Test your basic knowledge |

SSCP: Systems Security Certified Practitioner

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Intentionally embedding secret data into a picture or some form of media is known as Steganographyor data ___________.






2. __________ is the most famous Unix password cracking tool.






3. The PAP protocol sends passwords in clear text - while ____________ encrypts passwords. Both protocols are used by PPP (Point to Point Protocol) to transport IP traffic






4. __________________ will have weird characters printed at the beginning or end of an email message - what would it be anindication of?






5. ___________________ is responsible for creating security policies and for communicating those policies to system users.






6. ______________ relates to the concept of protecting data from unauthorized users.






7. ___________________ viruses change the code order of the strain each time they replicate to another machine.






8. __________ is a tool used by network administrators to capture packets from a network.






9. Unclassified - Private - Confidential - Secret - Top Secret - and Internal Use Only are levels of ________________.






10. Accounting - Authentication - and ____________ are the AAAs of information security.






11. The most secure method for storing backup tapes is?






12. Allows File owners to determine access rights.






13. A virus is considered to be 'in the ______ ' if it has been reported as replicating and causing harm to computers.






14. Main goals of an information security program






15. To help managers find the correct cost balance between risks and countermeasures






16. Identifying specific attempts to penetrate systems is the function of the _______________.






17. Logon and Logoff - Use of User Rights - Security Policy Change






18. Used in ______________:Retinal Scanning - Fingerprints - Face Recognition - Voice Recognition






19. __________ attacks capitalize on programming errors and can allow the originator to gain additional privileges on a machine.






20. A ______________ is an electronically generated record that ties a user's ID to their public key.






21. So far - no one has been able to crack the ____________ with Brute Force.






22. Contracting with an insurance company to cover losses due to information security breaches is known as risk __________.






23. Diffie Hellman - RSA - and ___________ are all examples of Public Key cryptography?






24. There are 5 classes of IP addresses available - but only 3 classes are in common use today






25. Wiretapping is an example of a ________.






26. RSA is not based on a ________






27. PGP & PEM are programs that allow users to send encrypted messages to each other. What form of encryption do these programs use?






28. It is difficult to prosecute a computer criminal if _________ are not deployed






29. A one way hash converts a string of random length into a _______________ encrypted string.






30. Which of the concepts best describes Availability in relation to computer resources?






31. Tiger - TCP Wrappers - TripWire - LogCheck - SATAN






32. Unlike like viruses and worm - __________ are bogus messages that spread via email forwarding.






33. What security principle is based on the division of job responsibilities - designed to prevent fraud?






34. ____________ is used in mission critical systems and applications to lock down information based on sensitivity levels (Confidential - Top Secret - etc.






35. These should be done on a weekly basis






36. Today - ______________ are almost as serious as security violations






37. Macintosh computers are _____ at risk for receiving viruses.






38. _________ is a form of Denial of Service attack which interrupts the TCP three way handshake and leaves half open connections.






39. Data being delivered from the source to the intended receiver without being altered






40. ________ is the authoritative entity which lists port assignments






41. Which layer of the OSI model handles encryption?






42. ______________ is a major component of an overall risk management program.






43. Examples of One- Time Password technology






44. ___________ - generally considered 'need to know' access is given based on permissions granted to the user.






45. Trend Analysis involves analyzing historical ___________ files in order to look for patterns of abuse or misuse.






46. They specifically target telephone networks






47. A true network security audit does include an audit for _____________






48. When ________________it is very important to do document the chain of evidence by taking good notes and perform a bit-level back up of the data before analysis






49. A security policy is a ___________ set of rules that must be followed explicitly in order to be effective.






50. S/MIME was developed for the protection of what communication mechanism(s)?