Test your basic knowledge |

SSCP: Systems Security Certified Practitioner

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When ________________it is very important to do document the chain of evidence by taking good notes and perform a bit-level back up of the data before analysis






2. RSA is not based on a ________






3. Consists of checking for Minimum password length - Password aging - Password Strength - Blank Passwords?






4. Smart cards are a secure alternative to which weak security mechanism?






5. Layer 4 in the DoD model overlaps with which layer(s) of the OSI model?






6. It is difficult to prosecute a computer criminal if _________ are not deployed






7. ________ is a protocol developed by Visa and MasterCard to protect electronic transactions.






8. __________________ will have weird characters printed at the beginning or end of an email message - what would it be anindication of?






9. _________ is a form of Denial of Service attack which interrupts the TCP three way handshake and leaves half open connections.






10. Although it is considered a low tech attack ____________ is still a very effective way of gaining unauthorized access to network systems.






11. IKE - Internet Key Exchange is often used in conjunction with what security standard?






12. Allows File owners to determine access rights.






13. A boot sector virus goes to work when what event takes place?






14. This free (for personal use) program is used to encrypt and decrypt emails.






15. A Security Reference Monitor relates to which DoD security standard?






16. ________ is the authoritative entity which lists port assignments






17. The ability to adjust access control to the exact amount of permission necessary is called ______________.






18. Vulnerability x Threat = RISK is an example of the _______________.






19. Unclassified - Private - Confidential - Secret - Top Secret - and Internal Use Only are levels of ________________.






20. Companies can now be __________ just as easily as they can be sued for security compromises.






21. __________ is the most famous Unix password cracking tool.






22. A virus is considered to be 'in the ______ ' if it has been reported as replicating and causing harm to computers.






23. Diffie Hellman - RSA - and ___________ are all examples of Public Key cryptography?






24. ____________ is used in mission critical systems and applications to lock down information based on sensitivity levels (Confidential - Top Secret - etc.






25. Identifying specific attempts to penetrate systems is the function of the _______________.






26. Digital Certificates use which protocol?






27. The PAP protocol sends passwords in clear text - while ____________ encrypts passwords. Both protocols are used by PPP (Point to Point Protocol) to transport IP traffic






28. A security policy is a ___________ set of rules that must be followed explicitly in order to be effective.






29. What security principle is based on the division of job responsibilities - designed to prevent fraud?






30. Which major vendor adopted TACACS into its product line as a form of AAA architecture?






31. Contracting with an insurance company to cover losses due to information security breaches is known as risk __________.






32. Logon and Logoff - Use of User Rights - Security Policy Change






33. Intentionally embedding secret data into a picture or some form of media is known as Steganographyor data ___________.






34. Which form of media is handled at the Physical Layer (Layer 1) of the OSI Reference Model?






35. Today - ______________ are almost as serious as security violations






36. ______________ relates to the concept of protecting data from unauthorized users.






37. They specifically target telephone networks






38. Contain - Recover - Review - Identify - Prepare






39. Macintosh computers are _____ at risk for receiving viruses.






40. Layer 4 of the OSI model corresponds to which layer of the DoD model?






41. Stealth viruses live in memory while __________ are written to disk






42. ___________________ is responsible for creating security policies and for communicating those policies to system users.






43. Countermeasures address security concerns in this category






44. The ability to identify and audit a user and his / her actions is known as ____________.






45. ___________________ viruses change the code order of the strain each time they replicate to another machine.






46. A ______________ is an electronically generated record that ties a user's ID to their public key.






47. EDI (Electronic Data Interchange) differs from e- Commerce in that it ___________________.






48. Countermeasures' main objectives






49. HTTP - FTP - SMTP reside at which layer of the OSI model?






50. An attempt to break an encryption algorithm is called _____________.