
A. True 
B. False correct answer: B 
 
What is the main difference between computer abuse and computer crime? 
 
A. Amount of damage 
B. Intentions of the perpetrator 
C. Method of compromise 
D. Abuse = company ins...
Voorbeeld 4 van de 47 pagina's
In winkelwagenDES - Data Encryption standard has a 128 bit key and is very difficult to break. 
 
A. True 
B. False correct answer: B 
 
What is the main difference between computer abuse and computer crime? 
 
A. Amount of damage 
B. Intentions of the perpetrator 
C. Method of compromise 
D. Abuse = company ins...
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper Classroom. Stuvia faciliteert de betaling aan de verkoper.
Nee, je koopt alleen deze samenvatting voor $30.49. Je zit daarna nergens aan vast.
4,6 sterren op Google & Trustpilot (+1000 reviews)
Afgelopen 30 dagen zijn er 69104 samenvattingen verkocht
Opgericht in 2010, al 14 jaar dé plek om samenvattingen te kopen