SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
SSCP: Systems Security Certified Practitioner
Start Test
Study First
Subjects
:
certifications
,
sscp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Contain - Recover - Review - Identify - Prepare
Steps in handling incidents
Quantitative analysis
Passive network attack
involves only computer to computer transactions
2. Organizations that can be a valid Certificate Authority (CA)
Less secure
Verisign - Microsoft - Dell
Confidentiality
CRACK
3. This free (for personal use) program is used to encrypt and decrypt emails.
Authorization
X.509
0-1023
PGP
4. Is the person who is attempting to log on really who they say they are? What form of access control does this questions stem from?
Preserve electronic evidence and protect it from any alteration
Data Hiding
Depcrypting
Authentication
5. Intentionally embedding secret data into a picture or some form of media is known as Steganographyor data ___________.
NT Audit events
Risk assessment
Data Hiding
run applications as generic accounts with little or no privileges.
6. Digital Certificates use which protocol?
SYN Flooding
X.509
Password audit
Biometrics
7. Which range defines 'well known ports?'
CVE - Common Vulnerabilities and Exposures
SET
0-1023
Wild
8. Instructions or code that executes on an end user's machine from a web browser is known as __________ code.
Depcrypting
Mobile
Main goal of a risk management program
Logic bombs
9. Remote Access Dial-in User Service
product development life cycle
RADIUS
IPSEC
SSL
10. Which form of media is handled at the Physical Layer (Layer 1) of the OSI Reference Model?
Ethernet
Logic bombs
Multi-partite viruses
Password audit
11. Wiretapping is an example of a ________.
Prevent - Recover - Detect
Cisco
Passive network attack
involves only computer to computer transactions
12. __________________ will have weird characters printed at the beginning or end of an email message - what would it be anindication of?
Warning Banner
Stealth viruses
Unix / Linux based security tools?
A PGP Signed message
13. Contracting with an insurance company to cover losses due to information security breaches is known as risk __________.
Salami attack
Assignment
Stateful Inspection
Ethernet
14. There are 5 classes of IP addresses available - but only 3 classes are in common use today
Not very difficult to break.
Wild
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
Symmetric algorithm
15. The IDEA algorithm (used in PGP) is _______ bits long.
Prevent - Recover - Detect
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
128
RSA
16. Types of firewalls: Packet Filtering - Application Proxy - and _________________.
Stateful Inspection
Intentions of the perpetrator
Warning banners
Not rigid
17. Companies can now be __________ just as easily as they can be sued for security compromises.
Granularity
Sued for privacy violations
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
Risk Equation
18. ______________ is a Unix security scanning tool developed at Texas A&M university.
MAC - Mandatory Access Control
Risk assessment
Detective
TIGER
19. Trend Analysis involves analyzing historical ___________ files in order to look for patterns of abuse or misuse.
Warning Banner
Symmetric algorithm
Log files
Hoaxes
20. Today - ______________ are almost as serious as security violations
Privacy violations
C2
Business enabler
Granularity
21. What term describes the amount of risk that remains after the countermeasures have been deployed and the vulnerabilities classified?
Residual risk
Passive network attack
Man In The Middle
Assignment
22. Which major vendor adopted TACACS into its product line as a form of AAA architecture?
Cisco
Not very difficult to break.
IPSEC
Hoaxes
23. A boot sector virus goes to work when what event takes place?
Available service ports
Reboot or system startup
Risk Equation
Users can gain access to any resource upon request (assuming they have proper permissions)
24. The ability to identify and audit a user and his / her actions is known as ____________.
Macro
Hoaxes
Accountability
Users can gain access to any resource upon request (assuming they have proper permissions)
25. Although they are accused of being one in the same - _______________ are two distinctly different groups with different goals pertaining to computers.
Hackers and crackers
Certificate
All
PGP
26. ____ members of the staff need to be educated in disaster recovery procedures.
Authorization
Information Security policies
All
Host based - network based
27. A ______________ is an electronically generated record that ties a user's ID to their public key.
Stateful Inspection
Certificate
Layer 7 - Application
Off site in a climate controlled area
28. A one way hash converts a string of random length into a _______________ encrypted string.
Data Hiding
Password audit
NFS
Fixed length
29. These should be done on a weekly basis
Mobile
Stealth viruses
Virus definition downloads and system virus scans
Business enabler
30. This is more time consuming - numeric values - based on Annualized Loss Expectancy (ALE) formulas
Quantitative analysis
Unix / Linux based security tools?
Layer 7 - Application
Phreaks
31. ____________ is a file system that was poorly designed and has numerous security flaws.
Passive network attack
Salami attack
Authentication
NFS
32. Passwords: should be audited on a regular basis- should contain some form of your name or userid - should never be shared or written down
a good password policy
Wild
Sued for privacy violations
A PGP Signed message
33. Identifying specific attempts to penetrate systems is the function of the _______________.
modems
CRACK
Intrusion Detection System
Wild
34. Tiger - TCP Wrappers - TripWire - LogCheck - SATAN
a good password policy
Sued for privacy violations
Stateful Inspection
Unix / Linux based security tools?
35. Used in ______________:Retinal Scanning - Fingerprints - Face Recognition - Voice Recognition
Biometrics
Fixed length
CERT - SANS - CERIAS - COAST
Protection of data from unauthorized users
36. Unlike like viruses and worm - __________ are bogus messages that spread via email forwarding.
Main goal of a risk management program
Passwords
Hoaxes
ISO
37. A formula used in Quantitative risk analysis
SLE - Single Loss Expectancy
Off site in a climate controlled area
Reboot or system startup
Prevent - Recover - Detect
38. EICAR is an example of a _____________ used to test AV products without introducing a live virus into the network.
IDEA algorithm
Test virus
Directive
Intrusion Detection System
39. Security incidents fall into a number of categories such as accidental - deliberate - and ____________.
Confidentiality - Availability -Integrity of data
Confidentiality
Environmental
Authorization
40. Code Review - Certification - Accreditation - Functional Design Review - System Test Review
S/Key - OPIE
Cisco
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
product development life cycle
41. So far - no one has been able to crack the ____________ with Brute Force.
SSL
All
Macro
IDEA algorithm
42. The __________ is the most dangerous part of a virus program.
CVE - Common Vulnerabilities and Exposures
Payload
Acceptance - Transfer - Mitigate
Steps in handling incidents
43. In a Public Key Infrastructure (PKI) - what is the role of a directory server?
SET
To make user certificates available to others
Salami attack
Personal Firewall - IDS - host based - Antivirus
44. ______________ relates to the concept of protecting data from unauthorized users.
Confidentiality
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
128
Payload
45. Vulnerability x Threat = RISK is an example of the _______________.
product development life cycle
Log files
Risk Equation
Cisco
46. One method that can reduce exposure to malicious code is to ___________________
run applications as generic accounts with little or no privileges.
NFS
Hoaxes
Privacy violations
47. Countermeasures' main objectives
Fixed length
Business enabler
Salami attack
Prevent - Recover - Detect
48. RSA is not based on a ________
SET
X.509
Symmetric algorithm
Environmental
49. Each password must have a combination of upper case - lower case - numbers and special characters - 6 character minimum password length - This rule is enforced by ______
Passwords
a good password policy
Password audit
Passfilt.dll
50. ____________ is used in mission critical systems and applications to lock down information based on sensitivity levels (Confidential - Top Secret - etc.
S/Key - OPIE
Not very difficult to break.
SLE - Single Loss Expectancy
MAC - Mandatory Access Control
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests