SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
SSCP: Systems Security Certified Practitioner
Start Test
Study First
Subjects
:
certifications
,
sscp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. This free (for personal use) program is used to encrypt and decrypt emails.
DSS - Digital Signature Standard
Quantitative analysis
PGP
a good password policy
2. They specifically target telephone networks
NFS
Phreaks
Intentions of the perpetrator
Users can gain access to any resource upon request (assuming they have proper permissions)
3. The PAP protocol sends passwords in clear text - while ____________ encrypts passwords. Both protocols are used by PPP (Point to Point Protocol) to transport IP traffic
SET
CHAP
SSL
a good password policy
4. Security incidents fall into a number of categories such as accidental - deliberate - and ____________.
Business enabler
Environmental
Stealth viruses
CHAP
5. A virus is considered to be 'in the ______ ' if it has been reported as replicating and causing harm to computers.
CHAP
128
Wild
All
6. Committing computer crimes in such small doses that they almost go unnoticed.
Accountability
Salami attack
Logic bombs
Sniffer
7. Unlike like viruses and worm - __________ are bogus messages that spread via email forwarding.
Quantitative analysis
Hoaxes
Confidentiality
NFS
8. Smart cards are a secure alternative to which weak security mechanism?
Directive
Password audit
Data Classification
Passwords
9. An attempt to break an encryption algorithm is called _____________.
Warning Banner
Confidentiality
Cryptanalysis
Layer 7 - Application
10. The ability to identify and audit a user and his / her actions is known as ____________.
Accountability
Quantitative analysis
Cisco
product development life cycle
11. ___________ - generally considered 'need to know' access is given based on permissions granted to the user.
DAC - Discretionary Access Control
Passwords
Presentation Layer - L6
Ethernet
12. A Security Reference Monitor relates to which DoD security standard?
Decentralized access control
Passwords
C2
Authentication
13. Although they are accused of being one in the same - _______________ are two distinctly different groups with different goals pertaining to computers.
Log files
Presentation Layer - L6
Hackers and crackers
Assignment
14. Which of the following is NOT and encryption algorithm?
Fixed length
SSL
Less secure
Macro
15. ______________ relates to the concept of protecting data from unauthorized users.
128
modems
Risk Equation
Confidentiality
16. There are 5 classes of IP addresses available - but only 3 classes are in common use today
Reboot or system startup
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
IDEA algorithm
Risk assessment
17. One method that can reduce exposure to malicious code is to ___________________
Cramming
TIGER
MAC - Mandatory Access Control
run applications as generic accounts with little or no privileges.
18. Although it is considered a low tech attack ____________ is still a very effective way of gaining unauthorized access to network systems.
Layer 7 - Application
Confidentiality - Availability -Integrity of data
DSS - Digital Signature Standard
Social Engineering
19. ________ is a protocol developed by Visa and MasterCard to protect electronic transactions.
Not very difficult to break.
SET
DSS - Digital Signature Standard
CVE - Common Vulnerabilities and Exposures
20. There are 6 types of security control practices. ___________ controls are management policies - procedures - and guidelines that usually effect the entire system. These types of controls deal with system auditing and usability.
Not rigid
CERT - SANS - CERIAS - COAST
Directive
Protection of data from unauthorized users
21. Which organization(s) are responsible for the timely distribution of information security intelligence data?
Preserve electronic evidence and protect it from any alteration
Mobile
Stateful Inspection
CERT - SANS - CERIAS - COAST
22. ____________ is a file system that was poorly designed and has numerous security flaws.
SSL
Verisign - Microsoft - Dell
DSS - Digital Signature Standard
NFS
23. To help managers find the correct cost balance between risks and countermeasures
Main goal of a risk management program
C2
Symmetric algorithm
Biometrics
24. EDI (Electronic Data Interchange) differs from e- Commerce in that it ___________________.
SSL
involves only computer to computer transactions
Stealth viruses
All
25. There are 65536 _________
Passwords
Residual risk
Email
Available service ports
26. The ability to adjust access control to the exact amount of permission necessary is called ______________.
Salami attack
Granularity
ISO
Ethernet
27. ____ members of the staff need to be educated in disaster recovery procedures.
Biometrics
All
C2
Warning Banner
28. Main goals of an information security program
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
Confidentiality - Availability -Integrity of data
Configuration Control
IDEA algorithm
29. _______________ supply AV engines with false information to avoid detection
Wild
Intrusion Detection System
Stealth viruses
Less secure
30. __________ is a tool used by network administrators to capture packets from a network.
Salami attack
Host based - network based
Ethernet
Sniffer
31. A formula used in Quantitative risk analysis
Quantitative analysis
Intentions of the perpetrator
Assignment
SLE - Single Loss Expectancy
32. What security principle is based on the division of job responsibilities - designed to prevent fraud?
Email
Logic bombs
Separation of Duties
Sued for privacy violations
33. ______________ is a major component of an overall risk management program.
Risk assessment
ISO
Symmetric algorithm
NFS
34. Identifying specific attempts to penetrate systems is the function of the _______________.
Detective
Cisco
Intrusion Detection System
Information Security policies
35. Remote Access Dial-in User Service
Intentions of the perpetrator
RADIUS
Privacy violations
S/Key - OPIE
36. Which range defines 'well known ports?'
a good password policy
DAC - Discretionary Access Control
0-1023
Authorization
37. In a Public Key Infrastructure (PKI) - what is the role of a directory server?
Confidentiality - Availability -Integrity of data
To make user certificates available to others
Decentralized access control
involves only computer to computer transactions
38. DES - Data Encryption standard has a 128 bit key and is ________
Not very difficult to break.
IPSEC
SLE - Single Loss Expectancy
Polymorphic
39. Macintosh computers are _____ at risk for receiving viruses.
Also
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
IPSEC
Macro
40. IKE - Internet Key Exchange is often used in conjunction with what security standard?
Test virus
NT Audit events
IPSEC
IANA
41. Layer 4 of the OSI model corresponds to which layer of the DoD model?
Buffer Overflow
Layer 3 - Host to Host
Man In The Middle
DAC - Discretionary Access Control
42. The act of intercepting the first message in a public key exchange and substituting a bogus key for the original key is an example of which style of attack?
Layer 7 - Application
Presentation Layer - L6
Unix / Linux based security tools?
Man In The Middle
43. ____________ is used in mission critical systems and applications to lock down information based on sensitivity levels (Confidential - Top Secret - etc.
MAC - Mandatory Access Control
Biometrics
Password audit
SET
44. A true network security audit does include an audit for _____________
Biometrics
modems
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
Protection of data from unauthorized users
45. Digital Certificates use which protocol?
X.509
CVE - Common Vulnerabilities and Exposures
Log files
Host based - network based
46. The most secure method for storing backup tapes is?
Not very difficult to break.
Off site in a climate controlled area
Less secure
Passfilt.dll
47. Tiger - TCP Wrappers - TripWire - LogCheck - SATAN
Hackers and crackers
Confidentiality - Availability -Integrity of data
C2
Unix / Linux based security tools?
48. A one way hash converts a string of random length into a _______________ encrypted string.
Multi-partite viruses
Email
Risk assessment
Fixed length
49. ______________ is a Unix security scanning tool developed at Texas A&M university.
Residual risk
a good password policy
TIGER
Accountability
50. What type of software can be used to prevent - detect (and possibly correct) malicious activities on a system?
Certificate
Depcrypting
Personal Firewall - IDS - host based - Antivirus
Intrusion Detection System
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests