SSCP ( Systems Security Certified Practitioner) TESTS COMPILATION BUNDLE

3DES Triple DES A symmetric encryption algorithm that uses either two (key 1 and key 3 are the same) or three keys and improves upon the Data Encryption Standard algorithm. AAA Triple A Referred to as the AAA of access control- authentication, authorization, and accounting. access contro...

Malicious Code (Malicious Code Naming Conventions) a type of code introduced into a computer system with the purpose of corrupting data, deleting documents, making systems unavailable, or simply defacing web pages. Domains that provide the framework for IT security best practice. (Malicious ...

[Security Fundamentals] How many years of experience are required to earn the Associate of (ISC)2 designation? A. Zero B. One C. Two D. Five A [Security Fundamentals] What are the three elements of the security triad? A. Authentication authorization, and accounting B. Confid...

Incidents are what? correct answer: Events that are violations or imminent treat of a violation of computer security policies, acceptable use policies or standard security practices Are events incidents? correct answer: no, but all incidents are events What are Incident handling preparations...

What makes up the CIA triad? correct answer: Confidentiality Integrity Availability A term that refers to the minimum amount of people to perform a highly sensitive action. correct answer: M of N control multiple agents with the capability (M), and the minimum number of these agents (N) in ord...

Risk refers to what? correct answer: The probability of an incident occurring that can result in some negative impact Effective way to ensure zero risk? correct answer: None not engaging in the activity that introduces that risk Risk Register correct answer: Detailed document of compiled ...

How many years of experience are required to earn the Associate of (ISC)2 designation? A. Zero B. One C. Two D. Five correct answer: [Security Fundamentals] A. You don't need to meet the experience requirement to earn the Associate of (ISC)2 designation, so zero years of experience are ...

The most common security weaknesses and exploits are in which standardized list? correct answer: D. CVE - Common Vulnerabilities and Exposures Choose the password configuration rules enforced by the P Windows add-on. correct answer: C. Password must have a combination of upper case, lower case,...

Access Control Object correct answer: A passive entity that typically receives or contains some form of data. Access Control Subject correct answer: An active entity and can be any user, program, or process that requests permission to cause data to flow from an access control object to the acce...

DES - Data Encryption standard has a 128 bit key and is very difficult to break. A. True B. False correct answer: B What is the main difference between computer abuse and computer crime? A. Amount of damage B. Intentions of the perpetrator C. Method of compromise D. Abuse = company ins...

A worm recently infected the company network. You have identified that this issue occured due to employees accessing a malicious web site. You need to prevent employees from accessing this site in the future. What should you do? correct answer: Configure an ACL on the border router What is defin...

Caesar cipher is a type of __. correct answer: substitution (cipher) two plaintexts results in the same hash value correct answer: collision Type of impact analysis that identifies areas for immediate improvement correct answer: qualitative (impact analysis) tunneling (between networks) ...

What is salt in the IT World? correct answer: random piece of additional input data that provided to a one way hashing function Salting is often used with what? correct answer: passwords and passphrases In Salting what is stored? correct answer: the hash is stored not the actual password or...

Availability correct answer: Refers to the ability to access and use information systems when and as needed to support an organization's operations. Breach correct answer: The intentional or unintentional release of secure information to an untrusted environment. CMDB correct answer: A con...