Special Black Friday Discount Limited Time 65% Offer - Ends in 0d 00h 00m 00s - Coupon code: netdisc

ISC SSCP Systems Security Certified Practitioner Exam Practice Test

Page: 1 / 107
Total 1074 questions

Systems Security Certified Practitioner Questions and Answers

Question 1

The DES algorithm is an example of what type of cryptography?

Options:

A.

Secret Key

B.

Two-key

C.

Asymmetric Key

D.

Public Key

Question 2

Which of the following statements is most accurate regarding a digital signature?

Options:

A.

It is a method used to encrypt confidential data.

B.

It is the art of transferring handwritten signature to electronic media.

C.

It allows the recipient of data to prove the source and integrity of data.

D.

It can be used as a signature system and a cryptosystem.

Question 3

What is the RESULT of a hash algorithm being applied to a message ?

Options:

A.

A digital signature

B.

A ciphertext

C.

A message digest

D.

A plaintext

Question 4

Which of the following ASYMMETRIC encryption algorithms is based on the difficulty of FACTORING LARGE NUMBERS?

Options:

A.

El Gamal

B.

Elliptic Curve Cryptosystems (ECCs)

C.

RSA

D.

International Data Encryption Algorithm (IDEA)

Question 5

Which of the following is not a one-way hashing algorithm?

Options:

A.

MD2

B.

RC4

C.

SHA-1

D.

HAVAL

Question 6

Complete the blanks. When using PKI, I digitally sign a message using my ______ key. The recipient verifies my signature using my ______ key.

Options:

A.

Private / Public

B.

Public / Private

C.

Symmetric / Asymmetric

D.

Private / Symmetric

Question 7

In a hierarchical PKI the highest CA is regularly called Root CA, it is also referred to by which one of the following term?

Options:

A.

Subordinate CA

B.

Top Level CA

C.

Big CA

D.

Master CA

Question 8

Which of the following is less likely to be used today in creating a Virtual Private Network?

Options:

A.

L2TP

B.

PPTP

C.

IPSec

D.

L2F

Question 9

Which type of attack is based on the probability of two different messages using the same hash function producing a common message digest?

Options:

A.

Differential cryptanalysis

B.

Differential linear cryptanalysis

C.

Birthday attack

D.

Statistical attack

Question 10

What algorithm has been selected as the AES algorithm, replacing the DES algorithm?

Options:

A.

RC6

B.

Twofish

C.

Rijndael

D.

Blowfish

Question 11

The computations involved in selecting keys and in enciphering data are complex, and are not practical for manual use. However, using mathematical properties of modular arithmetic and a method known as "_________________," RSA is quite feasible for computer use.

Options:

A.

computing in Galois fields

B.

computing in Gladden fields

C.

computing in Gallipoli fields

D.

computing in Galbraith fields

Question 12

What can be defined as a digital certificate that binds a set of descriptive data items, other than a public key, either directly to a subject name or to the identifier of another certificate that is a public-key certificate?

Options:

A.

A public-key certificate

B.

An attribute certificate

C.

A digital certificate

D.

A descriptive certificate

Question 13

You work in a police department forensics lab where you examine computers for evidence of crimes. Your work is vital to the success of the prosecution of criminals.

One day you receive a laptop and are part of a two man team responsible for examining it together. However, it is lunch time and after receiving the laptop you leave it on your desk and you both head out to lunch.

What critical step in forensic evidence have you forgotten?

Options:

A.

Chain of custody

B.

Locking the laptop in your desk

C.

Making a disk image for examination

D.

Cracking the admin password with chntpw

Question 14

Which of the following can best define the "revocation request grace period"?

Options:

A.

The period of time allotted within which the user must make a revocation request upon a revocation reason

B.

Minimum response time for performing a revocation by the CA

C.

Maximum response time for performing a revocation by the CA

D.

Time period between the arrival of a revocation request and the publication of the revocation information

Question 15

The Data Encryption Algorithm performs how many rounds of substitution and permutation?

Options:

A.

4

B.

16

C.

54

D.

64

Question 16

What is NOT true with pre shared key authentication within IKE / IPsec protocol?

Options:

A.

Pre shared key authentication is normally based on simple passwords

B.

Needs a Public Key Infrastructure (PKI) to work

C.

IKE is used to setup Security Associations

D.

IKE builds upon the Oakley protocol and the ISAKMP protocol.

Question 17

Which of the following type of cryptography is used when both parties use the same key to communicate securely with each other?

Options:

A.

Symmetric Key Cryptography

B.

PKI - Public Key Infrastructure

C.

Diffie-Hellman

D.

DSS - Digital Signature Standard

Question 18

Which of the following is true about link encryption?

Options:

A.

Each entity has a common key with the destination node.

B.

Encrypted messages are only decrypted by the final node.

C.

This mode does not provide protection if anyone of the nodes along the transmission path is compromised.

D.

Only secure nodes are used in this type of transmission.

Question 19

What is the maximum number of different keys that can be used when encrypting with Triple DES?

Options:

A.

1

B.

2

C.

3

D.

4

Question 20

Which of the following statements pertaining to block ciphers is incorrect?

Options:

A.

It operates on fixed-size blocks of plaintext.

B.

It is more suitable for software than hardware implementations.

C.

Plain text is encrypted with a public key and decrypted with a private key.

D.

Some Block ciphers can operate internally as a stream.

Question 21

What is the length of an MD5 message digest?

Options:

A.

128 bits

B.

160 bits

C.

256 bits

D.

varies depending upon the message size.

Question 22

What is the effective key size of DES?

Options:

A.

56 bits

B.

64 bits

C.

128 bits

D.

1024 bits

Question 23

Which of the following can best be defined as a key distribution protocol that uses hybrid encryption to convey session keys. This protocol establishes a long-term key once, and then requires no prior communication in order to establish or exchange keys on a session-by-session basis?

Options:

A.

Internet Security Association and Key Management Protocol (ISAKMP)

B.

Simple Key-management for Internet Protocols (SKIP)

C.

Diffie-Hellman Key Distribution Protocol

D.

IPsec Key exchange (IKE)

Question 24

Which of the following results in the most devastating business interruptions?

Options:

A.

Loss of Hardware/Software

B.

Loss of Data

C.

Loss of Communication Links

D.

Loss of Applications

Question 25

How is Annualized Loss Expectancy (ALE) derived from a threat?

Options:

A.

ARO x (SLE - EF)

B.

SLE x ARO

C.

SLE/EF

D.

AV x EF

Question 26

What would BEST define risk management?

Options:

A.

The process of eliminating the risk

B.

The process of assessing the risks

C.

The process of reducing risk to an acceptable level

D.

The process of transferring risk

Question 27

A copy of evidence or oral description of its contents; which is not as reliable as best evidence is what type of evidence?

Options:

A.

Direct evidence

B.

Circumstantial evidence

C.

Hearsay evidence

D.

Secondary evidence

Question 28

Contracts and agreements are often times unenforceable or hard to enforce in which of the following alternate facility recovery agreement?

Options:

A.

hot site

B.

warm site

C.

cold site

D.

reciprocal agreement

Question 29

Which of the following backup method must be made regardless of whether Differential or Incremental methods are used?

Options:

A.

Full Backup Method.

B.

Incremental backup method.

C.

Supplemental backup method.

D.

Tape backup method.

Question 30

What is the most correct choice below when talking about the steps to resume normal operation at the primary site after the green light has been given by the salvage team?

Options:

A.

The most critical operations are moved from alternate site to primary site before others

B.

Operation may be carried by a completely different team than disaster recovery team

C.

The least critical functions should be moved back first

D.

You moves items back in the same order as the categories document in your plan or exactly in the same order as you did on your way to the alternate site

Question 31

Which of the following statements pertaining to quantitative risk analysis is false?

Options:

A.

Portion of it can be automated

B.

It involves complex calculations

C.

It requires a high volume of information

D.

It requires little experience to apply

Question 32

Which of the following computer recovery sites is only partially equipped with processing equipment?

Options:

A.

hot site

B.

rolling hot site

C.

warm site

D.

cold site

Question 33

Which of the following backup sites is the most effective for disaster recovery?

Options:

A.

Time brokers

B.

Hot sites

C.

Cold sites

D.

Reciprocal Agreement

Question 34

A prolonged high voltage is a:

Options:

A.

spike

B.

blackout

C.

surge

D.

fault

Question 35

Which of the following enables the person responsible for contingency planning to focus risk management efforts and resources in a prioritized manner only on the identified risks?

Options:

A.

Risk assessment

B.

Residual risks

C.

Security controls

D.

Business units

Question 36

All of the following can be considered essential business functions that should be identified when creating a Business Impact Analysis (BIA) except one. Which of the following would not be considered an essential element of the BIA but an important TOPIC to include within the BCP plan:

Options:

A.

IT Network Support

B.

Accounting

C.

Public Relations

D.

Purchasing

Question 37

How should a risk be HANDLED when the cost of the countermeasure OUTWEIGHS the cost of the risk?

Options:

A.

Reject the risk

B.

Perform another risk analysis

C.

Accept the risk

D.

Reduce the risk

Question 38

Which of the following is covered under Crime Insurance Policy Coverage?

Options:

A.

Inscribed, printed and Written documents

B.

Manuscripts

C.

Accounts Receivable

D.

Money and Securities

Question 39

Which of the following backup methods is most appropriate for off-site archiving?

Options:

A.

Incremental backup method

B.

Off-site backup method

C.

Full backup method

D.

Differential backup method

Question 40

Which of the following should be emphasized during the Business Impact Analysis (BIA) considering that the BIA focus is on business processes?

Options:

A.

Composition

B.

Priorities

C.

Dependencies

D.

Service levels

Question 41

Because ordinary cable introduces a toxic hazard in the event of fire, special cabling is required in a separate area provided for air circulation for heating, ventilation, and air-conditioning (sometimes referred to as HVAC) and typically provided in the space between the structural ceiling and a drop-down ceiling. This area is referred to as the:

Options:

A.

smoke boundry area

B.

fire detection area

C.

Plenum area

D.

Intergen area

Question 42

Which of the following steps is NOT one of the eight detailed steps of a Business Impact Assessment (BIA):

Options:

A.

Notifying senior management of the start of the assessment.

B.

Creating data gathering techniques.

C.

Identifying critical business functions.

D.

Calculating the risk for each different business function.

Question 43

Which of the following would BEST be defined as an absence or weakness of safeguard that could be exploited?

Options:

A.

A threat

B.

A vulnerability

C.

A risk

D.

An exposure

Question 44

The scope and focus of the Business continuity plan development depends most on:

Options:

A.

Directives of Senior Management

B.

Business Impact Analysis (BIA)

C.

Scope and Plan Initiation

D.

Skills of BCP committee

Question 45

What can be best defined as the examination of threat sources against system vulnerabilities to determine the threats for a particular system in a particular operational environment?

Options:

A.

Risk management

B.

Risk analysis

C.

Threat analysis

D.

Due diligence

Question 46

Who should direct short-term recovery actions immediately following a disaster?

Options:

A.

Chief Information Officer.

B.

Chief Operating Officer.

C.

Disaster Recovery Manager.

D.

Chief Executive Officer.

Question 47

Which of the following security models does NOT concern itself with the flow of data?

Options:

A.

The information flow model

B.

The Biba model

C.

The Bell-LaPadula model

D.

The noninterference model

Question 48

What is called the type of access control where there are pairs of elements that have the least upper bound of values and greatest lower bound of values?

Options:

A.

Mandatory model

B.

Discretionary model

C.

Lattice model

D.

Rule model

Question 49

Which of the following classes is the first level (lower) defined in the TCSEC (Orange Book) as mandatory protection?

Options:

A.

B

B.

A

C.

C

D.

D

Question 50

Which of the following questions is less likely to help in assessing identification and authentication controls?

Options:

A.

Is a current list maintained and approved of authorized users and their access?

B.

Are passwords changed at least every ninety days or earlier if needed?

C.

Are inactive user identifications disabled after a specified period of time?

D.

Is there a process for reporting incidents?

Question 51

Access control is the collection of mechanisms that permits managers of a system to exercise a directing or restraining influence over the behavior, use, and content of a system. It does not permit management to:

Options:

A.

specify what users can do

B.

specify which resources they can access

C.

specify how to restrain hackers

D.

specify what operations they can perform on a system.

Question 52

Which of the following biometric devices offers the LOWEST CER?

Options:

A.

Keystroke dynamics

B.

Voice verification

C.

Iris scan

D.

Fingerprint

Question 53

Technical controls such as encryption and access control can be built into the operating system, be software applications, or can be supplemental hardware/software units. Such controls, also known as logical controls, represent which pairing?

Options:

A.

Preventive/Administrative Pairing

B.

Preventive/Technical Pairing

C.

Preventive/Physical Pairing

D.

Detective/Technical Pairing

Question 54

Access Control techniques do not include which of the following?

Options:

A.

Rule-Based Access Controls

B.

Role-Based Access Control

C.

Mandatory Access Control

D.

Random Number Based Access Control

Question 55

The end result of implementing the principle of least privilege means which of the following?

Options:

A.

Users would get access to only the info for which they have a need to know

B.

Users can access all systems.

C.

Users get new privileges added when they change positions.

D.

Authorization creep.

Question 56

Which of the following is not a logical control when implementing logical access security?

Options:

A.

access profiles.

B.

userids.

C.

employee badges.

D.

passwords.

Question 57

In Mandatory Access Control, sensitivity labels attached to object contain what information?

Options:

A.

The item's classification

B.

The item's classification and category set

C.

The item's category

D.

The items's need to know

Question 58

Which access control model enables the OWNER of the resource to specify what subjects can access specific resources based on their identity?

Options:

A.

Discretionary Access Control

B.

Mandatory Access Control

C.

Sensitive Access Control

D.

Role-based Access Control

Question 59

Which of the following attacks could capture network user passwords?

Options:

A.

Data diddling

B.

Sniffing

C.

IP Spoofing

D.

Smurfing

Question 60

Which type of password token involves time synchronization?

Options:

A.

Static password tokens

B.

Synchronous dynamic password tokens

C.

Asynchronous dynamic password tokens

D.

Challenge-response tokens

Question 61

The throughput rate is the rate at which individuals, once enrolled, can be processed and identified or authenticated by a biometric system. Acceptable throughput rates are in the range of:

Options:

A.

100 subjects per minute.

B.

25 subjects per minute.

C.

10 subjects per minute.

D.

50 subjects per minute.

Question 62

What is called the percentage at which the False Rejection Rate equals the False Acceptance Rate?

Options:

A.

False Rejection Rate (FRR) or Type I Error

B.

False Acceptance Rate (FAR) or Type II Error

C.

Crossover Error Rate (CER)

D.

Failure to enroll rate (FTE or FER)

Question 63

What are the components of an object's sensitivity label?

Options:

A.

A Classification Set and a single Compartment.

B.

A single classification and a single compartment.

C.

A Classification Set and user credentials.

D.

A single classification and a Compartment Set.

Question 64

Which of the following would be an example of the best password?

Options:

A.

golf001

B.

Elizabeth

C.

T1me4g0lF

D.

password

Question 65

Which of the following is NOT true of the Kerberos protocol?

Options:

A.

Only a single login is required per session.

B.

The initial authentication steps are done using public key algorithm.

C.

The KDC is aware of all systems in the network and is trusted by all of them

D.

It performs mutual authentication

Question 66

How would nonrepudiation be best classified as?

Options:

A.

A preventive control

B.

A logical control

C.

A corrective control

D.

A compensating control

Question 67

Which of the following statements pertaining to RADIUS is incorrect:

Options:

A.

A RADIUS server can act as a proxy server, forwarding client requests to other authentication domains.

B.

Most of RADIUS clients have a capability to query secondary RADIUS servers for redundancy.

C.

Most RADIUS servers have built-in database connectivity for billing and reporting purposes.

D.

Most RADIUS servers can work with DIAMETER servers.

Question 68

The type of discretionary access control (DAC) that is based on an individual's identity is also called:

Options:

A.

Identity-based Access control

B.

Rule-based Access control

C.

Non-Discretionary Access Control

D.

Lattice-based Access control

Question 69

Which of the following would be true about Static password tokens?

Options:

A.

The owner identity is authenticated by the token

B.

The owner will never be authenticated by the token.

C.

The owner will authenticate himself to the system.

D.

The token does not authenticates the token owner but the system.

Question 70

Which of the following are the two MOST common implementations of Intrusion Detection Systems?

Options:

A.

Server-based and Host-based.

B.

Network-based and Guest-based.

C.

Network-based and Client-based.

D.

Network-based and Host-based.

Question 71

Which of the following usually provides reliable, real-time information without consuming network or host resources?

Options:

A.

network-based IDS

B.

host-based IDS

C.

application-based IDS

D.

firewall-based IDS

Question 72

What IDS approach relies on a database of known attacks?

Options:

A.

Signature-based intrusion detection

B.

Statistical anomaly-based intrusion detection

C.

Behavior-based intrusion detection

D.

Network-based intrusion detection

Question 73

Why would anomaly detection IDSs often generate a large number of false positives?

Options:

A.

Because they can only identify correctly attacks they already know about.

B.

Because they are application-based are more subject to attacks.

C.

Because they can't identify abnormal behavior.

D.

Because normal patterns of user and system behavior can vary wildly.

Question 74

A periodic review of user account management should not determine:

Options:

A.

Conformity with the concept of least privilege.

B.

Whether active accounts are still being used.

C.

Strength of user-chosen passwords.

D.

Whether management authorizations are up-to-date.

Question 75

Which of the following tools is NOT likely to be used by a hacker?

Options:

A.

Nessus

B.

Saint

C.

Tripwire

D.

Nmap

Question 76

Which of the following best describes signature-based detection?

Options:

A.

Compare source code, looking for events or sets of events that could cause damage to a system or network.

B.

Compare system activity for the behaviour patterns of new attacks.

C.

Compare system activity, looking for events or sets of events that match a predefined pattern of events that describe a known attack.

D.

Compare network nodes looking for objects or sets of objects that match a predefined pattern of objects that may describe a known attack.

Question 77

What is the primary goal of setting up a honeypot?

Options:

A.

To lure hackers into attacking unused systems

B.

To entrap and track down possible hackers

C.

To set up a sacrificial lamb on the network

D.

To know when certain types of attacks are in progress and to learn about attack techniques so the network can be fortified.

Question 78

What setup should an administrator use for regularly testing the strength of user passwords?

Options:

A.

A networked workstation so that the live password database can easily be accessed by the cracking program.

B.

A networked workstation so the password database can easily be copied locally and processed by the cracking program.

C.

A standalone workstation on which the password database is copied and processed by the cracking program.

D.

A password-cracking program is unethical; therefore it should not be used.

Question 79

In order to enable users to perform tasks and duties without having to go through extra steps it is important that the security controls and mechanisms that are in place have a degree of?

Options:

A.

Complexity

B.

Non-transparency

C.

Transparency

D.

Simplicity

Question 80

A timely review of system access audit records would be an example of which of the basic security functions?

Options:

A.

avoidance

B.

deterrence

C.

prevention

D.

detection

Question 81

Which of the following types of Intrusion Detection Systems uses behavioral characteristics of a system’s operation or network traffic to draw conclusions on whether the traffic represents a risk to the network or host?

Options:

A.

Network-based ID systems.

B.

Anomaly Detection.

C.

Host-based ID systems.

D.

Signature Analysis.

Question 82

Due care is not related to:

Options:

A.

Good faith

B.

Prudent man

C.

Profit

D.

Best interest

Question 83

Which conceptual approach to intrusion detection system is the most common?

Options:

A.

Behavior-based intrusion detection

B.

Knowledge-based intrusion detection

C.

Statistical anomaly-based intrusion detection

D.

Host-based intrusion detection

Question 84

Which one of the following statements about the advantages and disadvantages of network-based Intrusion detection systems is true

Options:

A.

Network-based IDSs are not vulnerable to attacks.

B.

Network-based IDSs are well suited for modern switch-based networks.

C.

Most network-based IDSs can automatically indicate whether or not an attack was successful.

D.

The deployment of network-based IDSs has little impact upon an existing network.

Question 85

In what way can violation clipping levels assist in violation tracking and analysis?

Options:

A.

Clipping levels set a baseline for acceptable normal user errors, and violations exceeding that threshold will be recorded for analysis of why the violations occurred.

B.

Clipping levels enable a security administrator to customize the audit trail to record only those violations which are deemed to be security relevant.

C.

Clipping levels enable the security administrator to customize the audit trail to record only actions for users with access to user accounts with a privileged status.

D.

Clipping levels enable a security administrator to view all reductions in security levels which have been made to user accounts which have incurred violations.

Question 86

The fact that a network-based IDS reviews packets payload and headers enable which of the following?

Options:

A.

Detection of denial of service

B.

Detection of all viruses

C.

Detection of data corruption

D.

Detection of all password guessing attacks

Question 87

Which of the following monitors network traffic in real time?

Options:

A.

network-based IDS

B.

host-based IDS

C.

application-based IDS

D.

firewall-based IDS

Question 88

Which of the following is required in order to provide accountability?

Options:

A.

Authentication

B.

Integrity

C.

Confidentiality

D.

Audit trails

Question 89

Which of the following is the BEST way to detect software license violations?

Options:

A.

Implementing a corporate policy on copyright infringements and software use.

B.

Requiring that all PCs be diskless workstations.

C.

Installing metering software on the LAN so applications can be accessed through the metered software.

D.

Regularly scanning PCs in use to ensure that unauthorized copies of software have not been loaded on the PC.

Question 90

What would be considered the biggest drawback of Host-based Intrusion Detection systems (HIDS)?

Options:

A.

It can be very invasive to the host operating system

B.

Monitors all processes and activities on the host system only

C.

Virtually eliminates limits associated with encryption

D.

They have an increased level of visibility and control compared to NIDS

Question 91

Which protocol is NOT implemented in the Network layer of the OSI Protocol Stack?

Options:

A.

hyper text transport protocol

B.

Open Shortest Path First

C.

Internet Protocol

D.

Routing Information Protocol

Question 92

Which of the following is not a preventive operational control?

Options:

A.

Protecting laptops, personal computers and workstations.

B.

Controlling software viruses.

C.

Controlling data media access and disposal.

D.

Conducting security awareness and technical training.

Question 93

Which of the following is a set of data processing elements that increases the performance in a computer by overlapping the steps of different instructions?

Options:

A.

pipelining

B.

complex-instruction-set-computer (CISC)

C.

reduced-instruction-set-computer (RISC)

D.

multitasking

Question 94

When two or more separate entities (usually persons) operating in concert to protect sensitive functions or information must combine their knowledge to gain access to an asset, this is known as?

Options:

A.

Dual Control

B.

Need to know

C.

Separation of duties

D.

Segragation of duties

Question 95

Degaussing is used to clear data from all of the following medias except:

Options:

A.

Floppy Disks

B.

Read-Only Media

C.

Video Tapes

D.

Magnetic Hard Disks

Question 96

Which of the following is an advantage in using a bottom-up versus a top-down approach to software testing?

Options:

A.

Interface errors are detected earlier.

B.

Errors in critical modules are detected earlier.

C.

Confidence in the system is achieved earlier.

D.

Major functions and processing are tested earlier.

Question 97

During which phase of an IT system life cycle are security requirements developed?

Options:

A.

Operation

B.

Initiation

C.

Functional design analysis and Planning

D.

Implementation

Question 98

Who can best decide what are the adequate technical security controls in a computer-based application system in regards to the protection of the data being used, the criticality of the data, and it's sensitivity level ?

Options:

A.

System Auditor

B.

Data or Information Owner

C.

System Manager

D.

Data or Information user

Question 99

What is called the formal acceptance of the adequacy of a system's overall security by the management?

Options:

A.

Certification

B.

Acceptance

C.

Accreditation

D.

Evaluation

Question 100

Which of the following is NOT a proper component of Media Viability Controls?

Options:

A.

Storage

B.

Writing

C.

Handling

D.

Marking

Question 101

Whose role is it to assign classification level to information?

Options:

A.

Security Administrator

B.

User

C.

Owner

D.

Auditor

Question 102

What is the main purpose of Corporate Security Policy?

Options:

A.

To transfer the responsibility for the information security to all users of the organization

B.

To communicate management's intentions in regards to information security

C.

To provide detailed steps for performing specific actions

D.

To provide a common framework for all development activities

Question 103

Which of the following is a not a preventative control?

Options:

A.

Deny programmer access to production data.

B.

Require change requests to include information about dates, descriptions, cost analysis and anticipated effects.

C.

Run a source comparison program between control and current source periodically.

D.

Establish procedures for emergency changes.

Question 104

Which of the following is less likely to be included in the change control sub-phase of the maintenance phase of a software product?

Options:

A.

Estimating the cost of the changes requested

B.

Recreating and analyzing the problem

C.

Determining the interface that is presented to the user

D.

Establishing the priorities of requests

Question 105

Related to information security, the guarantee that the message sent is the message received with the assurance that the message was not intentionally or unintentionally altered is an example of which of the following?

Options:

A.

integrity

B.

confidentiality

C.

availability

D.

identity

Question 106

Related to information security, integrity is the opposite of which of the following?

Options:

A.

abstraction

B.

alteration

C.

accreditation

D.

application

Question 107

Which of the following computer design approaches is based on the fact that in earlier technologies, the instruction fetch was the longest part of the cycle?

Options:

A.

Pipelining

B.

Reduced Instruction Set Computers (RISC)

C.

Complex Instruction Set Computers (CISC)

D.

Scalar processors

Question 108

Related to information security, availability is the opposite of which of the following?

Options:

A.

delegation

B.

distribution

C.

documentation

D.

destruction

Question 109

Which of the following are required for Life-Cycle Assurance?

Options:

A.

System Architecture and Design specification.

B.

Security Testing and Covert Channel Analysis.

C.

Security Testing and Trusted distribution.

D.

Configuration Management and Trusted Facility Management.

Question 110

Which of the following is not a method to protect objects and the data within the objects?

Options:

A.

Layering

B.

Data mining

C.

Abstraction

D.

Data hiding

Question 111

As per the Orange Book, what are two types of system assurance?

Options:

A.

Operational Assurance and Architectural Assurance.

B.

Design Assurance and Implementation Assurance.

C.

Architectural Assurance and Implementation Assurance.

D.

Operational Assurance and Life-Cycle Assurance.

Question 112

What is the appropriate role of the security analyst in the application system development or acquisition project?

Options:

A.

policeman

B.

control evaluator & consultant

C.

data owner

D.

application user

Question 113

What are the three FUNDAMENTAL principles of security?

Options:

A.

Accountability, confidentiality and integrity

B.

Confidentiality, integrity and availability

C.

Integrity, availability and accountability

D.

Availability, accountability and confidentiality

Question 114

Which of the following BEST explains why computerized information systems frequently fail to meet the needs of users?

Options:

A.

Inadequate quality assurance (QA) tools.

B.

Constantly changing user needs.

C.

Inadequate user participation in defining the system's requirements.

D.

Inadequate project management.

Question 115

Which of the following security modes of operation involves the highest risk?

Options:

A.

Compartmented Security Mode

B.

Multilevel Security Mode

C.

System-High Security Mode

D.

Dedicated Security Mode

Question 116

Which of the following virus types changes some of its characteristics as it spreads?

Options:

A.

Boot Sector

B.

Parasitic

C.

Stealth

D.

Polymorphic

Question 117

Which of the following computer crime is MORE often associated with INSIDERS?

Options:

A.

IP spoofing

B.

Password sniffing

C.

Data diddling

D.

Denial of service (DOS)

Question 118

Which virus category has the capability of changing its own code, making it harder to detect by anti-virus software?

Options:

A.

Stealth viruses

B.

Polymorphic viruses

C.

Trojan horses

D.

Logic bombs

Question 119

In computing what is the name of a non-self-replicating type of malware program containing malicious code that appears to have some useful purpose but also contains code that has a malicious or harmful purpose imbedded in it, when executed, carries out actions that are unknown to the person installing it, typically causing loss or theft of data, and possible system harm.

Options:

A.

virus

B.

worm

C.

Trojan horse.

D.

trapdoor

Question 120

What is malware that can spread itself over open network connections?

Options:

A.

Worm

B.

Rootkit

C.

Adware

D.

Logic Bomb

Question 121

What best describes a scenario when an employee has been shaving off pennies from multiple accounts and depositing the funds into his own bank account?

Options:

A.

Data fiddling

B.

Data diddling

C.

Salami techniques

D.

Trojan horses

Question 122

What do the ILOVEYOU and Melissa virus attacks have in common?

Options:

A.

They are both denial-of-service (DOS) attacks.

B.

They have nothing in common.

C.

They are both masquerading attacks.

D.

They are both social engineering attacks.

Question 123

Which of the following technologies is a target of XSS or CSS (Cross-Site Scripting) attacks?

Options:

A.

Web Applications

B.

Intrusion Detection Systems

C.

Firewalls

D.

DNS Servers

Question 124

Java is not:

Options:

A.

Object-oriented.

B.

Distributed.

C.

Architecture Specific.

D.

Multithreaded.

Question 125

The high availability of multiple all-inclusive, easy-to-use hacking tools that do NOT require much technical knowledge has brought a growth in the number of which type of attackers?

Options:

A.

Black hats

B.

White hats

C.

Script kiddies

D.

Phreakers

Question 126

Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:

Options:

A.

Not possible

B.

Only possible with key recovery scheme of all user keys

C.

It is possible only if X509 Version 3 certificates are used

D.

It is possible only by "brute force" decryption

Question 127

Crackers today are MOST often motivated by their desire to:

Options:

A.

Help the community in securing their networks.

B.

Seeing how far their skills will take them.

C.

Getting recognition for their actions.

D.

Gaining Money or Financial Gains.

Question 128

Which xDSL flavour can deliver up to 52 Mbps downstream over a single copper twisted pair?

Options:

A.

VDSL

B.

SDSL

C.

HDSL

D.

ADSL

Question 129

A Wide Area Network (WAN) is basically everything outside of:

Options:

A.

a Local Area Network (LAN).

B.

a Campus Area Network (CAN).

C.

a Metropolitan Area Network (MAN).

D.

the Internet.

Question 130

Which of the following is a telecommunication device that translates data from digital to analog form and back to digital?

Options:

A.

Multiplexer

B.

Modem

C.

Protocol converter

D.

Concentrator

Question 131

Which device acting as a translator is used to connect two networks or applications from layer 4 up to layer 7 of the ISO/OSI Model?

Options:

A.

Bridge

B.

Repeater

C.

Router

D.

Gateway

Question 132

What is the greatest danger from DHCP?

Options:

A.

An intruder on the network impersonating a DHCP server and thereby misconfiguring the DHCP clients.

B.

Having multiple clients on the same LAN having the same IP address.

C.

Having the wrong router used as the default gateway.

D.

Having the organization's mail server unreachable.

Question 133

Which of the following was designed as a more fault-tolerant topology than Ethernet, and very resilient when properly implemented?

Options:

A.

Token Link.

B.

Token system.

C.

Token Ring.

D.

Duplicate ring.

Question 134

Which of the following is a tool often used to reduce the risk to a local area network (LAN) that has external connections by filtering Ingress and Egress traffic?

Options:

A.

a firewall.

B.

dial-up.

C.

passwords.

D.

fiber optics.

Question 135

Which of the following is true about link encryption?

Options:

A.

Each entity has a common key with the destination node.

B.

Encrypted messages are only decrypted by the final node.

C.

This mode does not provide protection if anyone of the nodes along the transmission path is compromised.

D.

Only secure nodes are used in this type of transmission.

Question 136

Which of the following protects Kerberos against replay attacks?

Options:

A.

Tokens

B.

Passwords

C.

Cryptography

D.

Time stamps

Question 137

You are running a packet sniffer on a network and see a packet containing a long string of "0x90 0x90 0x90 0x90...." in the middle of it traveling to an x86-based machine as a target. This could be indicative of what activity being attempted?

Options:

A.

Over-subscription of the traffic on a backbone.

B.

A source quench packet.

C.

A FIN scan.

D.

A buffer overflow attack.

Question 138

What works as an E-mail message transfer agent?

Options:

A.

SMTP

B.

SNMP

C.

S-RPC

D.

S/MIME

Page: 1 / 107
Total 1074 questions