SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
SSCP: Systems Security Certified Practitioner
Start Test
Study First
Subjects
:
certifications
,
sscp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A security policy is a ___________ set of rules that must be followed explicitly in order to be effective.
Salami attack
Not rigid
NT Audit events
Privacy violations
2. Instructions or code that executes on an end user's machine from a web browser is known as __________ code.
Mobile
Presentation Layer - L6
Wild
Configuration Control
3. Vulnerability x Threat = RISK is an example of the _______________.
CERT - SANS - CERIAS - COAST
Risk Equation
CHAP
Less secure
4. Passwords: should be audited on a regular basis- should contain some form of your name or userid - should never be shared or written down
product development life cycle
a good password policy
Man In The Middle
MAC - Mandatory Access Control
5. Types of firewalls: Packet Filtering - Application Proxy - and _________________.
Available service ports
IANA
Macro
Stateful Inspection
6. They specifically target telephone networks
Host based - network based
Phreaks
Main goal of a risk management program
0-1023
7. An attempt to break an encryption algorithm is called _____________.
Cryptanalysis
All
Social Engineering
X.509
8. There are 6 types of security control practices. ___________ controls are management policies - procedures - and guidelines that usually effect the entire system. These types of controls deal with system auditing and usability.
Directive
IANA
Polymorphic
Symmetric algorithm
9. Layer 4 in the DoD model overlaps with which layer(s) of the OSI model?
Symmetric algorithm
Cisco
Layers 5 - 6 - & 7 - Session - Presentation - and Application Layers
DAC - Discretionary Access Control
10. HTTP - FTP - SMTP reside at which layer of the OSI model?
SYN Flooding
Acceptance - Transfer - Mitigate
Multi-partite viruses
Layer 7 - Application
11. A boot sector virus goes to work when what event takes place?
Risk Equation
Payload
Stealth viruses
Reboot or system startup
12. Used in ______________:Retinal Scanning - Fingerprints - Face Recognition - Voice Recognition
Directive
Biometrics
Certificate
RSA
13. A Security Reference Monitor relates to which DoD security standard?
Cryptanalysis
C2
a good password policy
Steps in handling incidents
14. Organizations that can be a valid Certificate Authority (CA)
Stealth viruses
SLE - Single Loss Expectancy
Verisign - Microsoft - Dell
Authorization
15. Which of the concepts best describes Availability in relation to computer resources?
Users can gain access to any resource upon request (assuming they have proper permissions)
Virus definition downloads and system virus scans
Preserve electronic evidence and protect it from any alteration
Social Engineering
16. ______________ is a Unix security scanning tool developed at Texas A&M university.
TIGER
Multi-partite viruses
Phreaks
C2
17. __________ is a tool used by network administrators to capture packets from a network.
CERT - SANS - CERIAS - COAST
Also
Information Security policies
Sniffer
18. What security principle is based on the division of job responsibilities - designed to prevent fraud?
Not very difficult to break.
Separation of Duties
C2
Information Security policies
19. Unlike like viruses and worm - __________ are bogus messages that spread via email forwarding.
Phreaks
0-1023
Hoaxes
Passfilt.dll
20. Public keys are used for encrypting messages and private keys are used for __________messages.
Depcrypting
Man In The Middle
IANA
Multi-partite viruses
21. Consists of checking for Minimum password length - Password aging - Password Strength - Blank Passwords?
CHAP
Password audit
Main goal of a risk management program
Assignment
22. Which major vendor adopted TACACS into its product line as a form of AAA architecture?
run applications as generic accounts with little or no privileges.
Users can gain access to any resource upon request (assuming they have proper permissions)
Cisco
DSS - Digital Signature Standard
23. Intentionally embedding secret data into a picture or some form of media is known as Steganographyor data ___________.
Data Hiding
Mobile
Not rigid
MAC - Mandatory Access Control
24. What is the main difference between computer abuse and computer crime?
Off site in a climate controlled area
To make user certificates available to others
Intentions of the perpetrator
C2
25. ________ is the authoritative entity which lists port assignments
IDEA algorithm
Buffer Overflow
IANA
Authorization
26. ________ is a protocol developed by Visa and MasterCard to protect electronic transactions.
Mobile
Cramming
Main goal of a risk management program
SET
27. Code Review - Certification - Accreditation - Functional Design Review - System Test Review
Layer 3 - Host to Host
product development life cycle
Depcrypting
Cisco
28. Smart cards are a secure alternative to which weak security mechanism?
Residual risk
SLE - Single Loss Expectancy
Passwords
Intrusion Detection System
29. ____________ is used in mission critical systems and applications to lock down information based on sensitivity levels (Confidential - Top Secret - etc.
MAC - Mandatory Access Control
Steps in handling incidents
Cryptanalysis
Sniffer
30. There are 5 classes of IP addresses available - but only 3 classes are in common use today
a good password policy
Accountability
Layers 5 - 6 - & 7 - Session - Presentation - and Application Layers
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
31. It is difficult to prosecute a computer criminal if _________ are not deployed
Main goal of a risk management program
Sued for privacy violations
Warning banners
Assignment
32. Today - ______________ are almost as serious as security violations
CVE - Common Vulnerabilities and Exposures
Phreaks
product development life cycle
Privacy violations
33. The IDEA algorithm (used in PGP) is _______ bits long.
Multi-partite viruses
128
Hoaxes
involves only computer to computer transactions
34. A standardized list of the most common security weaknesses and exploits is the __________.
Macro
Prevent - Recover - Detect
Configuration Control
CVE - Common Vulnerabilities and Exposures
35. What term describes the amount of risk that remains after the countermeasures have been deployed and the vulnerabilities classified?
Residual risk
Preserve electronic evidence and protect it from any alteration
Test virus
Phreaks
36. Wiretapping is an example of a ________.
Passive network attack
0-1023
Fixed length
Warning banners
37. The ultimate goal of a computer forensics specialist is to ___________________.
Preserve electronic evidence and protect it from any alteration
Also
Test virus
Logic bombs
38. Tiger - TCP Wrappers - TripWire - LogCheck - SATAN
Symmetric algorithm
Layer 7 - Application
Unix / Linux based security tools?
Host based - network based
39. The ability to adjust access control to the exact amount of permission necessary is called ______________.
Off site in a climate controlled area
Granularity
Confidentiality
Environmental
40. When ________________it is very important to do document the chain of evidence by taking good notes and perform a bit-level back up of the data before analysis
Macro
Gathering digital evidence
Depcrypting
Presentation Layer - L6
41. The ability to identify and audit a user and his / her actions is known as ____________.
Man In The Middle
Certificate
Stealth viruses
Accountability
42. Although it is considered a low tech attack ____________ is still a very effective way of gaining unauthorized access to network systems.
Reboot or system startup
Social Engineering
Hoaxes
S/Key - OPIE
43. A formula used in Quantitative risk analysis
SLE - Single Loss Expectancy
Risk Equation
Configuration Control
Acceptance - Transfer - Mitigate
44. The act of intercepting the first message in a public key exchange and substituting a bogus key for the original key is an example of which style of attack?
128
Email
Man In The Middle
RADIUS
45. Diffie Hellman - RSA - and ___________ are all examples of Public Key cryptography?
Prevent - Recover - Detect
IANA
Protection of data from unauthorized users
DSS - Digital Signature Standard
46. Logon and Logoff - Use of User Rights - Security Policy Change
NT Audit events
Biometrics
Layers 5 - 6 - & 7 - Session - Presentation - and Application Layers
Main goal of a risk management program
47. These should be done on a weekly basis
Layer 3 - Host to Host
Virus definition downloads and system virus scans
Acceptance - Transfer - Mitigate
Protection of data from unauthorized users
48. So far - no one has been able to crack the ____________ with Brute Force.
Acceptance - Transfer - Mitigate
Business enabler
Also
IDEA algorithm
49. Remote Access Dial-in User Service
Residual risk
TIGER
RADIUS
Phreaks
50. The PAP protocol sends passwords in clear text - while ____________ encrypts passwords. Both protocols are used by PPP (Point to Point Protocol) to transport IP traffic
CHAP
NFS
Personal Firewall - IDS - host based - Antivirus
Sued for privacy violations
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests