Certbus > ISC > ISC Certifications > SSCP > SSCP Online Practice Questions and Answers

SSCP Online Practice Questions and Answers

Questions 4

What can be defined as a table of subjects and objects indicating what actions individual subjects can take upon individual objects?

A. A capacity table

B. An access control list

C. An access control matrix

D. A capability table

Browse 1074 Q&As
Questions 5

Which access control model provides upper and lower bounds of access capabilities for a subject?

A. Role-based access control

B. Lattice-based access control

C. Biba access control

D. Content-dependent access control

Browse 1074 Q&As
Questions 6

Which of the following statements pertaining to a security policy is incorrect?

A. Its main purpose is to inform the users, administrators and managers of their obligatory requirements for protecting technology and information assets.

B. It specifies how hardware and software should be used throughout the organization.

C. It needs to have the acceptance and support of all levels of employees within the organization in order for it to be appropriate and effective.

D. It must be flexible to the changing environment.

Browse 1074 Q&As
Questions 7

Which of the following best defines add-on security?

A. Physical security complementing logical security measures.

B. Protection mechanisms implemented as an integral part of an information system.

C. Layer security.

D. Protection mechanisms implemented after an information system has become operational.

Browse 1074 Q&As
Questions 8

Which of the following groups represents the leading source of computer crime losses?

A. Hackers

B. Industrial saboteurs

C. Foreign intelligence officers

D. Employees

Browse 1074 Q&As
Questions 9

Under United States law, an investigator's notebook may be used in court in which of the following scenarios?

A. When the investigator is unwilling to testify.

B. When other forms of physical evidence are not available.

C. To refresh the investigators memory while testifying.

D. If the defense has no objections.

Browse 1074 Q&As
Questions 10

What is the PRIMARY reason to maintain the chain of custody on evidence that has been collected?

A. To ensure that no evidence is lost.

B. To ensure that all possible evidence is gathered.

C. To ensure that it will be admissible in court

D. To ensure that incidents were handled with due care and due diligence.

Browse 1074 Q&As
Questions 11

Which of the following could be BEST defined as the likelihood of a threat agent taking advantage of a vulnerability?

A. A risk

B. A residual risk

C. An exposure

D. A countermeasure

Browse 1074 Q&As
Questions 12

Which of the following rules pertaining to a Business Continuity Plan/Disaster Recovery Plan is incorrect?

A. In order to facilitate recovery, a single plan should cover all locations.

B. There should be requirements to form a committee to decide a course of action. These decisions should be made ahead of time and incorporated into the plan.

C. In its procedures and tasks, the plan should refer to functions, not specific individuals.

D. Critical vendors should be contacted ahead of time to validate equipment can be obtained in a timely manner.

Browse 1074 Q&As
Questions 13

What can be described as a measure of the magnitude of loss or impact on the value of an asset?

A. Probability

B. Exposure factor

C. Vulnerability

D. Threat

Browse 1074 Q&As
Questions 14

Which of the following is NOT a property of the Rijndael block cipher algorithm?

A. The key sizes must be a multiple of 32 bits

B. Maximum block size is 256 bits

C. Maximum key size is 512 bits

D. The key size does not have to match the block size

Browse 1074 Q&As
Questions 15

You work in a police department forensics lab where you examine computers for evidence of crimes. Your work is vital to the success of the prosecution of criminals.

One day you receive a laptop and are part of a two man team responsible for examining it together. However, it is lunch time and after receiving the laptop you leave it on your desk and you both head out to lunch.

What critical step in forensic evidence have you forgotten?

A. Chain of custody

B. Locking the laptop in your desk

C. Making a disk image for examination

D. Cracking the admin password with chntpw

Browse 1074 Q&As
Questions 16

Within the OSI model, at what layer are some of the SLIP, CSLIP, PPP control functions provided?

A. Data Link

B. Transport

C. Presentation

D. Application

Browse 1074 Q&As
Questions 17

A proxy can control which services (FTP and so on) are used by a workstation , and also aids in protecting the network from outsiders who may be trying to get information about the:

A. network's design

B. user base

C. operating system design

D. net BIOS' design

Browse 1074 Q&As
Questions 18

Communications devices must operate:

A. at different speeds to communicate.

B. at the same speed to communicate.

C. at varying speeds to interact.

D. at high speed to interact.

Browse 1074 Q&As
Exam Code: SSCP
Exam Name: System Security Certified Practitioner (SSCP)
Last Update: Mar 15, 2025
Questions: 1074 Q&As

PDF

$49.99

VCE

$55.99

PDF + VCE

$65.99