SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
SSCP: Systems Security Certified Practitioner
Start Test
Study First
Subjects
:
certifications
,
sscp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Is the person who is attempting to log on really who they say they are? What form of access control does this questions stem from?
Configuration Control
Passwords
Authentication
run applications as generic accounts with little or no privileges.
2. Unclassified - Private - Confidential - Secret - Top Secret - and Internal Use Only are levels of ________________.
A PGP Signed message
Intrusion Detection System
Data Classification
RADIUS
3. Main goals of an information security program
Confidentiality - Availability -Integrity of data
Acceptance - Transfer - Mitigate
Off site in a climate controlled area
Cramming
4. Layer 4 of the OSI model corresponds to which layer of the DoD model?
Unix / Linux based security tools?
Log files
Layer 3 - Host to Host
Separation of Duties
5. A boot sector virus goes to work when what event takes place?
Risk Equation
SET
Reboot or system startup
Logic bombs
6. Layer 4 in the DoD model overlaps with which layer(s) of the OSI model?
involves only computer to computer transactions
Layers 5 - 6 - & 7 - Session - Presentation - and Application Layers
Acceptance - Transfer - Mitigate
Biometrics
7. Smart cards are a secure alternative to which weak security mechanism?
Symmetric algorithm
Users can gain access to any resource upon request (assuming they have proper permissions)
Verisign - Microsoft - Dell
Passwords
8. ____________ is a file system that was poorly designed and has numerous security flaws.
NFS
Cramming
A PGP Signed message
Privacy violations
9. Macintosh computers are _____ at risk for receiving viruses.
CHAP
Man In The Middle
Virus definition downloads and system virus scans
Also
10. Tiger - TCP Wrappers - TripWire - LogCheck - SATAN
Phreaks
Unix / Linux based security tools?
Accountability
Less secure
11. Unlike like viruses and worm - __________ are bogus messages that spread via email forwarding.
Personal Firewall - IDS - host based - Antivirus
ISO
Hoaxes
0-1023
12. There are 65536 _________
Available service ports
DAC - Discretionary Access Control
TIGER
Password audit
13. This free (for personal use) program is used to encrypt and decrypt emails.
Intrusion Detection System
Personal Firewall - IDS - host based - Antivirus
DAC - Discretionary Access Control
PGP
14. Information security policies are a ___________________.
Confidentiality - Availability -Integrity of data
Acceptance - Transfer - Mitigate
128
Business enabler
15. Contracting with an insurance company to cover losses due to information security breaches is known as risk __________.
Assignment
C2
modems
Polymorphic
16. A formula used in Quantitative risk analysis
modems
CHAP
SLE - Single Loss Expectancy
involves only computer to computer transactions
17. DES - Data Encryption standard has a 128 bit key and is ________
Data Classification
RADIUS
Not very difficult to break.
128
18. Used in ______________:Retinal Scanning - Fingerprints - Face Recognition - Voice Recognition
Logic bombs
To make user certificates available to others
Passive network attack
Biometrics
19. Logon and Logoff - Use of User Rights - Security Policy Change
DSS - Digital Signature Standard
Email
Residual risk
NT Audit events
20. __________________ will have weird characters printed at the beginning or end of an email message - what would it be anindication of?
NT Audit events
Steps in handling incidents
Virus definition downloads and system virus scans
A PGP Signed message
21. Which auditing practice relates to the controlling of hardware - software - firmware - and documentation to insure it has not been improperly modified?
Configuration Control
product development life cycle
Layer 3 - Host to Host
Data Hiding
22. An attempt to break an encryption algorithm is called _____________.
Cryptanalysis
Polymorphic
All
Separation of Duties
23. ___________________ is responsible for creating security policies and for communicating those policies to system users.
CERT - SANS - CERIAS - COAST
ISO
Environmental
Steps in handling incidents
24. Instructions or code that executes on an end user's machine from a web browser is known as __________ code.
Layer 7 - Application
Decentralized access control
TIGER
Mobile
25. Public keys are used for encrypting messages and private keys are used for __________messages.
Buffer Overflow
Layer 7 - Application
Granularity
Depcrypting
26. Which major vendor adopted TACACS into its product line as a form of AAA architecture?
Cisco
C2
SYN Flooding
SLE - Single Loss Expectancy
27. To help managers find the correct cost balance between risks and countermeasures
Business enabler
Privacy violations
Main goal of a risk management program
Test virus
28. These should be done on a weekly basis
involves only computer to computer transactions
Virus definition downloads and system virus scans
DSS - Digital Signature Standard
Less secure
29. It is difficult to prosecute a computer criminal if _________ are not deployed
Certificate
Directive
Warning banners
NT Audit events
30. There are 5 classes of IP addresses available - but only 3 classes are in common use today
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
Fixed length
Risk assessment
Mobile
31. MD5 is a ___________ algorithm
RADIUS
MAC - Mandatory Access Control
One way hash
Business enabler
32. There are 6 types of security control practices. ___________ controls are management policies - procedures - and guidelines that usually effect the entire system. These types of controls deal with system auditing and usability.
Intrusion Detection System
Confidentiality
NT Audit events
Directive
33. Which of the concepts best describes Availability in relation to computer resources?
Data Classification
Hackers and crackers
Users can gain access to any resource upon request (assuming they have proper permissions)
Off site in a climate controlled area
34. A virus is considered to be 'in the ______ ' if it has been reported as replicating and causing harm to computers.
Test virus
Wild
Intentions of the perpetrator
product development life cycle
35. RSA is not based on a ________
Prevent - Recover - Detect
Symmetric algorithm
Users can gain access to any resource upon request (assuming they have proper permissions)
Payload
36. An intrusion detection system is an example of what type of countermeasure?
Hackers and crackers
Detective
Layer 3 - Host to Host
Host based - network based
37. A one way hash converts a string of random length into a _______________ encrypted string.
Intrusion Detection System
Fixed length
Risk assessment
SSL
38. S/MIME was developed for the protection of what communication mechanism(s)?
Preserve electronic evidence and protect it from any alteration
SSL
Email
Risk assessment
39. Companies can now be __________ just as easily as they can be sued for security compromises.
Ethernet
Confidentiality - Availability -Integrity of data
Sued for privacy violations
0-1023
40. EDI (Electronic Data Interchange) differs from e- Commerce in that it ___________________.
Separation of Duties
involves only computer to computer transactions
Off site in a climate controlled area
Not very difficult to break.
41. __________ is a tool used by network administrators to capture packets from a network.
Accountability
Sniffer
0-1023
Stateful Inspection
42. A ______________ is an electronically generated record that ties a user's ID to their public key.
Certificate
Salami attack
Depcrypting
Assignment
43. __________ is the most famous Unix password cracking tool.
Information
Information Security policies
CRACK
Hackers and crackers
44. ________ is the authoritative entity which lists port assignments
Configuration Control
Wild
CRACK
IANA
45. What security principle is based on the division of job responsibilities - designed to prevent fraud?
Not rigid
CRACK
Separation of Duties
Off site in a climate controlled area
46. Each password must have a combination of upper case - lower case - numbers and special characters - 6 character minimum password length - This rule is enforced by ______
Passfilt.dll
C2
Mobile
Presentation Layer - L6
47. __________ attacks capitalize on programming errors and can allow the originator to gain additional privileges on a machine.
IDEA algorithm
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
Buffer Overflow
Authorization
48. A standardized list of the most common security weaknesses and exploits is the __________.
TIGER
Data Classification
NT Audit events
CVE - Common Vulnerabilities and Exposures
49. ___________________ viruses change the code order of the strain each time they replicate to another machine.
Passive network attack
Polymorphic
Data Hiding
Residual risk
50. Although they are accused of being one in the same - _______________ are two distinctly different groups with different goals pertaining to computers.
Unix / Linux based security tools?
Hackers and crackers
Cramming
Quantitative analysis
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests