SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
SSCP: Systems Security Certified Practitioner
Start Test
Study First
Subjects
:
certifications
,
sscp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Digital Certificates use which protocol?
X.509
Multi-partite viruses
Information
Acceptance - Transfer - Mitigate
2. An attempt to break an encryption algorithm is called _____________.
CVE - Common Vulnerabilities and Exposures
SYN Flooding
Accountability
Cryptanalysis
3. This free (for personal use) program is used to encrypt and decrypt emails.
Assignment
PGP
Users can gain access to any resource upon request (assuming they have proper permissions)
Verisign - Microsoft - Dell
4. A ______________ is an electronically generated record that ties a user's ID to their public key.
ISO
Reboot or system startup
Certificate
CERT - SANS - CERIAS - COAST
5. What term describes the amount of risk that remains after the countermeasures have been deployed and the vulnerabilities classified?
SSL
Residual risk
Macro
Phreaks
6. HTTP - FTP - SMTP reside at which layer of the OSI model?
Social Engineering
Layer 7 - Application
Fixed length
Sued for privacy violations
7. Stealth viruses live in memory while __________ are written to disk
ISO
Buffer Overflow
Logic bombs
Social Engineering
8. Smart cards are a secure alternative to which weak security mechanism?
C2
Certificate
All
Passwords
9. Code Review - Certification - Accreditation - Functional Design Review - System Test Review
modems
product development life cycle
Hackers and crackers
Users can gain access to any resource upon request (assuming they have proper permissions)
10. The PAP protocol sends passwords in clear text - while ____________ encrypts passwords. Both protocols are used by PPP (Point to Point Protocol) to transport IP traffic
To make user certificates available to others
Stealth viruses
CHAP
Passive network attack
11. Contain - Recover - Review - Identify - Prepare
Test virus
Steps in handling incidents
Available service ports
Data Hiding
12. Which layer of the OSI model handles encryption?
Passfilt.dll
Presentation Layer - L6
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
Layer 7 - Application
13. The most secure method for storing backup tapes is?
Not rigid
Off site in a climate controlled area
Separation of Duties
Man In The Middle
14. A Security Reference Monitor relates to which DoD security standard?
C2
CVE - Common Vulnerabilities and Exposures
Password audit
Host based - network based
15. Unclassified - Private - Confidential - Secret - Top Secret - and Internal Use Only are levels of ________________.
Ethernet
Data Classification
SLE - Single Loss Expectancy
Hackers and crackers
16. They specifically target telephone networks
Risk assessment
Multi-partite viruses
Phreaks
MAC - Mandatory Access Control
17. Wiretapping is an example of a ________.
Passive network attack
Not rigid
Confidentiality
Layer 7 - Application
18. Is the person who is attempting to log on really who they say they are? What form of access control does this questions stem from?
Protection of data from unauthorized users
Authentication
128
Intentions of the perpetrator
19. It is difficult to prosecute a computer criminal if _________ are not deployed
Email
Configuration Control
PGP
Warning banners
20. In a Public Key Infrastructure (PKI) - what is the role of a directory server?
Separation of Duties
Hackers and crackers
To make user certificates available to others
Detective
21. There are 5 classes of IP addresses available - but only 3 classes are in common use today
Protection of data from unauthorized users
CERT - SANS - CERIAS - COAST
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
Residual risk
22. PGP & PEM are programs that allow users to send encrypted messages to each other. What form of encryption do these programs use?
Environmental
Multi-partite viruses
Information Security policies
RSA
23. Trend Analysis involves analyzing historical ___________ files in order to look for patterns of abuse or misuse.
Risk assessment
Log files
Email
Test virus
24. Passwords: should be audited on a regular basis- should contain some form of your name or userid - should never be shared or written down
Polymorphic
DSS - Digital Signature Standard
a good password policy
All
25. ______________ relates to the concept of protecting data from unauthorized users.
Sued for privacy violations
SYN Flooding
Decentralized access control
Confidentiality
26. Macintosh computers are _____ at risk for receiving viruses.
Stateful Inspection
Also
Risk assessment
CRACK
27. Instructions or code that executes on an end user's machine from a web browser is known as __________ code.
X.509
SYN Flooding
Mobile
ISO
28. Consists of checking for Minimum password length - Password aging - Password Strength - Blank Passwords?
Quantitative analysis
Risk assessment
Presentation Layer - L6
Password audit
29. IKE - Internet Key Exchange is often used in conjunction with what security standard?
Stealth viruses
IPSEC
Unix / Linux based security tools?
Macro
30. Although they are accused of being one in the same - _______________ are two distinctly different groups with different goals pertaining to computers.
Layer 7 - Application
Layers 5 - 6 - & 7 - Session - Presentation - and Application Layers
Hackers and crackers
Sniffer
31. Name two types of Intrusion Detection Systems
Warning Banner
Decentralized access control
Cryptanalysis
Host based - network based
32. An intrusion detection system is an example of what type of countermeasure?
run applications as generic accounts with little or no privileges.
Not very difficult to break.
Social Engineering
Detective
33. Countermeasures' main objectives
product development life cycle
Directive
Accountability
Prevent - Recover - Detect
34. What is the following paragraph an example of? <<ATTN: This system is for the use of authorized persons only. If you use this system without authority - or if you abuse your authority - then you are subject to having all of your activities on this sy
Log files
Warning Banner
Layer 3 - Host to Host
Not rigid
35. ______________ is a Unix security scanning tool developed at Texas A&M university.
Quantitative analysis
Presentation Layer - L6
product development life cycle
TIGER
36. Committing computer crimes in such small doses that they almost go unnoticed.
Salami attack
Fixed length
SSL
Stateful Inspection
37. A standardized list of the most common security weaknesses and exploits is the __________.
CVE - Common Vulnerabilities and Exposures
Logic bombs
Not very difficult to break.
Stateful Inspection
38. A boot sector virus goes to work when what event takes place?
Separation of Duties
Warning Banner
run applications as generic accounts with little or no privileges.
Reboot or system startup
39. If your telephone company suddenly started billing you for caller ID and call forwarding without your permission - this practice is referred to as __________________.
Salami attack
Separation of Duties
Cramming
involves only computer to computer transactions
40. A formula used in Quantitative risk analysis
Configuration Control
SLE - Single Loss Expectancy
Risk Equation
Biometrics
41. So far - no one has been able to crack the ____________ with Brute Force.
IDEA algorithm
Layer 3 - Host to Host
Class A: 1-126 - Class B: 128-191 - Class C: 192-223
Verisign - Microsoft - Dell
42. Information security policies are a ___________________.
Intrusion Detection System
Business enabler
Host based - network based
Phreaks
43. ___________________ viruses change the code order of the strain each time they replicate to another machine.
Polymorphic
0-1023
Stealth viruses
Social Engineering
44. To help managers find the correct cost balance between risks and countermeasures
Stealth viruses
Main goal of a risk management program
Macro
Man In The Middle
45. The __________ is the most dangerous part of a virus program.
SLE - Single Loss Expectancy
Payload
Granularity
Passfilt.dll
46. The ultimate goal of a computer forensics specialist is to ___________________.
Stealth viruses
Assignment
0-1023
Preserve electronic evidence and protect it from any alteration
47. A type of virus that resides in a Word or Excel document is called a ___________ virus?
Biometrics
Macro
NFS
Assignment
48. Data being delivered from the source to the intended receiver without being altered
Acceptance - Transfer - Mitigate
Protection of data from unauthorized users
Sued for privacy violations
SSL
49. There are 65536 _________
Business enabler
Available service ports
Layer 3 - Host to Host
Test virus
50. Public keys are used for encrypting messages and private keys are used for __________messages.
Depcrypting
Hackers and crackers
Configuration Control
PGP
