(ISC)² SSCP Exam
Test Bank
Possible Questions and
Answers Included
Latest Update 2024/2025
,(ISC)² SSCP
Access Control Object - Correct Answer-A passive entity that typically receives or contains some form of
data.
Access Control Subject - Correct Answer-An active entity and can be any user, program, or process that
requests permission to cause data to flow from an access control object to the access control subject or
between access control objects.
Asynchronous Password Token - Correct Answer-A one-time password is generated without the use of a
clock, either from a one-time pad or cryptographic algorithm.
Authorization - Correct Answer-Determines whether a user is permitted to access a particular resource.
Connected Tokens - Correct Answer-Must be physically connected to the computer to which the user is
authenticating.
Contactless Tokens - Correct Answer-Form a logical connection to the client computer but do not require a
physical connection.
Disconnected Tokens - Correct Answer-Have neither a physical nor logical connection to the client
computer.
Entitlement - Correct Answer-A set of rules, defined by the resource owner, for managing access to a
resource (asset, service, or entity) and for what purpose.
Identity Management - Correct Answer-The task of controlling information about users on computers.
Proof of Identity - Correct Answer-Verify people's identities before the enterprise issues them accounts and
credentials.
,Kerberos - Correct Answer-A popular network authentication protocol for indirect (third-party) authentication
services.
Lightweight Directory Access Protocol (LDAP) - Correct Answer-A client/server-based directory query
protocol loosely based on X.500, commonly used to manage user information. LDAP is a front end and not
used to manage or synchronize data per se as opposed to DNS.
Single Sign-On (SSO) - Correct Answer-Designed to provide strong authentication using secret-key
cryptography, allowing a single identity to be shared across multiple applications.
Static Password Token - Correct Answer-The device contains a password that is physically hidden (not
visible to the possessor) but that is transmitted for each authentication.
Synchronous Dynamic Password Token - Correct Answer-A timer is used to rotate through various
combinations produced by a cryptographic algorithm.
Trust Path - Correct Answer-A series of trust relationships that authentication requests must follow between
domains
6to4 - Correct Answer-Transition mechanism for migrating from IPv4 to IPv6. It allows systems to use IPv6
to communicate if their traffic has to transverse an IPv4 network.
Absolute addresses - Correct Answer-Hardware addresses used by the CPU.
Abstraction - Correct Answer-The capability to suppress unnecessary details so the important, inherent
properties can be examined and reviewed.
Access - Correct Answer-The flow of information between a subject and an object.
Access control matrix - Correct Answer-A table of subjects and objects indicating what actions individual
subjects can take upon individual objects.
, Access control model - Correct Answer-An access control model is a framework that dictates how subjects
access objects.
Access controls - Correct Answer-Are security features that control how users and systems communicate
and interact with other systems and resources.
Accreditation - Correct Answer-Formal acceptance of the adequacy of a system's overall security by
management.
Active attack - Correct Answer-Attack where the attacker does interact with processing or communication
activities.
ActiveX - Correct Answer-A Microsoft technology composed of a set of OOP technologies and tools based
on COM and DCOM. It is a framework for defining reusable software components in a programming
language-independent manner
Address bus - Correct Answer-Physical connections between processing components and memory
segments used to communicate the physical memory addresses being used during processing procedures.
Address resolution protocol (ARP) - Correct Answer-A networking protocol used for resolution of network
layer IP addresses into link layer MAC addresses.
Address space layout randomization (ASLR) - Correct Answer-Memory protection mechanism used by some
operating systems. The addresses used by components of a process are randomized so that it is harder for
an attacker to exploit specific memory vulnerabilities.
Algebraic attack - Correct Answer-Cryptanalysis attack that exploits vulnerabilities within the intrinsic
algebraic structure of mathematical functions.
Algorithm - Correct Answer-Set of mathematical and logic rules used in cryptographic functions.
Analog signals - Correct Answer-Continuously varying electromagnetic wave that represents and transmits
data.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller PatrickHaller. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $19.39. You're not tied to anything after your purchase.