Black Friday Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

ISC SSCP Exam Made Easy: Step-by-Step Preparation Guide

Questions 201

The deliberate planting of apparent flaws in a system for the purpose of detecting attempted penetrations or confusing an intruder about which flaws to exploit is called:

Options:

A.

alteration

B.

investigation

C.

entrapment

D.

enticement.

Buy Now
Questions 202

A copy of evidence or oral description of its contents; which is not as reliable as best evidence is what type of evidence?

Options:

A.

Direct evidence

B.

Circumstantial evidence

C.

Hearsay evidence

D.

Secondary evidence

Buy Now
Questions 203

Which of the following is the most important consideration in locating an alternate computing facility during the development of a disaster recovery plan?

Options:

A.

It is unlikely to be affected by the same disaster.

B.

It is close enough to become operational quickly.

C.

It is close enough to serve its users.

D.

It is convenient to airports and hotels.

Buy Now
Questions 204

In the course of responding to and handling an incident, you work on determining the root cause of the incident. In which step are you in?

Options:

A.

Recovery

B.

Containment

C.

Triage

D.

Analysis and tracking

Buy Now
Questions 205

Which of the following statements do not apply to a hot site?

Options:

A.

It is expensive.

B.

There are cases of common overselling of processing capabilities by the service provider.

C.

It provides a false sense of security.

D.

It is accessible on a first come first serve basis. In case of large disaster it might not be accessible.

Buy Now
Questions 206

Valuable paper insurance coverage does not cover damage to which of the following?

Options:

A.

Inscribed, printed and Written documents

B.

Manuscripts

C.

Records

D.

Money and Securities

Buy Now
Questions 207

An Intrusion Detection System (IDS) is what type of control?

Options:

A.

A preventive control.

B.

A detective control.

C.

A recovery control.

D.

A directive control.

Buy Now
Questions 208

Which of the following could be BEST defined as the likelihood of a threat agent taking advantage of a vulnerability?

Options:

A.

A risk

B.

A residual risk

C.

An exposure

D.

A countermeasure

Buy Now
Questions 209

Which of the following enables the person responsible for contingency planning to focus risk management efforts and resources in a prioritized manner only on the identified risks?

Options:

A.

Risk assessment

B.

Residual risks

C.

Security controls

D.

Business units

Buy Now
Questions 210

What assesses potential loss that could be caused by a disaster?

Options:

A.

The Business Assessment (BA)

B.

The Business Impact Analysis (BIA)

C.

The Risk Assessment (RA)

D.

The Business Continuity Plan (BCP)

Buy Now
Questions 211

Computer security should be first and foremost which of the following:

Options:

A.

Cover all identified risks

B.

Be cost-effective.

C.

Be examined in both monetary and non-monetary terms.

D.

Be proportionate to the value of IT systems.

Buy Now
Questions 212

Which of the following backup methods is primarily run when time and tape space permits, and is used for the system archive or baselined tape sets?

Options:

A.

full backup method.

B.

incremental backup method.

C.

differential backup method.

D.

tape backup method.

Buy Now
Questions 213

In order to be able to successfully prosecute an intruder:

Options:

A.

A point of contact should be designated to be responsible for communicating with law enforcement and other external agencies.

B.

A proper chain of custody of evidence has to be preserved.

C.

Collection of evidence has to be done following predefined procedures.

D.

Whenever possible, analyze a replica of the compromised resource, not the original, thereby avoiding inadvertently tamping with evidence.

Buy Now
Questions 214

Which of the following categories of hackers poses the greatest threat?

Options:

A.

Disgruntled employees

B.

Student hackers

C.

Criminal hackers

D.

Corporate spies

Buy Now
Questions 215

When preparing a business continuity plan, who of the following is responsible for identifying and prioritizing time-critical systems?

Options:

A.

Executive management staff

B.

Senior business unit management

C.

BCP committee

D.

Functional business units

Buy Now
Questions 216

Which of the following statements pertaining to disk mirroring is incorrect?

Options:

A.

Mirroring offers better performance in read operations but writing hinders system performance.

B.

Mirroring is a hardware-based solution only.

C.

Mirroring offers a higher fault tolerance than parity.

D.

Mirroring is usually the less cost-effective solution.

Buy Now
Questions 217

The first step in the implementation of the contingency plan is to perform:

Options:

A.

A firmware backup

B.

A data backup

C.

An operating systems software backup

D.

An application software backup

Buy Now
Questions 218

Which type of attack would a competitive intelligence attack best classify as?

Options:

A.

Business attack

B.

Intelligence attack

C.

Financial attack

D.

Grudge attack

Buy Now
Questions 219

When referring to a computer crime investigation, which of the following would be the MOST important step required in order to preserve and maintain a proper chain of custody of evidence:

Options:

A.

Evidence has to be collected in accordance with all laws and all legal regulations.

B.

Law enforcement officials should be contacted for advice on how and when to collect critical information.

C.

Verifiable documentation indicating the who, what, when, where, and how the evidence was handled should be available.

D.

Log files containing information regarding an intrusion are retained for at least as long as normal business records, and longer in the case of an ongoing investigation.

Buy Now
Questions 220

Which disaster recovery plan test involves functional representatives meeting to review the plan in detail?

Options:

A.

Simulation test

B.

Checklist test

C.

Parallel test

D.

Structured walk-through test

Buy Now