Test your basic knowledge |

SSCP: Systems Security Certified Practitioner

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Remote Access Dial-in User Service






2. What is the following paragraph an example of? <<ATTN: This system is for the use of authorized persons only. If you use this system without authority - or if you abuse your authority - then you are subject to having all of your activities on this sy






3. Instructions or code that executes on an end user's machine from a web browser is known as __________ code.






4. These should be done on a weekly basis






5. A security policy is a ___________ set of rules that must be followed explicitly in order to be effective.






6. Types of firewalls: Packet Filtering - Application Proxy - and _________________.






7. ___________________ viruses change the code order of the strain each time they replicate to another machine.






8. Combine both boot and file virus behavior






9. Although it is considered a low tech attack ____________ is still a very effective way of gaining unauthorized access to network systems.






10. There are 5 classes of IP addresses available - but only 3 classes are in common use today






11. What is the main difference between computer abuse and computer crime?






12. Countermeasures' main objectives






13. ___________ - generally considered 'need to know' access is given based on permissions granted to the user.






14. Unclassified - Private - Confidential - Secret - Top Secret - and Internal Use Only are levels of ________________.






15. Code Review - Certification - Accreditation - Functional Design Review - System Test Review






16. Layer 4 in the DoD model overlaps with which layer(s) of the OSI model?






17. Wiretapping is an example of a ________.






18. Is the person who is attempting to log on really who they say they are? What form of access control does this questions stem from?






19. Intentionally embedding secret data into a picture or some form of media is known as Steganographyor data ___________.






20. Which layer of the OSI model handles encryption?






21. EDI (Electronic Data Interchange) differs from e- Commerce in that it ___________________.






22. __________________ will have weird characters printed at the beginning or end of an email message - what would it be anindication of?






23. Contracting with an insurance company to cover losses due to information security breaches is known as risk __________.






24. Accounting - Authentication - and ____________ are the AAAs of information security.






25. To help managers find the correct cost balance between risks and countermeasures






26. Digital Certificates use which protocol?






27. A one way hash converts a string of random length into a _______________ encrypted string.






28. Allows File owners to determine access rights.






29. ____ members of the staff need to be educated in disaster recovery procedures.






30. The IDEA algorithm (used in PGP) is _______ bits long.






31. The ability to adjust access control to the exact amount of permission necessary is called ______________.






32. EICAR is an example of a _____________ used to test AV products without introducing a live virus into the network.






33. What term describes the amount of risk that remains after the countermeasures have been deployed and the vulnerabilities classified?






34. Identifying specific attempts to penetrate systems is the function of the _______________.






35. Consists of checking for Minimum password length - Password aging - Password Strength - Blank Passwords?






36. ________ is the authoritative entity which lists port assignments






37. Vulnerability x Threat = RISK is an example of the _______________.






38. If your telephone company suddenly started billing you for caller ID and call forwarding without your permission - this practice is referred to as __________________.






39. What type of software can be used to prevent - detect (and possibly correct) malicious activities on a system?






40. Committing computer crimes in such small doses that they almost go unnoticed.






41. Which major vendor adopted TACACS into its product line as a form of AAA architecture?






42. A formula used in Quantitative risk analysis






43. Examples of One- Time Password technology






44. Which of the concepts best describes Availability in relation to computer resources?






45. ____________ is a file system that was poorly designed and has numerous security flaws.






46. The PAP protocol sends passwords in clear text - while ____________ encrypts passwords. Both protocols are used by PPP (Point to Point Protocol) to transport IP traffic






47. HTTP - FTP - SMTP reside at which layer of the OSI model?






48. _______________ supply AV engines with false information to avoid detection






49. Name two types of Intrusion Detection Systems






50. This is more time consuming - numeric values - based on Annualized Loss Expectancy (ALE) formulas







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests