Test your basic knowledge |

SSCP: Systems Security Certified Practitioner

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Logon and Logoff - Use of User Rights - Security Policy Change






2. A standardized list of the most common security weaknesses and exploits is the __________.






3. PGP & PEM are programs that allow users to send encrypted messages to each other. What form of encryption do these programs use?






4. DES - Data Encryption standard has a 128 bit key and is ________






5. Wiretapping is an example of a ________.






6. Types of firewalls: Packet Filtering - Application Proxy - and _________________.






7. Data being delivered from the source to the intended receiver without being altered






8. Although it is considered a low tech attack ____________ is still a very effective way of gaining unauthorized access to network systems.






9. A boot sector virus goes to work when what event takes place?






10. There are 5 classes of IP addresses available - but only 3 classes are in common use today






11. _______________ supply AV engines with false information to avoid detection






12. This is more time consuming - numeric values - based on Annualized Loss Expectancy (ALE) formulas






13. A Security Reference Monitor relates to which DoD security standard?






14. _________ is a form of Denial of Service attack which interrupts the TCP three way handshake and leaves half open connections.






15. Which layer of the OSI model handles encryption?






16. In a Public Key Infrastructure (PKI) - what is the role of a directory server?






17. Countermeasures address security concerns in this category






18. Code Review - Certification - Accreditation - Functional Design Review - System Test Review






19. ______________ relates to the concept of protecting data from unauthorized users.






20. Which of the concepts best describes Availability in relation to computer resources?






21. Diffie Hellman - RSA - and ___________ are all examples of Public Key cryptography?






22. ____________ is a file system that was poorly designed and has numerous security flaws.






23. MD5 is a ___________ algorithm






24. A type of virus that resides in a Word or Excel document is called a ___________ virus?






25. Passwords: should be audited on a regular basis- should contain some form of your name or userid - should never be shared or written down






26. RSA is not based on a ________






27. Consists of checking for Minimum password length - Password aging - Password Strength - Blank Passwords?






28. A true network security audit does include an audit for _____________






29. Layer 4 of the OSI model corresponds to which layer of the DoD model?






30. What is the following paragraph an example of? <<ATTN: This system is for the use of authorized persons only. If you use this system without authority - or if you abuse your authority - then you are subject to having all of your activities on this sy






31. It is difficult to prosecute a computer criminal if _________ are not deployed






32. Countermeasures' main objectives






33. Intentionally embedding secret data into a picture or some form of media is known as Steganographyor data ___________.






34. The ultimate goal of a computer forensics specialist is to ___________________.






35. Is the person who is attempting to log on really who they say they are? What form of access control does this questions stem from?






36. One method that can reduce exposure to malicious code is to ___________________






37. Examples of One- Time Password technology






38. Today - ______________ are almost as serious as security violations






39. A formula used in Quantitative risk analysis






40. ___________________ is responsible for creating security policies and for communicating those policies to system users.






41. A one way hash converts a string of random length into a _______________ encrypted string.






42. Contain - Recover - Review - Identify - Prepare






43. An attempt to break an encryption algorithm is called _____________.






44. Cable modems are ___________than DSL connections






45. Allows File owners to determine access rights.






46. Which organization(s) are responsible for the timely distribution of information security intelligence data?






47. What is the main difference between computer abuse and computer crime?






48. Public keys are used for encrypting messages and private keys are used for __________messages.






49. Used in ______________:Retinal Scanning - Fingerprints - Face Recognition - Voice Recognition






50. Information security policies are a ___________________.