Black Friday Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

ISC SSCP Exam Made Easy: Step-by-Step Preparation Guide

Questions 241

The fact that a network-based IDS reviews packets payload and headers enable which of the following?

Options:

A.

Detection of denial of service

B.

Detection of all viruses

C.

Detection of data corruption

D.

Detection of all password guessing attacks

Buy Now
Questions 242

In what way can violation clipping levels assist in violation tracking and analysis?

Options:

A.

Clipping levels set a baseline for acceptable normal user errors, and violations exceeding that threshold will be recorded for analysis of why the violations occurred.

B.

Clipping levels enable a security administrator to customize the audit trail to record only those violations which are deemed to be security relevant.

C.

Clipping levels enable the security administrator to customize the audit trail to record only actions for users with access to user accounts with a privileged status.

D.

Clipping levels enable a security administrator to view all reductions in security levels which have been made to user accounts which have incurred violations.

Buy Now
Questions 243

Attributes that characterize an attack are stored for reference using which of the following Intrusion Detection System (IDS) ?

Options:

A.

signature-based IDS

B.

statistical anomaly-based IDS

C.

event-based IDS

D.

inferent-based IDS

Buy Now
Questions 244

Which of the following would assist the most in Host Based intrusion detection?

Options:

A.

audit trails.

B.

access control lists.

C.

security clearances

D.

host-based authentication

Buy Now
Questions 245

Which of the following usually provides reliable, real-time information without consuming network or host resources?

Options:

A.

network-based IDS

B.

host-based IDS

C.

application-based IDS

D.

firewall-based IDS

Buy Now
Questions 246

What IDS approach relies on a database of known attacks?

Options:

A.

Signature-based intrusion detection

B.

Statistical anomaly-based intrusion detection

C.

Behavior-based intrusion detection

D.

Network-based intrusion detection

Buy Now
Questions 247

Which of the following is the BEST way to detect software license violations?

Options:

A.

Implementing a corporate policy on copyright infringements and software use.

B.

Requiring that all PCs be diskless workstations.

C.

Installing metering software on the LAN so applications can be accessed through the metered software.

D.

Regularly scanning PCs in use to ensure that unauthorized copies of software have not been loaded on the PC.

Buy Now
Questions 248

Which conceptual approach to intrusion detection system is the most common?

Options:

A.

Behavior-based intrusion detection

B.

Knowledge-based intrusion detection

C.

Statistical anomaly-based intrusion detection

D.

Host-based intrusion detection

Buy Now
Questions 249

A host-based IDS is resident on which of the following?

Options:

A.

On each of the critical hosts

B.

decentralized hosts

C.

central hosts

D.

bastion hosts

Buy Now
Questions 250

Due care is not related to:

Options:

A.

Good faith

B.

Prudent man

C.

Profit

D.

Best interest

Buy Now
Questions 251

Which of the following is a disadvantage of a statistical anomaly-based intrusion detection system?

Options:

A.

it may truly detect a non-attack event that had caused a momentary anomaly in the system.

B.

it may falsely detect a non-attack event that had caused a momentary anomaly in the system.

C.

it may correctly detect a non-attack event that had caused a momentary anomaly in the system.

D.

it may loosely detect a non-attack event that had caused a momentary anomaly in the system.

Buy Now
Questions 252

What would be considered the biggest drawback of Host-based Intrusion Detection systems (HIDS)?

Options:

A.

It can be very invasive to the host operating system

B.

Monitors all processes and activities on the host system only

C.

Virtually eliminates limits associated with encryption

D.

They have an increased level of visibility and control compared to NIDS

Buy Now
Questions 253

Network-based Intrusion Detection systems:

Options:

A.

Commonly reside on a discrete network segment and monitor the traffic on that network segment.

B.

Commonly will not reside on a discrete network segment and monitor the traffic on that network segment.

C.

Commonly reside on a discrete network segment and does not monitor the traffic on that network segment.

D.

Commonly reside on a host and and monitor the traffic on that specific host.

Buy Now
Questions 254

Who can best decide what are the adequate technical security controls in a computer-based application system in regards to the protection of the data being used, the criticality of the data, and it's sensitivity level ?

Options:

A.

System Auditor

B.

Data or Information Owner

C.

System Manager

D.

Data or Information user

Buy Now
Questions 255

Which of the following is needed for System Accountability?

Options:

A.

Audit mechanisms.

B.

Documented design as laid out in the Common Criteria.

C.

Authorization.

D.

Formal verification of system design.

Buy Now
Questions 256

Which of the following is NOT a characteristic of a host-based intrusion detection system?

Options:

A.

A HIDS does not consume large amounts of system resources

B.

A HIDS can analyse system logs, processes and resources

C.

A HIDS looks for unauthorized changes to the system

D.

A HIDS can notify system administrators when unusual events are identified

Buy Now
Questions 257

Attributable data should be:

Options:

A.

always traced to individuals responsible for observing and recording the data

B.

sometimes traced to individuals responsible for observing and recording the data

C.

never traced to individuals responsible for observing and recording the data

D.

often traced to individuals responsible for observing and recording the data

Buy Now
Questions 258

The session layer provides a logical persistent connection between peer hosts. Which of the following is one of the modes used in the session layer to establish this connection?

Options:

A.

Full duplex

B.

Synchronous

C.

Asynchronous

D.

Half simplex

Buy Now
Questions 259

A timely review of system access audit records would be an example of which of the basic security functions?

Options:

A.

avoidance

B.

deterrence

C.

prevention

D.

detection

Buy Now
Questions 260

In order to enable users to perform tasks and duties without having to go through extra steps it is important that the security controls and mechanisms that are in place have a degree of?

Options:

A.

Complexity

B.

Non-transparency

C.

Transparency

D.

Simplicity

Buy Now