Test your basic knowledge |

SSCP: Systems Security Certified Practitioner

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What security principle is based on the division of job responsibilities - designed to prevent fraud?






2. One method that can reduce exposure to malicious code is to ___________________






3. ___________________ is responsible for creating security policies and for communicating those policies to system users.






4. Although they are accused of being one in the same - _______________ are two distinctly different groups with different goals pertaining to computers.






5. ________ is the authoritative entity which lists port assignments






6. The IDEA algorithm (used in PGP) is _______ bits long.






7. DES - Data Encryption standard has a 128 bit key and is ________






8. Layer 4 in the DoD model overlaps with which layer(s) of the OSI model?






9. Which of the following is NOT and encryption algorithm?






10. ______________ is a Unix security scanning tool developed at Texas A&M university.






11. When ________________it is very important to do document the chain of evidence by taking good notes and perform a bit-level back up of the data before analysis






12. Cable modems are ___________than DSL connections






13. Each password must have a combination of upper case - lower case - numbers and special characters - 6 character minimum password length - This rule is enforced by ______






14. To help managers find the correct cost balance between risks and countermeasures






15. Types of firewalls: Packet Filtering - Application Proxy - and _________________.






16. S/MIME was developed for the protection of what communication mechanism(s)?






17. PGP & PEM are programs that allow users to send encrypted messages to each other. What form of encryption do these programs use?






18. EICAR is an example of a _____________ used to test AV products without introducing a live virus into the network.






19. Security incidents fall into a number of categories such as accidental - deliberate - and ____________.






20. Trend Analysis involves analyzing historical ___________ files in order to look for patterns of abuse or misuse.






21. Identifying specific attempts to penetrate systems is the function of the _______________.






22. Information security policies are a ___________________.






23. Countermeasures' main objectives






24. If your telephone company suddenly started billing you for caller ID and call forwarding without your permission - this practice is referred to as __________________.






25. Intentionally embedding secret data into a picture or some form of media is known as Steganographyor data ___________.






26. Which organization(s) are responsible for the timely distribution of information security intelligence data?






27. A virus is considered to be 'in the ______ ' if it has been reported as replicating and causing harm to computers.






28. A one way hash converts a string of random length into a _______________ encrypted string.






29. Unclassified - Private - Confidential - Secret - Top Secret - and Internal Use Only are levels of ________________.






30. RSA is not based on a ________






31. Diffie Hellman - RSA - and ___________ are all examples of Public Key cryptography?






32. Macintosh computers are _____ at risk for receiving viruses.






33. There are 65536 _________






34. A ______________ is an electronically generated record that ties a user's ID to their public key.






35. Instructions or code that executes on an end user's machine from a web browser is known as __________ code.






36. An attempt to break an encryption algorithm is called _____________.






37. In a Public Key Infrastructure (PKI) - what is the role of a directory server?






38. EDI (Electronic Data Interchange) differs from e- Commerce in that it ___________________.






39. Data being delivered from the source to the intended receiver without being altered






40. What is the main difference between computer abuse and computer crime?






41. A Security Reference Monitor relates to which DoD security standard?






42. HTTP - FTP - SMTP reside at which layer of the OSI model?






43. Countermeasures address security concerns in this category






44. Combine both boot and file virus behavior






45. __________ is the most famous Unix password cracking tool.






46. Accounting - Authentication - and ____________ are the AAAs of information security.






47. A standardized list of the most common security weaknesses and exploits is the __________.






48. Which auditing practice relates to the controlling of hardware - software - firmware - and documentation to insure it has not been improperly modified?






49. The ability to identify and audit a user and his / her actions is known as ____________.






50. They specifically target telephone networks