Test your basic knowledge |

SSCP: Systems Security Certified Practitioner

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A security policy is a ___________ set of rules that must be followed explicitly in order to be effective.






2. Instructions or code that executes on an end user's machine from a web browser is known as __________ code.






3. Vulnerability x Threat = RISK is an example of the _______________.






4. Passwords: should be audited on a regular basis- should contain some form of your name or userid - should never be shared or written down






5. Types of firewalls: Packet Filtering - Application Proxy - and _________________.






6. They specifically target telephone networks






7. An attempt to break an encryption algorithm is called _____________.






8. There are 6 types of security control practices. ___________ controls are management policies - procedures - and guidelines that usually effect the entire system. These types of controls deal with system auditing and usability.






9. Layer 4 in the DoD model overlaps with which layer(s) of the OSI model?






10. HTTP - FTP - SMTP reside at which layer of the OSI model?






11. A boot sector virus goes to work when what event takes place?






12. Used in ______________:Retinal Scanning - Fingerprints - Face Recognition - Voice Recognition






13. A Security Reference Monitor relates to which DoD security standard?






14. Organizations that can be a valid Certificate Authority (CA)






15. Which of the concepts best describes Availability in relation to computer resources?






16. ______________ is a Unix security scanning tool developed at Texas A&M university.






17. __________ is a tool used by network administrators to capture packets from a network.






18. What security principle is based on the division of job responsibilities - designed to prevent fraud?






19. Unlike like viruses and worm - __________ are bogus messages that spread via email forwarding.






20. Public keys are used for encrypting messages and private keys are used for __________messages.






21. Consists of checking for Minimum password length - Password aging - Password Strength - Blank Passwords?






22. Which major vendor adopted TACACS into its product line as a form of AAA architecture?






23. Intentionally embedding secret data into a picture or some form of media is known as Steganographyor data ___________.






24. What is the main difference between computer abuse and computer crime?






25. ________ is the authoritative entity which lists port assignments






26. ________ is a protocol developed by Visa and MasterCard to protect electronic transactions.






27. Code Review - Certification - Accreditation - Functional Design Review - System Test Review






28. Smart cards are a secure alternative to which weak security mechanism?






29. ____________ is used in mission critical systems and applications to lock down information based on sensitivity levels (Confidential - Top Secret - etc.






30. There are 5 classes of IP addresses available - but only 3 classes are in common use today






31. It is difficult to prosecute a computer criminal if _________ are not deployed






32. Today - ______________ are almost as serious as security violations






33. The IDEA algorithm (used in PGP) is _______ bits long.






34. A standardized list of the most common security weaknesses and exploits is the __________.






35. What term describes the amount of risk that remains after the countermeasures have been deployed and the vulnerabilities classified?






36. Wiretapping is an example of a ________.






37. The ultimate goal of a computer forensics specialist is to ___________________.






38. Tiger - TCP Wrappers - TripWire - LogCheck - SATAN






39. The ability to adjust access control to the exact amount of permission necessary is called ______________.






40. When ________________it is very important to do document the chain of evidence by taking good notes and perform a bit-level back up of the data before analysis






41. The ability to identify and audit a user and his / her actions is known as ____________.






42. Although it is considered a low tech attack ____________ is still a very effective way of gaining unauthorized access to network systems.






43. A formula used in Quantitative risk analysis






44. The act of intercepting the first message in a public key exchange and substituting a bogus key for the original key is an example of which style of attack?






45. Diffie Hellman - RSA - and ___________ are all examples of Public Key cryptography?






46. Logon and Logoff - Use of User Rights - Security Policy Change






47. These should be done on a weekly basis






48. So far - no one has been able to crack the ____________ with Brute Force.






49. Remote Access Dial-in User Service






50. The PAP protocol sends passwords in clear text - while ____________ encrypts passwords. Both protocols are used by PPP (Point to Point Protocol) to transport IP traffic







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests