Test your basic knowledge |

SSCP: Systems Security Certified Practitioner

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Digital Certificates use which protocol?






2. Identifying specific attempts to penetrate systems is the function of the _______________.






3. Is the person who is attempting to log on really who they say they are? What form of access control does this questions stem from?






4. ____________ is used in mission critical systems and applications to lock down information based on sensitivity levels (Confidential - Top Secret - etc.






5. __________ is the most famous Unix password cracking tool.






6. Which layer of the OSI model handles encryption?






7. Countermeasures' main objectives






8. ___________________ viruses change the code order of the strain each time they replicate to another machine.






9. ____________ is a file system that was poorly designed and has numerous security flaws.






10. Smart cards are a secure alternative to which weak security mechanism?






11. Layer 4 in the DoD model overlaps with which layer(s) of the OSI model?






12. Vulnerability x Threat = RISK is an example of the _______________.






13. The act of intercepting the first message in a public key exchange and substituting a bogus key for the original key is an example of which style of attack?






14. Organizations that can be a valid Certificate Authority (CA)






15. The ultimate goal of a computer forensics specialist is to ___________________.






16. ___________ - generally considered 'need to know' access is given based on permissions granted to the user.






17. Unclassified - Private - Confidential - Secret - Top Secret - and Internal Use Only are levels of ________________.






18. Which major vendor adopted TACACS into its product line as a form of AAA architecture?






19. ________ is the authoritative entity which lists port assignments






20. Intentionally embedding secret data into a picture or some form of media is known as Steganographyor data ___________.






21. Examples of One- Time Password technology






22. They specifically target telephone networks






23. An intrusion detection system is an example of what type of countermeasure?






24. Which auditing practice relates to the controlling of hardware - software - firmware - and documentation to insure it has not been improperly modified?






25. Companies can now be __________ just as easily as they can be sued for security compromises.






26. Used in ______________:Retinal Scanning - Fingerprints - Face Recognition - Voice Recognition






27. Consists of checking for Minimum password length - Password aging - Password Strength - Blank Passwords?






28. This free (for personal use) program is used to encrypt and decrypt emails.






29. Main goals of an information security program






30. These should be done on a weekly basis






31. There are 65536 _________






32. Unlike like viruses and worm - __________ are bogus messages that spread via email forwarding.






33. Remote Access Dial-in User Service






34. Public keys are used for encrypting messages and private keys are used for __________messages.






35. Trend Analysis involves analyzing historical ___________ files in order to look for patterns of abuse or misuse.






36. Cable modems are ___________than DSL connections






37. When ________________it is very important to do document the chain of evidence by taking good notes and perform a bit-level back up of the data before analysis






38. Which form of media is handled at the Physical Layer (Layer 1) of the OSI Reference Model?






39. The most secure method for storing backup tapes is?






40. Macintosh computers are _____ at risk for receiving viruses.






41. There are 6 types of security control practices. ___________ controls are management policies - procedures - and guidelines that usually effect the entire system. These types of controls deal with system auditing and usability.






42. Committing computer crimes in such small doses that they almost go unnoticed.






43. __________________ will have weird characters printed at the beginning or end of an email message - what would it be anindication of?






44. Combine both boot and file virus behavior






45. A Security Reference Monitor relates to which DoD security standard?






46. One method that can reduce exposure to malicious code is to ___________________






47. EDI (Electronic Data Interchange) differs from e- Commerce in that it ___________________.






48. HTTP - FTP - SMTP reside at which layer of the OSI model?






49. A security policy is a ___________ set of rules that must be followed explicitly in order to be effective.






50. So far - no one has been able to crack the ____________ with Brute Force.