Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

SSCP Questions and Answers

Question # 6

Remote Procedure Call (RPC) is a protocol that one program can use to request a service from a program located in another computer in a network. Within which OSI/ISO layer is RPC implemented?

A.

Session layer

B.

Transport layer

C.

Data link layer

D.

Network layer

Full Access
Question # 7

What is a packet sniffer?

A.

It tracks network connections to off-site locations.

B.

It monitors network traffic for illegal packets.

C.

It scans network segments for cabling faults.

D.

It captures network traffic for later analysis.

Full Access
Question # 8

The IP header contains a protocol field. If this field contains the value of 2, what type of data is contained within the IP datagram?

A.

TCP.

B.

ICMP.

C.

UDP.

D.

IGMP.

Full Access
Question # 9

What layer of the ISO/OSI model do routers normally operate at?

A.

Data link layer

B.

Session layer

C.

Transport layer

D.

Network layer

Full Access
Question # 10

What is the greatest danger from DHCP?

A.

An intruder on the network impersonating a DHCP server and thereby misconfiguring the DHCP clients.

B.

Having multiple clients on the same LAN having the same IP address.

C.

Having the wrong router used as the default gateway.

D.

Having the organization's mail server unreachable.

Full Access
Question # 11

Communications and network security relates to transmission of which of the following?

A.

voice

B.

voice and multimedia

C.

data and multimedia

D.

voice, data and multimedia

Full Access
Question # 12

All hosts on an IP network have a logical ID called a(n):

A.

IP address.

B.

MAC address.

C.

TCP address.

D.

Datagram address.

Full Access
Question # 13

One of the following statements about the differences between PPTP and L2TP is NOT true

A.

PPTP can run only on top of IP networks.

B.

PPTP is an encryption protocol and L2TP is not.

C.

L2TP works well with all firewalls and network devices that perform NAT.

D.

L2TP supports AAA servers

Full Access
Question # 14

Which of the following transmission media would NOT be affected by cross talk or interference?

A.

Copper cable

B.

Radio System

C.

Satellite radiolink

D.

Fiber optic cables

Full Access
Question # 15

What protocol is used on the Local Area Network (LAN) to obtain an IP address from it's known MAC address?

A.

Reverse address resolution protocol (RARP)

B.

Address resolution protocol (ARP)

C.

Data link layer

D.

Network address translation (NAT)

Full Access
Question # 16

What level of assurance for a digital certificate verifies a user's name, address, social security number, and other information against a credit bureau database?

A.

Level 1/Class 1

B.

Level 2/Class 2

C.

Level 3/Class 3

D.

Level 4/Class 4

Full Access
Question # 17

What does the directive of the European Union on Electronic Signatures deal with?

A.

Encryption of classified data

B.

Encryption of secret data

C.

Non repudiation

D.

Authentication of web servers

Full Access
Question # 18

Compared to RSA, which of the following is true of Elliptic Curve Cryptography(ECC)?

A.

It has been mathematically proved to be more secure.

B.

It has been mathematically proved to be less secure.

C.

It is believed to require longer key for equivalent security.

D.

It is believed to require shorter keys for equivalent security.

Full Access
Question # 19

Which of the following protocols that provide integrity and authentication for IPSec, can also provide non-repudiation in IPSec?

A.

Authentication Header (AH)

B.

Encapsulating Security Payload (ESP)

C.

Secure Sockets Layer (SSL)

D.

Secure Shell (SSH-2)

Full Access
Question # 20

Crackers today are MOST often motivated by their desire to:

A.

Help the community in securing their networks.

B.

Seeing how far their skills will take them.

C.

Getting recognition for their actions.

D.

Gaining Money or Financial Gains.

Full Access
Question # 21

What do the ILOVEYOU and Melissa virus attacks have in common?

A.

They are both denial-of-service (DOS) attacks.

B.

They have nothing in common.

C.

They are both masquerading attacks.

D.

They are both social engineering attacks.

Full Access
Question # 22

Which of the following best describes signature-based detection?

A.

Compare source code, looking for events or sets of events that could cause damage to a system or network.

B.

Compare system activity for the behaviour patterns of new attacks.

C.

Compare system activity, looking for events or sets of events that match a predefined pattern of events that describe a known attack.

D.

Compare network nodes looking for objects or sets of objects that match a predefined pattern of objects that may describe a known attack.

Full Access
Question # 23

What is malware that can spread itself over open network connections?

A.

Worm

B.

Rootkit

C.

Adware

D.

Logic Bomb

Full Access
Question # 24

Java is not:

A.

Object-oriented.

B.

Distributed.

C.

Architecture Specific.

D.

Multithreaded.

Full Access
Question # 25

Why would anomaly detection IDSs often generate a large number of false positives?

A.

Because they can only identify correctly attacks they already know about.

B.

Because they are application-based are more subject to attacks.

C.

Because they can't identify abnormal behavior.

D.

Because normal patterns of user and system behavior can vary wildly.

Full Access
Question # 26

Which of the following reviews system and event logs to detect attacks on the host and determine if the attack was successful?

A.

host-based IDS

B.

firewall-based IDS

C.

bastion-based IDS

D.

server-based IDS

Full Access
Question # 27

Which of the following are additional terms used to describe knowledge-based IDS and behavior-based IDS?

A.

signature-based IDS and statistical anomaly-based IDS, respectively

B.

signature-based IDS and dynamic anomaly-based IDS, respectively

C.

anomaly-based IDS and statistical-based IDS, respectively

D.

signature-based IDS and motion anomaly-based IDS, respectively.

Full Access
Question # 28

As a result of a risk assessment, your security manager has determined that your organization needs to implement an intrusion detection system that can detect unknown attacks and can watch for unusual traffic behavior, such as a new service appearing on the network. What type of intrusion detection system would you select?

A.

Protocol anomaly based

B.

Pattern matching

C.

Stateful matching

D.

Traffic anomaly-based

Full Access
Question # 29

Which of the following computer crime is MORE often associated with INSIDERS?

A.

IP spoofing

B.

Password sniffing

C.

Data diddling

D.

Denial of service (DOS)

Full Access
Question # 30

Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:

A.

Not possible

B.

Only possible with key recovery scheme of all user keys

C.

It is possible only if X509 Version 3 certificates are used

D.

It is possible only by "brute force" decryption

Full Access
Question # 31

In computing what is the name of a non-self-replicating type of malware program containing malicious code that appears to have some useful purpose but also contains code that has a malicious or harmful purpose imbedded in it, when executed, carries out actions that are unknown to the person installing it, typically causing loss or theft of data, and possible system harm.

A.

virus

B.

worm

C.

Trojan horse.

D.

trapdoor

Full Access
Question # 32

Which of the following technologies is a target of XSS or CSS (Cross-Site Scripting) attacks?

A.

Web Applications

B.

Intrusion Detection Systems

C.

Firewalls

D.

DNS Servers

Full Access
Question # 33

Which of the following virus types changes some of its characteristics as it spreads?

A.

Boot Sector

B.

Parasitic

C.

Stealth

D.

Polymorphic

Full Access
Question # 34

What works as an E-mail message transfer agent?

A.

SMTP

B.

SNMP

C.

S-RPC

D.

S/MIME

Full Access
Question # 35

In the Open Systems Interconnect (OSI) Reference Model, at what level are TCP and UDP provided?

A.

Transport

B.

Network

C.

Presentation

D.

Application

Full Access
Question # 36

Which of the following is defined as an Internet, IPsec, key-establishment protocol, partly based on OAKLEY, that is intended for putting in place authenticated keying material for use with ISAKMP and for other security associations?

A.

Internet Key exchange (IKE)

B.

Security Association Authentication Protocol (SAAP)

C.

Simple Key-management for Internet Protocols (SKIP)

D.

Key Exchange Algorithm (KEA)

Full Access
Question # 37

Which of the following is not a disadvantage of symmetric cryptography when compared with Asymmetric Ciphers?

A.

Provides Limited security services

B.

Has no built in Key distribution

C.

Speed

D.

Large number of keys are needed

Full Access
Question # 38

A one-way hash provides which of the following?

A.

Confidentiality

B.

Availability

C.

Integrity

D.

Authentication

Full Access
Question # 39

What is the maximum key size for the RC5 algorithm?

A.

128 bits

B.

256 bits

C.

1024 bits

D.

2040 bits

Full Access
Question # 40

Which of the following is a cryptographic protocol and infrastructure developed to send encrypted credit card numbers over the Internet?

A.

Secure Electronic Transaction (SET)

B.

MONDEX

C.

Secure Shell (SSH-2)

D.

Secure Hypertext Transfer Protocol (S-HTTP)

Full Access
Question # 41

In a SSL session between a client and a server, who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session?

A.

Both client and server

B.

The client's browser

C.

The web server

D.

The merchant's Certificate Server

Full Access
Question # 42

The RSA Algorithm uses which mathematical concept as the basis of its encryption?

A.

Geometry

B.

16-round ciphers

C.

PI (3.14159...)

D.

Two large prime numbers

Full Access
Question # 43

Which of the following protects Kerberos against replay attacks?

A.

Tokens

B.

Passwords

C.

Cryptography

D.

Time stamps

Full Access
Question # 44

Which type of attack is based on the probability of two different messages using the same hash function producing a common message digest?

A.

Differential cryptanalysis

B.

Differential linear cryptanalysis

C.

Birthday attack

D.

Statistical attack

Full Access
Question # 45

Which of the following is more suitable for a hardware implementation?

A.

Stream ciphers

B.

Block ciphers

C.

Cipher block chaining

D.

Electronic code book

Full Access
Question # 46

What can be defined as a digital certificate that binds a set of descriptive data items, other than a public key, either directly to a subject name or to the identifier of another certificate that is a public-key certificate?

A.

A public-key certificate

B.

An attribute certificate

C.

A digital certificate

D.

A descriptive certificate

Full Access
Question # 47

A X.509 public key certificate with the key usage attribute "non repudiation" can be used for which of the following?

A.

encrypting messages

B.

signing messages

C.

verifying signed messages

D.

decrypt encrypted messages

Full Access
Question # 48

Which of the following terms can be described as the process to conceal data into another file or media in a practice known as security through obscurity?

A.

Steganography

B.

ADS - Alternate Data Streams

C.

Encryption

D.

NTFS ADS

Full Access
Question # 49

What algorithm was DES derived from?

A.

Twofish.

B.

Skipjack.

C.

Brooks-Aldeman.

D.

Lucifer.

Full Access
Question # 50

Which of the following statements is most accurate regarding a digital signature?

A.

It is a method used to encrypt confidential data.

B.

It is the art of transferring handwritten signature to electronic media.

C.

It allows the recipient of data to prove the source and integrity of data.

D.

It can be used as a signature system and a cryptosystem.

Full Access
Question # 51

What is the primary role of smartcards in a PKI?

A.

Transparent renewal of user keys

B.

Easy distribution of the certificates between the users

C.

Fast hardware encryption of the raw data

D.

Tamper resistant, mobile storage and application of private keys of the users

Full Access
Question # 52

Which virus category has the capability of changing its own code, making it harder to detect by anti-virus software?

A.

Stealth viruses

B.

Polymorphic viruses

C.

Trojan horses

D.

Logic bombs

Full Access
Question # 53

The high availability of multiple all-inclusive, easy-to-use hacking tools that do NOT require much technical knowledge has brought a growth in the number of which type of attackers?

A.

Black hats

B.

White hats

C.

Script kiddies

D.

Phreakers

Full Access
Question # 54

The fact that a network-based IDS reviews packets payload and headers enable which of the following?

A.

Detection of denial of service

B.

Detection of all viruses

C.

Detection of data corruption

D.

Detection of all password guessing attacks

Full Access
Question # 55

Which of the following questions are least likely to help in assessing controls covering audit trails?

A.

Does the audit trail provide a trace of user actions?

B.

Are incidents monitored and tracked until resolved?

C.

Is access to online logs strictly controlled?

D.

Is there separation of duties between security personnel who administer the access control function and those who administer the audit trail?

Full Access
Question # 56

What would be considered the biggest drawback of Host-based Intrusion Detection systems (HIDS)?

A.

It can be very invasive to the host operating system

B.

Monitors all processes and activities on the host system only

C.

Virtually eliminates limits associated with encryption

D.

They have an increased level of visibility and control compared to NIDS

Full Access
Question # 57

Which of the following types of Intrusion Detection Systems uses behavioral characteristics of a system’s operation or network traffic to draw conclusions on whether the traffic represents a risk to the network or host?

A.

Network-based ID systems.

B.

Anomaly Detection.

C.

Host-based ID systems.

D.

Signature Analysis.

Full Access
Question # 58

Which of the following are the two MOST common implementations of Intrusion Detection Systems?

A.

Server-based and Host-based.

B.

Network-based and Guest-based.

C.

Network-based and Client-based.

D.

Network-based and Host-based.

Full Access
Question # 59

Which of the following is NOT a characteristic of a host-based intrusion detection system?

A.

A HIDS does not consume large amounts of system resources

B.

A HIDS can analyse system logs, processes and resources

C.

A HIDS looks for unauthorized changes to the system

D.

A HIDS can notify system administrators when unusual events are identified

Full Access
Question # 60

What can be best defined as the examination of threat sources against system vulnerabilities to determine the threats for a particular system in a particular operational environment?

A.

Risk management

B.

Risk analysis

C.

Threat analysis

D.

Due diligence

Full Access
Question # 61

In the course of responding to and handling an incident, you work on determining the root cause of the incident. In which step are you in?

A.

Recovery

B.

Containment

C.

Triage

D.

Analysis and tracking

Full Access
Question # 62

Which of the following statements pertaining to disaster recovery is incorrect?

A.

A recovery team's primary task is to get the pre-defined critical business functions at the alternate backup processing site.

B.

A salvage team's task is to ensure that the primary site returns to normal processing conditions.

C.

The disaster recovery plan should include how the company will return from the alternate site to the primary site.

D.

When returning to the primary site, the most critical applications should be brought back first.

Full Access
Question # 63

Which of the following recovery plan test results would be most useful to management?

A.

elapsed time to perform various activities.

B.

list of successful and unsuccessful activities.

C.

amount of work completed.

D.

description of each activity.

Full Access
Question # 64

The MOST common threat that impacts a business's ability to function normally is:

A.

Power Outage

B.

Water Damage

C.

Severe Weather

D.

Labor Strike

Full Access
Question # 65

A momentary power outage is a:

A.

spike

B.

blackout

C.

surge

D.

fault

Full Access
Question # 66

When preparing a business continuity plan, who of the following is responsible for identifying and prioritizing time-critical systems?

A.

Executive management staff

B.

Senior business unit management

C.

BCP committee

D.

Functional business units

Full Access
Question # 67

What would BEST define risk management?

A.

The process of eliminating the risk

B.

The process of assessing the risks

C.

The process of reducing risk to an acceptable level

D.

The process of transferring risk

Full Access
Question # 68

Which of the following statements do not apply to a hot site?

A.

It is expensive.

B.

There are cases of common overselling of processing capabilities by the service provider.

C.

It provides a false sense of security.

D.

It is accessible on a first come first serve basis. In case of large disaster it might not be accessible.

Full Access
Question # 69

Once evidence is seized, a law enforcement officer should emphasize which of the following?

A.

Chain of command

B.

Chain of custody

C.

Chain of control

D.

Chain of communications

Full Access
Question # 70

Which of the following rules pertaining to a Business Continuity Plan/Disaster Recovery Plan is incorrect?

A.

In order to facilitate recovery, a single plan should cover all locations.

B.

There should be requirements to form a committee to decide a course of action. These decisions should be made ahead of time and incorporated into the plan.

C.

In its procedures and tasks, the plan should refer to functions, not specific individuals.

D.

Critical vendors should be contacted ahead of time to validate equipment can be obtained in a timely manner.

Full Access
Question # 71

Which of the following backup methods is primarily run when time and tape space permits, and is used for the system archive or baselined tape sets?

A.

full backup method.

B.

incremental backup method.

C.

differential backup method.

D.

tape backup method.

Full Access
Question # 72

Under the Business Exemption Rule to the hearsay evidence, which of the following exceptions would have no bearing on the inadmissibility of audit logs and audit trails in a court of law?

A.

Records are collected during the regular conduct of business.

B.

Records are collected by senior or executive management.

C.

Records are collected at or near the time of occurrence of the act being investigated to generate automated reports.

D.

You can prove no one could have changed the records/data/logs that were collected.

Full Access
Question # 73

Which backup method is used if backup time is critical and tape space is at an extreme premium?

A.

Incremental backup method.

B.

Differential backup method.

C.

Full backup method.

D.

Tape backup method.

Full Access
Question # 74

A deviation from an organization-wide security policy requires which of the following?

A.

Risk Acceptance

B.

Risk Assignment

C.

Risk Reduction

D.

Risk Containment

Full Access
Question # 75

What is the most correct choice below when talking about the steps to resume normal operation at the primary site after the green light has been given by the salvage team?

A.

The most critical operations are moved from alternate site to primary site before others

B.

Operation may be carried by a completely different team than disaster recovery team

C.

The least critical functions should be moved back first

D.

You moves items back in the same order as the categories document in your plan or exactly in the same order as you did on your way to the alternate site

Full Access
Question # 76

If your property Insurance has Actual Cash Valuation (ACV) clause, your damaged property will be compensated based on:

A.

Value of item on the date of loss

B.

Replacement with a new item for the old one regardless of condition of lost item

C.

Value of item one month before the loss

D.

Value of item on the date of loss plus 10 percent

Full Access
Question # 77

Which of the following questions is less likely to help in assessing an organization's contingency planning controls?

A.

Is damaged media stored and/or destroyed?

B.

Are the backup storage site and alternate site geographically far enough from the primary site?

C.

Is there an up-to-date copy of the plan stored securely off-site?

D.

Is the location of stored backups identified?

Full Access
Question # 78

Under the principle of culpable negligence, executives can be held liable for losses that result from computer system breaches if:

A.

The company is not a multi-national company.

B.

They have not exercised due care protecting computing resources.

C.

They have failed to properly insure computer resources against loss.

D.

The company does not prosecute the hacker that caused the breach.

Full Access
Question # 79

In order to be able to successfully prosecute an intruder:

A.

A point of contact should be designated to be responsible for communicating with law enforcement and other external agencies.

B.

A proper chain of custody of evidence has to be preserved.

C.

Collection of evidence has to be done following predefined procedures.

D.

Whenever possible, analyze a replica of the compromised resource, not the original, thereby avoiding inadvertently tamping with evidence.

Full Access
Question # 80

Which of the following is defined as the most recent point in time to which data must be synchronized without adversely affecting the organization (financial or operational impacts)?

A.

Recovery Point Objective

B.

Recovery Time Objective

C.

Point of Time Objective

D.

Critical Time Objective

Full Access
Question # 81

A prolonged power supply that is below normal voltage is a:

A.

brownout

B.

blackout

C.

surge

D.

fault

Full Access
Question # 82

Within the realm of IT security, which of the following combinations best defines risk?

A.

Threat coupled with a breach

B.

Threat coupled with a vulnerability

C.

Vulnerability coupled with an attack

D.

Threat coupled with a breach of security

Full Access
Question # 83

What is the appropriate role of the security analyst in the application system development or acquisition project?

A.

policeman

B.

control evaluator & consultant

C.

data owner

D.

application user

Full Access
Question # 84

Which of the following is an advantage in using a bottom-up versus a top-down approach to software testing?

A.

Interface errors are detected earlier.

B.

Errors in critical modules are detected earlier.

C.

Confidence in the system is achieved earlier.

D.

Major functions and processing are tested earlier.

Full Access
Question # 85

External consistency ensures that the data stored in the database is:

A.

in-consistent with the real world.

B.

remains consistant when sent from one system to another.

C.

consistent with the logical world.

D.

consistent with the real world.

Full Access
Question # 86

Making sure that only those who are supposed to access the data can access is which of the following?

A.

confidentiality.

B.

capability.

C.

integrity.

D.

availability.

Full Access
Question # 87

Which of the following describes a logical form of separation used by secure computing systems?

A.

Processes use different levels of security for input and output devices.

B.

Processes are constrained so that each cannot access objects outside its permitted domain.

C.

Processes conceal data and computations to inhibit access by outside processes.

D.

Processes are granted access based on granularity of controlled objects.

Full Access
Question # 88

Buffer overflow and boundary condition errors are subsets of which of the following?

A.

Race condition errors.

B.

Access validation errors.

C.

Exceptional condition handling errors.

D.

Input validation errors.

Full Access
Question # 89

Configuration Management controls what?

A.

Auditing of changes to the Trusted Computing Base.

B.

Control of changes to the Trusted Computing Base.

C.

Changes in the configuration access to the Trusted Computing Base.

D.

Auditing and controlling any changes to the Trusted Computing Base.

Full Access
Question # 90

Which of the following is not a form of passive attack?

A.

Scavenging

B.

Data diddling

C.

Shoulder surfing

D.

Sniffing

Full Access
Question # 91

Which of the following is BEST defined as a physical control?

A.

Monitoring of system activity

B.

Fencing

C.

Identification and authentication methods

D.

Logical access control mechanisms

Full Access
Question # 92

Which of the following BEST explains why computerized information systems frequently fail to meet the needs of users?

A.

Inadequate quality assurance (QA) tools.

B.

Constantly changing user needs.

C.

Inadequate user participation in defining the system's requirements.

D.

Inadequate project management.

Full Access
Question # 93

Which of the following is NOT a basic component of security architecture?

A.

Motherboard

B.

Central Processing Unit (CPU

C.

Storage Devices

D.

Peripherals (input/output devices)

Full Access
Question # 94

Which of the following test makes sure the modified or new system includes appropriate access controls and does not introduce any security holes that might compromise other systems?

A.

Recovery testing

B.

Security testing

C.

Stress/volume testing

D.

Interface testing

Full Access
Question # 95

A 'Pseudo flaw' is which of the following?

A.

An apparent loophole deliberately implanted in an operating system program as a trap for intruders.

B.

An omission when generating Psuedo-code.

C.

Used for testing for bounds violations in application programming.

D.

A normally generated page fault causing the system to halt.

Full Access
Question # 96

The information security staff's participation in which of the following system development life cycle phases provides maximum benefit to the organization?

A.

project initiation and planning phase

B.

system design specifications phase

C.

development and documentation phase

D.

in parallel with every phase throughout the project

Full Access
Question # 97

Which of the following statements pertaining to software testing approaches is correct?

A.

A bottom-up approach allows interface errors to be detected earlier.

B.

A top-down approach allows errors in critical modules to be detected earlier.

C.

The test plan and results should be retained as part of the system's permanent documentation.

D.

Black box testing is predicated on a close examination of procedural detail.

Full Access
Question # 98

Which of the following is commonly used for retrofitting multilevel security to a database management system?

A.

trusted front-end.

B.

trusted back-end.

C.

controller.

D.

kernel.

Full Access
Question # 99

It is a violation of the "separation of duties" principle when which of the following individuals access the software on systems implementing security?

A.

security administrator

B.

security analyst

C.

systems auditor

D.

systems programmer

Full Access
Question # 100

Related to information security, the prevention of the intentional or unintentional unauthorized disclosure of contents is which of the following?

A.

Confidentiality

B.

Integrity

C.

Availability

D.

capability

Full Access
Question # 101

What are the three FUNDAMENTAL principles of security?

A.

Accountability, confidentiality and integrity

B.

Confidentiality, integrity and availability

C.

Integrity, availability and accountability

D.

Availability, accountability and confidentiality

Full Access
Question # 102

One of the following assertions is NOT a characteristic of Internet Protocol Security (IPsec)

A.

Data cannot be read by unauthorized parties

B.

The identity of all IPsec endpoints are confirmed by other endpoints

C.

Data is delivered in the exact order in which it is sent

D.

The number of packets being exchanged can be counted.

Full Access
Question # 103

When backing up an applications system's data, which of the following is a key question to be answered first?

A.

When to make backups

B.

Where to keep backups

C.

What records to backup

D.

How to store backups

Full Access
Question # 104

Which expert system operating mode allows determining if a given hypothesis is valid?

A.

Blackboard

B.

Lateral chaining

C.

Forward chaining

D.

Backward chaining

Full Access
Question # 105

What is the main purpose of Corporate Security Policy?

A.

To transfer the responsibility for the information security to all users of the organization

B.

To communicate management's intentions in regards to information security

C.

To provide detailed steps for performing specific actions

D.

To provide a common framework for all development activities

Full Access
Question # 106

Password management falls into which control category?

A.

Compensating

B.

Detective

C.

Preventive

D.

Technical

Full Access
Question # 107

What does the Clark-Wilson security model focus on?

A.

Confidentiality

B.

Integrity

C.

Accountability

D.

Availability

Full Access
Question # 108

Which is the last line of defense in a physical security sense?

A.

people

B.

interior barriers

C.

exterior barriers

D.

perimeter barriers

Full Access
Question # 109

What does the simple security (ss) property mean in the Bell-LaPadula model?

A.

No read up

B.

No write down

C.

No read down

D.

No write up

Full Access
Question # 110

In the CIA triad, what does the letter A stand for?

A.

Auditability

B.

Accountability

C.

Availability

D.

Authentication

Full Access
Question # 111

Which of the following is NOT true of the Kerberos protocol?

A.

Only a single login is required per session.

B.

The initial authentication steps are done using public key algorithm.

C.

The KDC is aware of all systems in the network and is trusted by all of them

D.

It performs mutual authentication

Full Access
Question # 112

Access Control techniques do not include which of the following?

A.

Rule-Based Access Controls

B.

Role-Based Access Control

C.

Mandatory Access Control

D.

Random Number Based Access Control

Full Access
Question # 113

The three classic ways of authenticating yourself to the computer security software are by something you know, by something you have, and by something:

A.

you need.

B.

non-trivial

C.

you are.

D.

you can get.

Full Access
Question # 114

What is called an automated means of identifying or authenticating the identity of a living person based on physiological or behavioral characteristics?

A.

Biometrics

B.

Micrometrics

C.

Macrometrics

D.

MicroBiometrics

Full Access
Question # 115

Which one of the following factors is NOT one on which Authentication is based?

A.

Type 1. Something you know, such as a PIN or password

B.

Type 2. Something you have, such as an ATM card or smart card

C.

Type 3. Something you are (based upon one or more intrinsic physical or behavioral traits), such as a fingerprint or retina scan

D.

Type 4. Something you are, such as a system administrator or security administrator

Full Access
Question # 116

Which of the following is the LEAST user accepted biometric device?

A.

Fingerprint

B.

Iris scan

C.

Retina scan

D.

Voice verification

Full Access
Question # 117

Which of the following Kerberos components holds all users' and services' cryptographic keys?

A.

The Key Distribution Service

B.

The Authentication Service

C.

The Key Distribution Center

D.

The Key Granting Service

Full Access
Question # 118

Which of the following is not a security goal for remote access?

A.

Reliable authentication of users and systems

B.

Protection of confidential data

C.

Easy to manage access control to systems and network resources

D.

Automated login for remote users

Full Access
Question # 119

In Synchronous dynamic password tokens:

A.

The token generates a new password value at fixed time intervals (this password could be based on the time of day encrypted with a secret key).

B.

The token generates a new non-unique password value at fixed time intervals (this password could be based on the time of day encrypted with a secret key).

C.

The unique password is not entered into a system or workstation along with an owner's PIN.

D.

The authentication entity in a system or workstation knows an owner's secret key and PIN, and the entity verifies that the entered password is invalid and that it was entered during the invalid time window.

Full Access
Question # 120

Organizations should consider which of the following first before allowing external access to their LANs via the Internet?

A.

plan for implementing workstation locking mechanisms.

B.

plan for protecting the modem pool.

C.

plan for providing the user with his account usage information.

D.

plan for considering proper authentication options.

Full Access
Question # 121

Which of the following is NOT a factor related to Access Control?

A.

integrity

B.

authenticity

C.

confidentiality

D.

availability

Full Access
Question # 122

Which of the following are additional access control objectives?

A.

Consistency and utility

B.

Reliability and utility

C.

Usefulness and utility

D.

Convenience and utility

Full Access
Question # 123

Physical security is accomplished through proper facility construction, fire and water protection, anti-theft mechanisms, intrusion detection systems, and security procedures that are adhered to and enforced. Which of the following is not a component that achieves this type of security?

A.

Administrative control mechanisms

B.

Integrity control mechanisms

C.

Technical control mechanisms

D.

Physical control mechanisms

Full Access
Question # 124

How would nonrepudiation be best classified as?

A.

A preventive control

B.

A logical control

C.

A corrective control

D.

A compensating control

Full Access
Question # 125

The throughput rate is the rate at which individuals, once enrolled, can be processed and identified or authenticated by a biometric system. Acceptable throughput rates are in the range of:

A.

100 subjects per minute.

B.

25 subjects per minute.

C.

10 subjects per minute.

D.

50 subjects per minute.

Full Access
Question # 126

Which of the following can best eliminate dial-up access through a Remote Access Server as a hacking vector?

A.

Using a TACACS+ server.

B.

Installing the Remote Access Server outside the firewall and forcing legitimate users to authenticate to the firewall.

C.

Setting modem ring count to at least 5.

D.

Only attaching modems to non-networked hosts.

Full Access
Question # 127

Which of the following is implemented through scripts or smart agents that replays the users multiple log-ins against authentication servers to verify a user's identity which permit access to system services?

A.

Single Sign-On

B.

Dynamic Sign-On

C.

Smart cards

D.

Kerberos

Full Access
Question # 128

What is called the percentage at which the False Rejection Rate equals the False Acceptance Rate?

A.

False Rejection Rate (FRR) or Type I Error

B.

False Acceptance Rate (FAR) or Type II Error

C.

Crossover Error Rate (CER)

D.

Failure to enroll rate (FTE or FER)

Full Access
Question # 129

Which of the following is the primary security feature of a proxy server?

A.

Virus Detection

B.

URL blocking

C.

Route blocking

D.

Content filtering

Full Access
Question # 130

Which of the following firewall rules found on a firewall installed between an organization's internal network and the Internet would present the greatest danger to the internal network?

A.

Permit all traffic between local hosts.

B.

Permit all inbound ssh traffic.

C.

Permit all inbound tcp connections.

D.

Permit all syslog traffic to log-server.abc.org.

Full Access
Question # 131

A proxy is considered a:

A.

first generation firewall.

B.

third generation firewall.

C.

second generation firewall.

D.

fourth generation firewall.

Full Access
Question # 132

Which of the following is an IP address that is private (i.e. reserved for internal networks, and not a valid address to use on the Internet)?

A.

192.168.42.5

B.

192.166.42.5

C.

192.175.42.5

D.

192.1.42.5

Full Access
Question # 133

A Wide Area Network (WAN) is basically everything outside of:

A.

a Local Area Network (LAN).

B.

a Campus Area Network (CAN).

C.

a Metropolitan Area Network (MAN).

D.

the Internet.

Full Access
Question # 134

While using IPsec, the ESP and AH protocols both provides integrity services. However when using AH, some special attention needs to be paid if one of the peers uses NAT for address translation service. Which of the items below would affects the use of AH and it´s Integrity Check Value (ICV) the most?

A.

Key session exchange

B.

Packet Header Source or Destination address

C.

VPN cryptographic key size

D.

Crypotographic algorithm used

Full Access
Question # 135

Packet Filtering Firewalls can also enable access for:

A.

only authorized application port or service numbers.

B.

only unauthorized application port or service numbers.

C.

only authorized application port or ex-service numbers.

D.

only authorized application port or service integers.

Full Access
Question # 136

Upon which of the following ISO/OSI layers does network address translation operate?

A.

Transport layer

B.

Session layer

C.

Data link layer

D.

Network layer

Full Access
Question # 137

SMTP can best be described as:

A.

a host-to-host email protocol.

B.

an email retrieval protocol.

C.

a web-based e-mail reading protocol.

D.

a standard defining the format of e-mail messages.

Full Access
Question # 138

In telephony different types of connections are being used. The connection from the phone company's branch office to local customers is referred to as which of the following choices?

A.

new loop

B.

local loop

C.

loopback

D.

indigenous loop

Full Access