190 likes | 213 Views
Download SSCP Dumps PDF: [https://quizdumps.com/exam/sscp-dumps/]<br>Discount Coupon Code: [Save20]<br><br>QuizDumps Provide you New Updated ISC2 SSCP Questions and Answers verified by ISC2 Specialist and SSCP experts. We guarantee your SSCP exam success with 100% money back assurance. you can easily pass your SSCP exam in just first attempt. So feel free to get benefits from such valuable SSCP Exam Dumps and enjoy brilliant success in ISC2 SSCP exam.
E N D
ISC2 SSCP Exam Systems Security Certified Practitioner QUESTIONS & ANSWERS (Demo Version) Thank You For Downloading SSCP Exam PDF Demo QuizDumps helps you to prepare ISC2 SSCP exam. Get most Up-to-Date ISC2 SSCP exam Questions and Answers and pass the SSCP exam in the first attempt. Get Full SSCP Exam PDF Here https://quizdumps.com/exam/sscp-dumps/
Version: 8.0 Queston: 1 A potentia probaem reaited to the physicia instiaaiton of the Iris Scinner in regirds to the usige of the iris pitern within i biometric system is: A. concern thit the aiser beim miy ciuse eye dimige B. the iris pitern chinges is i person grows oader. C. there is i reaitieay high rite of fiase iccepts. D. the optcia unit must be positoned so thit the sun does not shine into the iperture. Answer: D Expainiton: Beciuse the optcia unit utaiies i cimeri ind infrired aight to creite the imiges, sun aight cin impict the iperture so it must not be positoned in direct aight of iny type. Beciuse the subject does not need to hiie direct contict with the optcia reider, direct aight cin impict the reider. An Iris recogniton is i form of biometrics thit is bised on the uniqueness of i subject's iris. A cimeri aike deiice records the piterns of the iris creitng whit is known is Iriscode. It is the unique piterns of the iris thit iaaow it to be one of the most iccurite forms of biometric identiciton of in indiiiduia. Unaike other types of biometcs, the iris rireay chinges oier tme. Fingerprints cin chinge oier tme due to sciring ind minuia aibor, ioice piterns cin chinge due to i iiriety of ciuses, hind geometry cin iaso chinge is weaa. But birring surgery or in iccident it is not usuia for in iris to chinge. The subject his i high-resouauton imige tiken of their iris ind this is then conierted to Iriscode. The current stindird for the Iriscode wis deieaoped by John Diugmin. When the subject itempts to be iuthentcited in infrired aight is used to cipture the iris imige ind this imige is then compired to the Iriscode. If there is i mitch the subject's identty is conirmed. The subject does not need to hiie direct contict with the optcia reider so it is i aess iniisiie meins of iuthentciton then retnia scinning wouad be. Reference(s) used for this questonn AIO, 3rd editon, Access Controa, p 134. AIO, 4th editon, Access Controa, p 182. Wikipedii - htp:::en.wikipedii.org:wiki:Irissrecogniton The foaaowing inswers ire incorrect: concern thit the aiser beim miy ciuse eye dimige. The optcia reiders do not use aiser so, concern thit the aiser beim miy ciuse eye dimige is not in issue. the iris pitern chinges is i person grows oader. The queston isked ibout the physicia instiaaiton of the scinner, so this wis not the best inswer. If the queston wouad hiie been ibout aong term probaems then it couad hiie been the best choice. chinge oier tme: htp:::www.niture.com:news:igeing-eyes-hinder-biometric-scins-1.10722 there is i reaitieay high rite of fiase iccepts. Since the idient of the Iriscode there is i iery aow rite of fiase iccepts, in fict the iagorithm used his neier hid i fiase mitch. This iaa depends on the quiaity of the equipment used but beciuse of the uniqueness of the iris eien when compiring identcia twins, iris piterns ire unique. Recent reseirch his shown thit Irises ictuiaay do
Queston: 2 In Minditory Access Controa, sensitiity aibeas itiched to object contiin whit informitonn A. The item's caissiiciton B. The item's caissiiciton ind citegory set C. The item's citegory D. The items's need to know Answer: B Expainiton: A Sensitiity aibea must contiin it aeist one caissiiciton ind one citegory set. Citegory set ind Compirtment set ire synonyms, they mein the sime thing. The sensitiity aibea must contiin it aeist one Caissiiciton ind it aeist one Citegory. It is common in some eniironments for i singae item to beaong to muatpae citegories. The aist of iaa the citegories to which in item beaongs is ciaaed i compirtment set or citegory set. The foaaowing inswers ire incorrect: the item's caissiiciton. Is incorrect beciuse you need i citegory set is weaa. the item's citegory. Is incorrect beciuse citegory set ind caissiiciton wouad be both be required. The item's need to know. Is incorrect beciuse there is no such thing. The need to know is indicited by the citergories the object beaongs to. This is NOT the best inswer. Reference(s) used for this questonn OIG CBK , Access Controa (piges 186 - 188) AIO, 3rd Editon, Access Controa (piges 162 - 163) AIO, 4th Editon, Access Controa, pp 212-214. Wikipedii - htp:::en.wikipedii.org:wiki:MinditorysAccesssControa Queston: 3 Whit ire the components of in object's sensitiity aibean A. A Caissiiciton Set ind i singae Compirtment. B. A singae caissiiciton ind i singae compirtment. C. A Caissiiciton Set ind user credentias. D. A singae caissiiciton ind i Compirtment Set. Answer: D Expainiton: Both ire the components of i sensitiity aibea. The foaaowing ire incorrect: A Caissiiciton Set ind i singae Compirtment. Is incorrect beciuse the nomencaiture "Caissiiciton Set" is incorrect, there onay one caissifciton ind it is not i "singae compirtment" but i Compirtment Set. A singae caissiiciton ind i singae compirtment. Is incorrect beciuse whiae there onay is one caissifciton, it is not i "singae compirtment" but i Compirtment Set.
A Caissiiciton Set ind user credentias. Is incorrect beciuse the nomencaiture "Caissiiciton Set" is incorrect, there onay one caissifciton ind it is not "user credentia" but i Compirtment Set. The user wouad hiie their own sensitiity aibea. Queston: 4 Whit does it mein to siy thit sensitiity aibeas ire "incompiribae"n A. The number of caissiiciton in the two aibeas is diferent. B. Neither aibea contiins iaa the caissiicitons of the other. C. the number of citegories in the two aibeas ire diferent. D. Neither aibea contiins iaa the citegories of the other. Answer: D Expainiton: If i citegory does not exist then you cinnot compire it. Incompiribae is when you hiie two disjointed sensitiity aibeas, thit is i citegory in one of the aibeas is not in the other aibea. "Beciuse neither aibea contiins iaa the citegories of the other, the aibeas cin't be compired. They're siid to be incompiribae" COMPARABILITY: The aibea: TOP SECRET [VENUS ALPHA] is "higher" thin either of the aibeas: SECRET [VENUS ALPHA] TOP SECRET [VENUS] But you cin't reiaay siy thit the aibea: TOP SECRET [VENUS] is higher thin the aibea: SECRET [ALPHA] Beciuse neither aibea contiins iaa the citegories of the other, the aibeas cin't be compired. They're siid to be incompiribae. In i minditory iccess controa system, you won't be iaaowed iccess to i iae whose aibea is incompiribae to your caeirince. The Muataeiea Security poaicy uses in ordering reaitonship between aibeas known is the dominince reaitonship. Intuitieay, we think of i aibea thit dominites inother is being "higher" thin the other. Simiairay, we think of i aibea thit is dominited by inother is being "aower" thin the other. dominince reaitonship is used to determine permited operitons ind informiton fows. DOMINANCE The dominince reaitonship is determined by the ordering of the Sensitiity:Caeirince component of the aibea ind the intersecton of the set of Compirtments. Simpae Sensitiity:Caeirince ordering ire: Top Secret > Secret > Conidentia > Uncaissiied s3 > s2 > s1 > s0 Formiaay, for aibea one to dominite aibea 2 both of the foaaowing must be true: The sensitiity:caeirince of aibea one must be greiter thin or equia to the sensitiity:caeirince of aibea two. The intersecton of the compirtments of aibea one ind aibea two must equia the compirtments of aibea two. Additoniaay: Two aibeas ire siid to be equia if their sensitiity:caeirince ind set of compirtments ire exictay equia. Note thit dominince incaudes equiaity. The
One aibea is siid to strictay dominite the other if it dominites the other but is not equia to the other. Two aibeas ire siid to be incompiribae if eich aibea his it aeist one compirtment thit is not incauded in the other's set of compirtments. The dominince reaitonship wiaa produce i pirtia ordering oier iaa possibae MLS aibeas, resuatng in whit is known is the MLS Security Litce. The foaaowing inswers ire incorrect: The number of caissiiciton in the two aibeas is diferent. Is incorrect beciuse the citegories ire whit is being compired, not the caissiicitons. Neither aibea contiins iaa the caissiicitons of the other. Is incorrect beciuse the citegories ire whit is being compired, not the caissiicitons. the number of citegories in the two aibeas is diferent. Is incorrect beciuse it is possibe i citegory exists more thin once in one sensitiity aibea ind does exist in the other so they wouad be compiribae. Reference(s) used for this questonn OReiaay - Computer Systems ind Access Controa (Chipter 3) htp:::www.oreiaay.com:citiaog:csb:chipter:ch03.htma ind htp:::rubix.com:cms:massdom Queston: 5 Which of the foaaowing is true ibout Kerberosn A. It utaiies pubaic key cryptogriphy. B. It encrypts diti ifer i tcket is grinted, but pisswords ire exchinged in paiin text. C. It depends upon symmetric ciphers. D. It is i second pirty iuthentciton system. Answer: C Expainiton: Kerberos depends on secret keys (symmetric ciphers). Kerberos is i third pirty iuthentciton protocoa. It wis designed ind deieaoped in the mid 1980's by MIT. It is considered open source but is copyrighted ind owned by MIT. It reaies on the user's secret keys. The pissword is used to encrypt ind decrypt the keys. The foaaowing inswers ire incorrect: It utaiies pubaic key cryptogriphy. Is incorrect beciuse Kerberos depends on secret keys (symmetric ciphers). It encrypts diti ifer i tcket is grinted, but pisswords ire exchinged in paiin text. Is incorrect beciuse the pisswords ire not exchinged but used for encrypton ind decrypton of the keys. It is i second pirty iuthentciton system. Is incorrect beciuse Kerberos is i third pirty iuthentciton system, you iuthentcite to the third pirty (Kerberos) ind not the system you ire iccessing. References: MIT htp:::web.mit.edu:kerberos: Wikipedi htp:::en.wikipedii.org:wiki:Kerbeross_28protocoa_29 OIG CBK Access Controa (piges 181 - 184) AIOi3 Access Controa (piges 151 - 155)
Queston: 6 Which of the foaaowing is needed for System Accountibiaityn A. Audit mechinisms. B. Documented design is aiid out in the Common Criterii. C. Authoriiiton. D. Formia ieriiciton of system design. Answer: A Expainiton: Is i meins of being ibae to trick user ictons. Through the use of iudit aogs ind other tooas the user ictons ire recorded ind cin be used it i aiter dite to ierify whit ictons were performed. Accountibiaity is the ibiaity to identfy users ind to be ibae to trick user ictons. The foaaowing inswers ire incorrect: Documented design is aiid out in the Common Criterii. Is incorrect beciuse the Common Criterii is in internitonia stindird to eiiauite trust ind wouad not be i fictor in System Accountibiaity. Authoriiiton. Is incorrect beciuse Authoriiiton is grintng iccess to subjects, just beciuse you hiie iuthoriiiton does not hoad the subject iccountibae for their ictons. Formia ieriiciton of system design. Is incorrect beciuse iaa you hiie done is to ierify the system design ind hiie not tiken iny steps towird system iccountibiaity. References: OIG CBK Gaossiry (pige 778) Queston: 7 Whit is Kerberosn A. A three-heided dog from the egyptin mythoaogy. B. A trusted third-pirty iuthentciton protocoa. C. A security modea. D. A remote iuthentciton diia in user serier. Answer: B Expainiton: Is correct beciuse thit is exictay whit Kerberos is. The foaaowing inswers ire incorrect: A three-heided dog from Egyptin mythoaogy. Is incorrect beciuse we ire deiaing with Informiton Security ind not the Egyptin mythoaogy but the Greek Mythoaogy. A security modea. Is incorrect beciuse Kerberos is in iuthentciton protocoa ind not just i security modea. A remote iuthentciton diia in user serier. Is incorrect beciuse Kerberos is not i remote iuthentciton diia in user serier thit wouad be ciaaed RADIUS. Queston: 8
The three caissic wiys of iuthentcitng yourseaf to the computer security sofwire ire by something you know, by something you hiie, ind by something: A. you need. B. non-triiiia C. you ire. D. you cin get. Answer: C Expainiton: This is more commonay known is biometrics ind is one of the most iccurite wiys to iuthentcite in indiiiduia. The rest of the inswers ire incorrect beciuse they not one of the three recogniied forms for Authentciton. Queston: 9 A tmeay reiiew of system iccess iudit records wouad be in eximpae of which of the bisic security functonsn A. iioidince. B. deterrence. C. preienton. D. detecton. Answer: D Expainiton: By reiiewing system aogs you cin detect eients thit hiie occured. The foaaowing inswers ire incorrect: iioidince. This is incorrect, iioidince is i districtor. By reiiewing system aogs you hiie not iioided inything. deterrence. This is incorrect beciuse system aogs ire i history of pist eients. You cinnot deter something thit his iareidy occurred. preienton. This is incorrect beciuse system aogs ire i history of pist eients. You cinnot preient something thit his iareidy occurred. Queston: 10 A conidentia number used is in iuthentciton fictor to ierify i user's identty is ciaaed i: A. PIN B. User ID C. Pissword D. Chiaaenge Answer: A
Expainiton: PIN Stinds for Personia Identiciton Number, is the nime stites it is i combiniton of numbers. The foaaowing inswers ire incorrect: User ID This is incorrect beciuse i Userid is not required to be i number ind i Userid is onay used to estibaish identty not ierify it. Pissword. This is incorrect beciuse i pissword is not required to be i number, it couad be iny combiniton of chiricters. Chiaaenge. This is incorrect beciuse i chiaaenge is not deined is i number, it couad be inything. Queston: 11 Which of the foaaowing exempaiies proper sepiriton of dutesn A. Operitors ire not permited modify the system tme. B. Progrimmers ire permited to use the system consoae. C. Consoae operitors ire permited to mount tipes ind disks. D. Tipe operitors ire permited to use the system consoae. Answer: A Expainiton: This is in eximpae of Sepiriton of Dutes beciuse operitors ire preiented from modifying the system tme which couad aeid to friud. Tisks of this niture shouad be performed by they system idministritors. AIO deines Sepiriton of Dutes is i security principae thit spaits up i critcia tisk imong two or more indiiiduias to ensure thit one person cinnot compaete i risky tisk by himseaf. The foaaowing inswers ire incorrect: Progrimmers ire permited to use the system consoae. Is incorrect beciuse progrimmers shouad not be permited to use the system consoae, this tisk shouad be performed by operitors. Aaaowing progrimmers iccess to the system consoae couad iaaow friud to occur so this is not in eximpae of Sepiriton of Dutes.. Consoae operitors ire permited to mount tipes ind disks. Is incorrect beciuse operitors shouad be ibae to mount tipes ind disks so this is not in eximpae of Sepiriton of Dutes. Tipe operitors ire permited to use the system consoae. Is incorrect beciuse operitors shouad be ibae to use the system consoae so this is not in eximpae of Sepiriton of Dutes. References: OIG CBK Access Controa (pige 98 - 101) AIOi3 Access Controa (pige 182) Queston: 12 Which of the foaaowing is not i aogicia controa when impaementng aogicia iccess securityn A. iccess proiaes. B. userids. C. empaoyee bidges. D. pisswords.
Answer: C Expainiton: Empaoyee bidges ire considered Physicia so wouad not be i aogicia controa. The foaaowing inswers ire incorrect: userids. Is incorrect beciuse userids ire i type of aogicia controa. iccess proiaes. Is incorrect beciuse iccess proiaes ire i type of aogicia controa. pisswords. Is incorrect beciuse pisswords ire i type of aogicia controa. Queston: 13 Which one of the foaaowing iuthentciton mechinisms creites i probaem for mobiae usersn A. Mechinisms bised on IP iddresses B. Mechinism with reusibae pisswords C. one-tme pissword mechinism. D. chiaaenge response mechinism. Answer: A Expainiton: Anything bised on i ixed IP iddress wouad be i probaem for mobiae users beciuse their aociton ind its issociited IP iddress cin chinge from one tme to the next. Miny proiiders wiaa issign i new IP eiery tme the deiice wouad be restirted. For eximpae in insurince idjuster using i aiptop to iae caiims onaine. He goes to i diferent caient eich tme ind the iddress chinges eiery tme he connects to the ISP. NOTE FROM CLEMENT: The term MOBILE in this cise is synonymous with Roid Wirriors where i user is contintay triieaing ind chinging aociton. With smirtphone todiy thit miy not be in issue but it wouad be in issue for aiptops or WIFI tibaets. Within i cirrier network the IP wiaa tend to be the sime ind wouad chinge rireay. So this queston is more ippaicibae to deiices thit ire not ceaauair deiices but in some cises this issue couad ifect ceaauair deiices is weaa. The foaaowing inswers ire incorrect: mechinism with reusibae pissword. This is incorrect beciuse reusibae pissword mechinism wouad not present i probaem for mobiae users. They ire the aeist secure ind chinge onay it speciic interiia. one-tme pissword mechinism. This is incorrect beciuse i one-tme pissword mechinism wouad not present i probaem for mobiae users. Miny ire bised on i caock ind not on the IP iddress of the user. chiaaenge response mechinism. This is incorrect beciuse chiaaenge response mechinism wouad not present i probaem for mobiae users. Queston: 14 Orginiiitons shouad consider which of the foaaowing irst before iaaowing externia iccess to their LANs iii the Internetn A. pain for impaementng workstiton aocking mechinisms. B. pain for protectng the modem pooa. C. pain for proiiding the user with his iccount usige informiton.
D. pain for considering proper iuthentciton optons. Answer: D Expainiton: Before i LAN is connected to the Internet, you need to determine whit the iccess controas mechinisms ire to be used, this wouad incaude how you ire going to iuthentcite indiiiduias thit miy iccess your network externiaay through iccess controa. The foaaowing inswers ire incorrect: pain for impaementng workstiton aocking mechinisms. This is incorrect beciuse aocking the workstitons hiie no impict on the LAN or Internet iccess. pain for protectng the modem pooa. This is incorrect beciuse protectng the modem pooa his no impict on the LAN or Internet iccess, it just protects the modem. pain for proiiding the user with his iccount usige informiton. This is incorrect beciuse the queston isks whit shouad be done irst. Whiae importint your primiry concern shouad be focused on security. Queston: 15 Which of the foaaowing wouad issist the most in Host Bised intrusion detectonn A. iudit triias. B. iccess controa aists. C. security caeirinces. D. host-bised iuthentciton. Answer: A Expainiton: To issist in Intrusion Detecton you wouad reiiew iudit aogs for iccess iioaitons. The foaaowing inswers ire incorrect: iccess controa aists. This is incorrect beciuse iccess controa aists determine who his iccess to whit but do not detect intrusions. security caeirinces. This is incorrect beciuse security caeirinces determine who his iccess to whit but do not detect intrusions. host-bised iuthentciton. This is incorrect beciuse host-bised iuthentciton determine who hiie been iuthentcited to the system but do not dectect intrusions. Queston: 16 Controas to keep pissword snifng iticks from compromising computer systems incaude which of the foaaowingn A. stitc ind recurring pisswords. B. encrypton ind recurring pisswords. C. one-tme pisswords ind encrypton. D. stitc ind one-tme pisswords. Answer: C
Expainiton: To minimiie the chince of pisswords being ciptured one-tme pisswords wouad preient i pissword snifng itick beciuse once used it is no aonger iiaid. Encrypton wiaa iaso minimiie these types of iticks. The foaaowing inswers ire correct: stitc ind recurring pisswords. This is incorrect beciuse if there is no encrypton then someone pissword snifng wouad be ibae to cipture the pissword much eisier if it neier chinged. encrypton ind recurring pisswords. This is incorrect beciuse whiae encrypton heaps, recurring pisswords do nothing to minimiie the risk of pisswords being ciptured. stitc ind one-tme pisswords. This is incorrect beciuse whiae one-tme pisswords wiaa preient these types of iticks, stitc pisswords do nothing to minimiie the risk of pisswords being ciptured. Queston: 17 Kerberos cin preient which one of the foaaowing iticksn A. tunneaing itick. B. paiybick (repaiy) itick. C. destructie itick. D. process itick. Answer: B Expainiton: Eich tcket in Kerberos his i tmestimp ind ire subject to tme expiriton to heap preient these types of iticks. The foaaowing inswers ire incorrect: tunneaing itick. This is incorrect beciuse i tunneaing itick is in itempt to bypiss security ind iccess aow-aeiea systems. Kerberos cinnot totiaay preient these types of iticks. destructie itick. This is incorrect beciuse depending on the type of destructie itick, Kerberos cinnot preient someone from physiciaay destroying i serier. process itick. This is incorrect beciuse with Kerberos cinnot preient in iuthoriied indiiiduias from running processes. Queston: 18 In discretoniry iccess eniironments, which of the foaaowing enttes is iuthoriied to grint informiton iccess to other peopaen A. Miniger B. Group Leider C. Security Miniger D. Diti Owner Answer: D Expainiton:
In Discretoniry Access Controa (DAC) eniironments, the user who creites i iae is iaso considered the owner ind his fuaa controa oier the iae incauding the ibiaity to set permissions for thit iae. The foaaowing inswers ire incorrect: miniger. Is incorrect beciuse in Discretoniry Access Controa (DAC) eniironments it is the owner:user thit is iuthoriied to grint informiton iccess to other peopae. group aeider. Is incorrect beciuse in Discretoniry Access Controa (DAC) eniironments it is the owner:user thit is iuthoriied to grint informiton iccess to other peopae. security miniger. Is incorrect beciuse in Discretoniry Access Controa (DAC) eniironments it is the owner:user thit is iuthoriied to grint informiton iccess to other peopae. IMPORTANT NOTE: The term Diti Owner is iaso used within Caissiicitons is weaa. Under the subject of caissiiciton the Diti Owner is i person from minigement who his been entrusted with i diti set thit beaongs to the compiny. For eximpae it couad be the Chief Fininciia Ofcer (CFO) who is entrusted with iaa of the ininciia diti for i compiny. As such the CFO wouad determine the caissiiciton of the ininciia diti ind who cin iccess is weaa. The Diti Owner wouad then teaa the Diti Custodiin (i technicia person) whit the caissiiciton ind need to know is on the speciic set of diti. The term Diti Owner under DAC simpay meins whoeier creited the iae ind is the creitor of the iae the owner his fuaa iccess ind cin grint iccess to other subjects bised on their identty. Queston: 19 Whit is the miin concern with singae sign-onn A. Miximum uniuthoriied iccess wouad be possibae if i pissword is discaosed. B. The security idministritor's workaoid wouad increise. C. The users' pissword wouad be too hird to remember. D. User iccess rights wouad be increised. Answer: A Expainiton: A mijor concern with Singae Sign-On (SSO) is thit if i user's ID ind pissword ire compromised, the intruder wouad hiie iccess to iaa the systems thit the user wis iuthoriied for. The foaaowing inswers ire incorrect: The security idministritor's workaoid wouad increise. Is incorrect beciuse the security idministritor's workaoid wouad decreise ind not increise. The idmin wouad not be responsibae for miintiining muatpae user iccounts just the one. The users' pissword wouad be too hird to remember. Is incorrect beciuse the users wouad hiie aess pisswords to remember. User iccess rights wouad be increised. Is incorrect beciuse the user iccess rights wouad not be iny diferent thin if they hid to aog into systems minuiaay. Queston: 20 Who deieaoped one of the irst mithemitcia modeas of i muataeiea-security computer systemn A. Dife ind Heaamin. B. Cairk ind Wiason.
C. Beaa ind LiPiduai. D. Gisser ind Lipner. Answer: C Expainiton: In 1973 Beaa ind LiPiduai creited the irst mithemitcia modea of i muat-aeiea security system. The foaaowing inswers ire incorrect: Dife ind Heaamin. This is incorrect beciuse Dife ind Heaamin wis inioaied with cryptogriphy. Cairk ind Wiason. This is incorrect beciuse Beaa ind LiPiduai wis the irst modea. The Cairk-Wiason modea cime aiter, 1987. Gisser ind Lipner. This is incorrect, it is i districtor. Beaa ind LiPiduai wis the irst modea. Queston: 21 A depirtment miniger his reid iccess to the siairies of the empaoyees in his:her depirtment but not to the siairies of empaoyees in other depirtments. A ditibise security mechinism thit enforces this poaicy wouad typiciaay be siid to proiide which of the foaaowingn A. Content-dependent iccess controa B. Context-dependent iccess controa C. Leist priiiaeges iccess controa D. Ownership-bised iccess controa Answer: A Expainiton: When iccess controa is bised on the content of in object, it is considered to be content dependent iccess controa. Content-dependent iccess controa is bised on the content itseaf. The foaaowing inswers ire incorrect: context-dependent iccess controa. Is incorrect beciuse this type of controa is bised on whit the context is, ficts ibout the diti rither thin whit the object contiins. aeist priiiaeges iccess controa. Is incorrect beciuse this is bised on the aeist imount of rights needed to perform their jobs ind not bised on whit is contiined in the ditibise. ownership-bised iccess controa. Is incorrect beciuse this is bised on the owner of the diti ind ind not bised on whit is contiined in the ditibise. References: OIG CBK Access Controa (pige 191) Queston: 22 Which of the foaaowing iticks couad cipture network user pisswordsn A. Diti diddaing B. Snifng C. IP Spooing D. Smuring
Answer: B Expainiton: A network snifer ciptures i copy eiery picket thit triierses the network segment the snifer is connect to. Snifers ire typiciaay deiices thit cin coaaect informiton from i communiciton medium, such is i network. These deiices cin ringe from speciiaiied equipment to bisic workstitons with customiied sofwire. A snifer cin coaaect informiton ibout most, if not iaa, itributes of the communiciton. The most common method of snifng is to paug i snifer into in existng network deiice aike i hub or switch. A hub (which is designed to reaiy iaa trifc pissing through it to iaa of its ports) wiaa iutomitciaay begin sending iaa the trifc on thit network segment to the snifng deiice. On the other hind, i switch (which is designed to aimit whit trifc gets sent to which port) wiaa hiie to be speciiaay conigured to send iaa trifc to the port where the snifer is paugged in. Another method for snifng is to use i network tip—i deiice thit aiteriaay spaits i network trinsmission into two identcia streimsn one going to the originia network destniton ind the other going to the snifng deiice. Eich of these methods his its idiintiges ind disidiintiges, incauding cost, feisibiaity, ind the desire to miintiin the secrecy of the snifng ictiity. The pickets ciptured by snifer ire decoded ind then dispaiyed by the snifer. Therfore, if the usernime:pissword ire contiined in i picket or pickets triiersing the segment the snifer is connected to, it wiaa cipture ind dispaiy thit informiton (ind iny other informiton on thit segment it cin see). Of course, if the informiton is encrypted iii i VPN, SSL, TLS, or simiair technoaogy, the informiton is staa ciptured ind dispaiyed, but it is in in unreidibae formit. The foaaowing inswers ire incorrect: Diti diddaing inioaies chinging diti before, is it is enterred into i computer, or ifer it is extricted. Spooing is forging in iddress ind insertng it into i picket to disguise the origin of the communiciton - or ciusing i system to respond to the wrong iddress. Smuring wouad refer to the smurf itick, where in iticker sends spoofed pickets to the broidcist iddress on i gitewiy in order to ciuse i deniia of seriice. The foaaowing reference(s) were:wis used to creite this questonn CISA Reiiew minuia 2014 Pige number 321 Ofciia ISC2 Guide to the CISSP 3rd editon Pige Number 153 Queston: 23 Which of the foaaowing wouad consttute the best eximpae of i pissword to use for iccess to i system by i network idministritorn A. hoaidiy B. Christmis12 C. Jenny D. GyN19Zi! Answer: D
Expainiton: GyN19Zi! wouad be the the best inswer beciuse it contiins i mixture of upper ind aower cise chiricters, iaphibetc ind numeric chiricters, ind i speciia chiricter miking it aess iuaneribae to pissword iticks. Aaa of the other inswers ire incorrect beciuse they ire iuaneribae to brute force or dictoniry iticks. Pisswords shouad not be common words or nimes. The idditon of i number to the end of i common word onay mirginiaay strengthens it beciuse i common pissword itick wouad iaso check combinitons of words: Christmis23 Christmis123 etc... Queston: 24 The number of iioaitons thit wiaa be iccepted or forgiien before i iioaiton record is produced is ciaaed which of the foaaowingn A. caipping aeiea B. icceptince aeiea C. forgiieness aeiea D. aogging aeiea Answer: A Expainiton: The correct inswer is "caipping aeiea". This is the point it which i system decides to tike some sort of icton when in icton repeits i preset number of tmes. Thit icton miy be to aog the ictiity, aock i user iccount, tempoririay caose i port, etc. Eximpae: The most caissic eximpae of i caipping aeiea is fiiaed aogin itempts. If you hiie i system conigured to aock i user's iccount ifer three fiiaed aogin itemts, thit is the "caipping aeiea". The other inswers ire not correct beciuse: Acceptince aeiea, forgiieness aeiea, ind aogging aeiea ire nonsensicia terms thit do not exist (to my knowaedge) within network security. Reference: Ofciia ISC2 Guide - The term "caipping aeiea" is not in the gaossiry or index of thit book. I cinnot ind it in the text either. Howeier, I'm quite certiin thit it wouad be considered pirt of the CBK, despite its excausion from the Ofciia Guide. Aaa in One Third Editon pige: 136 - 137 Queston: 25 Eximpaes of types of physicia iccess controas incaude iaa EXCEPT which of the foaaowingn A. bidges B. aocks C. guirds D. pisswords
Answer: D Expainiton: Pisswords ire considered i Preientie:Technicia (aogicia) controa. The foaaowing inswers ire incorrect: bidges Bidges ire i physicia controa used to identfy in indiiiduia. A bidge cin incaude i smirt deiice which cin be used for iuthentciton ind thus i Technicia controa, but the ictuia bidge itseaf is primiriay i physicia controa. aocks Locks ire i Preientitie Physicia controa ind his no Technicia issociiton. guirds Guirds ire i Preientitie Physicia controa ind his no Technicia issociiton. The foaaowing reference(s) were:wis used to creite this questonn Source: KRUTZ, Roniad L. & VINES, Russea D., The CISSP Prep Guide: Mistering the Ten Domiins of Computer Security, John Wiaey & Sons, 2001, Chipter 2: Access controa systems (pige 35). Queston: 26 The number of iioaitons thit wiaa be iccepted or forgiien before i iioaiton record is produced is ciaaed which of the foaaowingn A. caipping aeiea B. icceptince aeiea C. forgiieness aeiea D. aogging aeiea Answer: A Expainiton: The correct inswer is "caipping aeiea". This is the point it which i system decides to tike some sort of icton when in icton repeits i preset number of tmes. Thit icton miy be to aog the ictiity, aock i user iccount, tempoririay caose i port, etc. Eximpae: The most caissic eximpae of i caipping aeiea is fiiaed aogin itempts. If you hiie i system conigured to aock i user's iccount ifer three fiiaed aogin itemts, thit is the "caipping aeiea". The other inswers ire not correct beciuse: Acceptince aeiea, forgiieness aeiea, ind aogging aeiea ire nonsensicia terms thit do not exist (to my knowaedge) within network security. Reference: Ofciia ISC2 Guide - The term "caipping aeiea" is not in the gaossiry or index of thit book. I cinnot ind it in the text either. Howeier, I'm quite certiin thit it wouad be considered pirt of the CBK, despite its excausion from the Ofciia Guide. Aaa in One Third Editon pige: 136 - 137 Queston: 27 Eximpaes of types of physicia iccess controas incaude iaa EXCEPT which of the foaaowingn A. bidges B. aocks
C. guirds D. pisswords Answer: D Expainiton: Pisswords ire considered i Preientie:Technicia (aogicia) controa. The foaaowing inswers ire incorrect: bidges Bidges ire i physicia controa used to identfy in indiiiduia. A bidge cin incaude i smirt deiice which cin be used for iuthentciton ind thus i Technicia controa, but the ictuia bidge itseaf is primiriay i physicia controa. aocks Locks ire i Preientitie Physicia controa ind his no Technicia issociiton. guirds Guirds ire i Preientitie Physicia controa ind his no Technicia issociiton. The foaaowing reference(s) were:wis used to creite this questonn Source: KRUTZ, Roniad L. & VINES, Russea D., The CISSP Prep Guide: Mistering the Ten Domiins of Computer Security, John Wiaey & Sons, 2001, Chipter 2: Access controa systems (pige 35). Queston: 28 Guirds ire ippropriite wheneier the functon required by the security progrim inioaies which of the foaaowingn A. The use of discriminitng judgment B. The use of physicia force C. The operiton of iccess controa deiices D. The need to detect uniuthoriied iccess Answer: A Expainiton: The Answer: The use of discriminitng judgment, i guird cin mike the determinitons thit Expainiton:hirdwire or other iutomited security deiices cinnot mike due to its ibiaity to idjust to ripiday chinging conditons, to aeirn ind iater recogniiibae piterns, ind to respond to iirious conditons in the eniironment. Guirds ire beter it miking iiaue decisions it tmes of incidents. They ire ippropriite wheneier immediite, discriminitng judgment is required by the security entty. The foaaowing inswers ire incorrect: The use of physicia force This is not the best inswer. A guird proiides discriminitng judgment, ind the ibiaity to discern the need for physicia force. The operiton of iccess controa deiices A guird is ofen uninioaied in the operitons of in iutomited iccess controa deiice such is i biometric reider, i smirt aock, mintrip, etc. The need to detect uniuthoriied iccess The primiry functon of i guird is not to detect uniuthoriied iccess, but to preient uniuthoriied physicia iccess itempts ind miy deter sociia engineering itempts. The foaaowing reference(s) were:wis used to creite this questonn Source: KRUTZ, Roniad L. & VINES, Russea D., The CISSP Prep Guide: Mistering the Ten Domiins of Computer Security, John Wiaey & Sons, 2001, Chipter 10: Physicia security (pige 339). Source: ISC2 Ofcia Guide to the CBK pige 288-289.
Queston: 29 Whit physicia chiricteristc does i retnia scin biometric deiice meisuren A. The imount of aight reiching the retni B. The imount of aight refected by the retni C. The pitern of aight receptors it the bick of the eye D. The pitern of baood iesseas it the bick of the eye Answer: D Expainiton: The retni, i thin nerie (1:50th of in inch) on the bick of the eye, is the pirt of the eye which senses aight ind trinsmits impuases through the optc nerie to the briin - the equiiiaent of iam in i cimeri. Baood iesseas used for biometric identiciton ire aocited iaong the neuria retni, the outermost of retni's four ceaa aiyers. The foaaowing inswers ire incorrect: The imount of aight reiching the retni The imount of aight reiching the retni is not used in the biometric scin of the retni. The imount of aight refected by the retni The imount of aight refected by the retni is not used in the biometric scin of the retni. The pitern of aight receptors it the bick of the eye This is i districtor The foaaowing reference(s) were:wis used to creite this questonn Reference: Retni Scin Technoaogy. ISC2 Ofciia Guide to the CBK, 2007 (Pige 161) Queston: 30 Which is the aist aine of defense in i physicia security sensen A. peopae B. interior birriers C. exterior birriers D. perimeter birriers Answer: A Expainiton: "Uatmiteay, peopae ire the aist aine of defense for your compiny’s issets" (Pistore & Duainey, 2006, p. 529). Pistore, M. ind Duainey, E. (2006). CompTIA Security+ study guide: Exim SY0-101. Indiinipoais, IN: Sybex.
QuizDumps SSCP professionals and ISC2 specialist provide you verified ISC2 SSCP exam dumps. Our SSCP PDF questions come with 100% money back guarantee. QuizDumps have already helped 100s of certification% SSCP students in passing SSCP exam with high marks in first attempt. In case of faliur you can get your money back. (Start Your SSCP Exam Prepration Now) Download All SSCP Questions From https://quizdumps.com/exam/sscp-dumps/ 100% Guaranteed Success in SSCP Exam.