SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
SSCP: Systems Security Certified Practitioner
Start Test
Study First
Subjects
:
certifications
,
sscp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Instructions or code that executes on an end user's machine from a web browser is known as __________ code.
Mobile
Confidentiality
run applications as generic accounts with little or no privileges.
IANA
2. Countermeasures' main objectives
Prevent - Recover - Detect
Host based - network based
MAC - Mandatory Access Control
Risk assessment
3. Organizations that can be a valid Certificate Authority (CA)
Verisign - Microsoft - Dell
Less secure
Layers 5 - 6 - & 7 - Session - Presentation - and Application Layers
SYN Flooding
4. Combine both boot and file virus behavior
Multi-partite viruses
S/Key - OPIE
Passive network attack
Gathering digital evidence
5. There are 6 types of security control practices. ___________ controls are management policies - procedures - and guidelines that usually effect the entire system. These types of controls deal with system auditing and usability.
Cisco
128
Directive
Main goal of a risk management program
6. A ______________ is an electronically generated record that ties a user's ID to their public key.
Granularity
Certificate
IPSEC
Test virus
7. These should be done on a weekly basis
Test virus
Virus definition downloads and system virus scans
Privacy violations
RADIUS
8. ____ members of the staff need to be educated in disaster recovery procedures.
Fixed length
All
Protection of data from unauthorized users
Polymorphic
9. Stealth viruses live in memory while __________ are written to disk
IANA
Layers 5 - 6 - & 7 - Session - Presentation - and Application Layers
Logic bombs
Cramming
10. __________________ will have weird characters printed at the beginning or end of an email message - what would it be anindication of?
Warning Banner
Intrusion Detection System
A PGP Signed message
Salami attack
11. So far - no one has been able to crack the ____________ with Brute Force.
SET
Directive
IDEA algorithm
Cramming
12. __________ is a tool used by network administrators to capture packets from a network.
Sniffer
Intrusion Detection System
Man In The Middle
TIGER
13. Wiretapping is an example of a ________.
Passive network attack
Separation of Duties
MAC - Mandatory Access Control
Phreaks
14. What security principle is based on the division of job responsibilities - designed to prevent fraud?
SET
Separation of Duties
Available service ports
DAC - Discretionary Access Control
15. __________ is the most famous Unix password cracking tool.
DAC - Discretionary Access Control
involves only computer to computer transactions
Cisco
CRACK
16. A formula used in Quantitative risk analysis
Gathering digital evidence
SLE - Single Loss Expectancy
product development life cycle
Layers 5 - 6 - & 7 - Session - Presentation - and Application Layers
17. Remote Access Dial-in User Service
Confidentiality
RADIUS
Cramming
Authorization
18. Used in ______________:Retinal Scanning - Fingerprints - Face Recognition - Voice Recognition
Residual risk
C2
Biometrics
Warning banners
19. Trend Analysis involves analyzing historical ___________ files in order to look for patterns of abuse or misuse.
Residual risk
Log files
Layer 3 - Host to Host
C2
20. A Security Reference Monitor relates to which DoD security standard?
Stealth viruses
C2
Authorization
Log files
21. A one way hash converts a string of random length into a _______________ encrypted string.
involves only computer to computer transactions
Fixed length
All
DSS - Digital Signature Standard
22. Which range defines 'well known ports?'
Wild
Polymorphic
Multi-partite viruses
0-1023
23. _________ is a form of Denial of Service attack which interrupts the TCP three way handshake and leaves half open connections.
SYN Flooding
Acceptance - Transfer - Mitigate
CERT - SANS - CERIAS - COAST
involves only computer to computer transactions
24. Although it is considered a low tech attack ____________ is still a very effective way of gaining unauthorized access to network systems.
Environmental
Fixed length
Social Engineering
Detective
25. A security policy is a ___________ set of rules that must be followed explicitly in order to be effective.
Not rigid
Stealth viruses
DAC - Discretionary Access Control
A PGP Signed message
26. Which of the following is NOT and encryption algorithm?
Risk Equation
TIGER
SSL
Test virus
27. What term describes the amount of risk that remains after the countermeasures have been deployed and the vulnerabilities classified?
Residual risk
PGP
Configuration Control
To make user certificates available to others
28. MD5 is a ___________ algorithm
Off site in a climate controlled area
One way hash
Steps in handling incidents
Passwords
29. Which of the concepts best describes Availability in relation to computer resources?
Users can gain access to any resource upon request (assuming they have proper permissions)
Sniffer
Not very difficult to break.
SET
30. Contain - Recover - Review - Identify - Prepare
Log files
CRACK
All
Steps in handling incidents
31. Layer 4 of the OSI model corresponds to which layer of the DoD model?
Intentions of the perpetrator
Layer 3 - Host to Host
Hoaxes
Detective
32. _________________should be Written down - Clearly Communicated to all system users - Audited and revised periodically.
Also
Password audit
Information Security policies
Cisco
33. It is difficult to prosecute a computer criminal if _________ are not deployed
Payload
Warning banners
IDEA algorithm
Not very difficult to break.
34. ______________ relates to the concept of protecting data from unauthorized users.
Confidentiality
Biometrics
modems
Assignment
35. The act of intercepting the first message in a public key exchange and substituting a bogus key for the original key is an example of which style of attack?
TIGER
Test virus
Man In The Middle
RADIUS
36. S/MIME was developed for the protection of what communication mechanism(s)?
Data Hiding
Hackers and crackers
involves only computer to computer transactions
Email
37. Layer 4 in the DoD model overlaps with which layer(s) of the OSI model?
Environmental
Layers 5 - 6 - & 7 - Session - Presentation - and Application Layers
NFS
SYN Flooding
38. What is the main difference between computer abuse and computer crime?
Intentions of the perpetrator
Cramming
CHAP
S/Key - OPIE
39. Which form of media is handled at the Physical Layer (Layer 1) of the OSI Reference Model?
Ethernet
run applications as generic accounts with little or no privileges.
Test virus
modems
40. Companies can now be __________ just as easily as they can be sued for security compromises.
Risk assessment
Passive network attack
Hackers and crackers
Sued for privacy violations
41. __________ attacks capitalize on programming errors and can allow the originator to gain additional privileges on a machine.
All
Buffer Overflow
Directive
Assignment
42. ________ is the authoritative entity which lists port assignments
Separation of Duties
IANA
TIGER
SLE - Single Loss Expectancy
43. To help managers find the correct cost balance between risks and countermeasures
IDEA algorithm
Polymorphic
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
Main goal of a risk management program
44. Logon and Logoff - Use of User Rights - Security Policy Change
Quantitative analysis
Main goal of a risk management program
SLE - Single Loss Expectancy
NT Audit events
45. Countermeasures address security concerns in this category
Test virus
Also
TIGER
Information
46. Which auditing practice relates to the controlling of hardware - software - firmware - and documentation to insure it has not been improperly modified?
Layer 3 - Host to Host
Cryptanalysis
Passive network attack
Configuration Control
47. Ways to deal with risk.
DSS - Digital Signature Standard
Acceptance - Transfer - Mitigate
Virus definition downloads and system virus scans
modems
48. The most secure method for storing backup tapes is?
Payload
CHAP
Off site in a climate controlled area
SLE - Single Loss Expectancy
49. Digital Certificates use which protocol?
Granularity
Intentions of the perpetrator
Decentralized access control
X.509
50. Macintosh computers are _____ at risk for receiving viruses.
Also
Acceptance - Transfer - Mitigate
Payload
Cramming
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests