SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
SSCP: Systems Security Certified Practitioner
Start Test
Study First
Subjects
:
certifications
,
sscp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. DES - Data Encryption standard has a 128 bit key and is ________
Not very difficult to break.
Data Hiding
Risk Equation
Cisco
2. PGP & PEM are programs that allow users to send encrypted messages to each other. What form of encryption do these programs use?
RSA
Intrusion Detection System
Risk Equation
Depcrypting
3. Is the person who is attempting to log on really who they say they are? What form of access control does this questions stem from?
One way hash
SSL
Layers 5 - 6 - & 7 - Session - Presentation - and Application Layers
Authentication
4. It is difficult to prosecute a computer criminal if _________ are not deployed
Warning banners
SET
involves only computer to computer transactions
Intentions of the perpetrator
5. ______________ is a major component of an overall risk management program.
Business enabler
Risk assessment
modems
Stealth viruses
6. A formula used in Quantitative risk analysis
Accountability
Macro
SLE - Single Loss Expectancy
Decentralized access control
7. Logon and Logoff - Use of User Rights - Security Policy Change
Hoaxes
involves only computer to computer transactions
Data Hiding
NT Audit events
8. ____________ is a file system that was poorly designed and has numerous security flaws.
Mobile
Warning Banner
Certificate
NFS
9. What type of software can be used to prevent - detect (and possibly correct) malicious activities on a system?
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
S/Key - OPIE
Information Security policies
Personal Firewall - IDS - host based - Antivirus
10. What is the following paragraph an example of? <<ATTN: This system is for the use of authorized persons only. If you use this system without authority - or if you abuse your authority - then you are subject to having all of your activities on this sy
Information Security policies
Warning Banner
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
Data Hiding
11. _______________ supply AV engines with false information to avoid detection
modems
One way hash
Email
Stealth viruses
12. Macintosh computers are _____ at risk for receiving viruses.
Data Hiding
involves only computer to computer transactions
Also
Authorization
13. Today - ______________ are almost as serious as security violations
SYN Flooding
Privacy violations
Environmental
A PGP Signed message
14. A virus is considered to be 'in the ______ ' if it has been reported as replicating and causing harm to computers.
Wild
Confidentiality
Privacy violations
Mobile
15. Accounting - Authentication - and ____________ are the AAAs of information security.
To make user certificates available to others
ISO
Authorization
Privacy violations
16. ____________ is used in mission critical systems and applications to lock down information based on sensitivity levels (Confidential - Top Secret - etc.
Steps in handling incidents
modems
Depcrypting
MAC - Mandatory Access Control
17. Although it is considered a low tech attack ____________ is still a very effective way of gaining unauthorized access to network systems.
Test virus
Social Engineering
Host based - network based
Users can gain access to any resource upon request (assuming they have proper permissions)
18. Public keys are used for encrypting messages and private keys are used for __________messages.
S/Key - OPIE
IPSEC
Depcrypting
modems
19. ______________ relates to the concept of protecting data from unauthorized users.
Warning Banner
Confidentiality
Sued for privacy violations
Steps in handling incidents
20. Code Review - Certification - Accreditation - Functional Design Review - System Test Review
Unix / Linux based security tools?
Preserve electronic evidence and protect it from any alteration
Stealth viruses
product development life cycle
21. These should be done on a weekly basis
Business enabler
Sued for privacy violations
Virus definition downloads and system virus scans
Sniffer
22. _________ is a form of Denial of Service attack which interrupts the TCP three way handshake and leaves half open connections.
SYN Flooding
NT Audit events
Certificate
Multi-partite viruses
23. Cable modems are ___________than DSL connections
Less secure
CHAP
Assignment
MAC - Mandatory Access Control
24. IKE - Internet Key Exchange is often used in conjunction with what security standard?
IPSEC
Business enabler
Layer 3 - Host to Host
Off site in a climate controlled area
25. Smart cards are a secure alternative to which weak security mechanism?
Payload
Wild
Passwords
Risk assessment
26. ___________ - generally considered 'need to know' access is given based on permissions granted to the user.
Sued for privacy violations
Prevent - Recover - Detect
DAC - Discretionary Access Control
Test virus
27. There are 65536 _________
Available service ports
NT Audit events
product development life cycle
Confidentiality - Availability -Integrity of data
28. Which layer of the OSI model handles encryption?
Presentation Layer - L6
modems
Passfilt.dll
Warning banners
29. Which organization(s) are responsible for the timely distribution of information security intelligence data?
TIGER
CERT - SANS - CERIAS - COAST
Macro
S/Key - OPIE
30. Which major vendor adopted TACACS into its product line as a form of AAA architecture?
Prevent - Recover - Detect
SYN Flooding
Cisco
Business enabler
31. Which form of media is handled at the Physical Layer (Layer 1) of the OSI Reference Model?
Available service ports
Hackers and crackers
Ethernet
Quantitative analysis
32. __________ is the most famous Unix password cracking tool.
Mobile
CRACK
Steps in handling incidents
Warning Banner
33. There are 5 classes of IP addresses available - but only 3 classes are in common use today
Macro
Available service ports
Not rigid
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
34. RSA is not based on a ________
Information Security policies
Logic bombs
a good password policy
Symmetric algorithm
35. The most secure method for storing backup tapes is?
All
Layer 7 - Application
Off site in a climate controlled area
Not rigid
36. ___________________ viruses change the code order of the strain each time they replicate to another machine.
Steps in handling incidents
a good password policy
Polymorphic
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
37. To help managers find the correct cost balance between risks and countermeasures
Off site in a climate controlled area
Hoaxes
Main goal of a risk management program
Passfilt.dll
38. In a Public Key Infrastructure (PKI) - what is the role of a directory server?
To make user certificates available to others
Email
Layers 5 - 6 - & 7 - Session - Presentation - and Application Layers
Residual risk
39. What security principle is based on the division of job responsibilities - designed to prevent fraud?
A PGP Signed message
Information Security policies
Separation of Duties
Environmental
40. Unclassified - Private - Confidential - Secret - Top Secret - and Internal Use Only are levels of ________________.
Data Classification
NFS
Multi-partite viruses
Phreaks
41. Instructions or code that executes on an end user's machine from a web browser is known as __________ code.
Mobile
Business enabler
CRACK
Decentralized access control
42. S/MIME was developed for the protection of what communication mechanism(s)?
Email
Data Classification
Logic bombs
Stealth viruses
43. Layer 4 in the DoD model overlaps with which layer(s) of the OSI model?
Layers 5 - 6 - & 7 - Session - Presentation - and Application Layers
Layer 7 - Application
CHAP
Available service ports
44. What term describes the amount of risk that remains after the countermeasures have been deployed and the vulnerabilities classified?
Detective
NT Audit events
Residual risk
Depcrypting
45. Allows File owners to determine access rights.
Social Engineering
Mobile
Log files
Decentralized access control
46. Companies can now be __________ just as easily as they can be sued for security compromises.
Sued for privacy violations
SET
Assignment
Users can gain access to any resource upon request (assuming they have proper permissions)
47. An intrusion detection system is an example of what type of countermeasure?
DAC - Discretionary Access Control
Detective
Verisign - Microsoft - Dell
Multi-partite viruses
48. Used in ______________:Retinal Scanning - Fingerprints - Face Recognition - Voice Recognition
CERT - SANS - CERIAS - COAST
Wild
Biometrics
SYN Flooding
49. Tiger - TCP Wrappers - TripWire - LogCheck - SATAN
Unix / Linux based security tools?
Layers 5 - 6 - & 7 - Session - Presentation - and Application Layers
Depcrypting
Sued for privacy violations
50. A Security Reference Monitor relates to which DoD security standard?
Passwords
modems
C2
Presentation Layer - L6
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests