Test your basic knowledge |

SSCP: Systems Security Certified Practitioner

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A one way hash converts a string of random length into a _______________ encrypted string.






2. Which auditing practice relates to the controlling of hardware - software - firmware - and documentation to insure it has not been improperly modified?






3. Digital Certificates use which protocol?






4. RSA is not based on a ________






5. ____________ is a file system that was poorly designed and has numerous security flaws.






6. Each password must have a combination of upper case - lower case - numbers and special characters - 6 character minimum password length - This rule is enforced by ______






7. Contracting with an insurance company to cover losses due to information security breaches is known as risk __________.






8. Committing computer crimes in such small doses that they almost go unnoticed.






9. DES - Data Encryption standard has a 128 bit key and is ________






10. ___________________ viruses change the code order of the strain each time they replicate to another machine.






11. Stealth viruses live in memory while __________ are written to disk






12. ___________ - generally considered 'need to know' access is given based on permissions granted to the user.






13. __________ attacks capitalize on programming errors and can allow the originator to gain additional privileges on a machine.






14. Countermeasures' main objectives






15. So far - no one has been able to crack the ____________ with Brute Force.






16. Although it is considered a low tech attack ____________ is still a very effective way of gaining unauthorized access to network systems.






17. Which of the concepts best describes Availability in relation to computer resources?






18. Which form of media is handled at the Physical Layer (Layer 1) of the OSI Reference Model?






19. Countermeasures address security concerns in this category






20. When ________________it is very important to do document the chain of evidence by taking good notes and perform a bit-level back up of the data before analysis






21. A ______________ is an electronically generated record that ties a user's ID to their public key.






22. Layer 4 of the OSI model corresponds to which layer of the DoD model?






23. The most secure method for storing backup tapes is?






24. __________________ will have weird characters printed at the beginning or end of an email message - what would it be anindication of?






25. Which of the following is NOT and encryption algorithm?






26. The act of intercepting the first message in a public key exchange and substituting a bogus key for the original key is an example of which style of attack?






27. Although they are accused of being one in the same - _______________ are two distinctly different groups with different goals pertaining to computers.






28. The PAP protocol sends passwords in clear text - while ____________ encrypts passwords. Both protocols are used by PPP (Point to Point Protocol) to transport IP traffic






29. A security policy is a ___________ set of rules that must be followed explicitly in order to be effective.






30. __________ is a tool used by network administrators to capture packets from a network.






31. Contain - Recover - Review - Identify - Prepare






32. EICAR is an example of a _____________ used to test AV products without introducing a live virus into the network.






33. S/MIME was developed for the protection of what communication mechanism(s)?






34. If your telephone company suddenly started billing you for caller ID and call forwarding without your permission - this practice is referred to as __________________.






35. HTTP - FTP - SMTP reside at which layer of the OSI model?






36. Intentionally embedding secret data into a picture or some form of media is known as Steganographyor data ___________.






37. In a Public Key Infrastructure (PKI) - what is the role of a directory server?






38. The __________ is the most dangerous part of a virus program.






39. ________ is a protocol developed by Visa and MasterCard to protect electronic transactions.






40. Organizations that can be a valid Certificate Authority (CA)






41. Examples of One- Time Password technology






42. ____ members of the staff need to be educated in disaster recovery procedures.






43. Allows File owners to determine access rights.






44. Consists of checking for Minimum password length - Password aging - Password Strength - Blank Passwords?






45. ______________ is a Unix security scanning tool developed at Texas A&M university.






46. It is difficult to prosecute a computer criminal if _________ are not deployed






47. A virus is considered to be 'in the ______ ' if it has been reported as replicating and causing harm to computers.






48. Unclassified - Private - Confidential - Secret - Top Secret - and Internal Use Only are levels of ________________.






49. Main goals of an information security program






50. ________ is the authoritative entity which lists port assignments