Weekend Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

Free ISC SSCP Practice Exam with Questions & Answers | Set: 7

Questions 121

What is the maximum allowable key size of the Rijndael encryption algorithm?

Options:
A.

128 bits

B.

192 bits

C.

256 bits

D.

512 bits

ISC SSCP Premium Access
Questions 122

Which of the following statements pertaining to message digests is incorrect?

Options:
A.

The original file cannot be created from the message digest.

B.

Two different files should not have the same message digest.

C.

The message digest should be calculated using at least 128 bytes of the file.

D.

Messages digests are usually of fixed size.

Questions 123

What is called the formal acceptance of the adequacy of a system's overall security by the management?

Options:
A.

Certification

B.

Acceptance

C.

Accreditation

D.

Evaluation

Questions 124

The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system is referred to as?

Options:
A.

Confidentiality

B.

Availability

C.

Integrity

D.

Reliability

Questions 125

Related to information security, the prevention of the intentional or unintentional unauthorized disclosure of contents is which of the following?

Options:
A.

Confidentiality

B.

Integrity

C.

Availability

D.

capability

Questions 126

Making sure that the data has not been changed unintentionally, due to an accident or malice is:

Options:
A.

Integrity.

B.

Confidentiality.

C.

Availability.

D.

Auditability.

Questions 127

Which of the following is a CHARACTERISTIC of a decision support system (DSS) in regards to Threats and Risks Analysis?

Options:
A.

DSS is aimed at solving highly structured problems.

B.

DSS emphasizes flexibility in the decision making approach of users.

C.

DSS supports only structured decision-making tasks.

D.

DSS combines the use of models with non-traditional data access and retrieval functions.

Questions 128

Which of the following security modes of operation involves the highest risk?

Options:
A.

Compartmented Security Mode

B.

Multilevel Security Mode

C.

System-High Security Mode

D.

Dedicated Security Mode

Questions 129

Which of the following is considered the weakest link in a security system?

Options:
A.

People

B.

Software

C.

Communications

D.

Hardware

Questions 130

Within the context of the CBK, which of the following provides a MINIMUM level of security ACCEPTABLE for an environment ?

Options:
A.

A baseline

B.

A standard

C.

A procedure

D.

A guideline

Questions 131

Related to information security, integrity is the opposite of which of the following?

Options:
A.

abstraction

B.

alteration

C.

accreditation

D.

application

Questions 132

Who is ultimately responsible for the security of computer based information systems within an organization?

Options:
A.

The tech support team

B.

The Operation Team.

C.

The management team.

D.

The training team.

Questions 133

What can be defined as: It confirms that users’ needs have been met by the supplied solution ?

Options:
A.

Accreditation

B.

Certification

C.

Assurance

D.

Acceptance

Questions 134

Which of the following security controls might force an operator into collusion with personnel assigned organizationally within a different function in order to gain access to unauthorized data?

Options:
A.

Limiting the local access of operations personnel

B.

Job rotation of operations personnel

C.

Management monitoring of audit logs

D.

Enforcing regular password changes

Questions 135

Why does compiled code pose more of a security risk than interpreted code?

Options:
A.

Because malicious code can be embedded in compiled code and be difficult to detect.

B.

If the executed compiled code fails, there is a chance it will fail insecurely.

C.

Because compilers are not reliable.

D.

There is no risk difference between interpreted code and compiled code.

Questions 136

When submitting a passphrase for authentication, the passphrase is converted into ...

Options:
A.

a virtual password by the system

B.

a new passphrase by the system

C.

a new passphrase by the encryption technology

D.

a real password by the system which can be used forever

Questions 137

In non-discretionary access control using Role Based Access Control (RBAC), a central authority determines what subjects can have access to certain objects based on the organizational security policy. The access controls may be based on:

Options:
A.

The societies role in the organization

B.

The individual's role in the organization

C.

The group-dynamics as they relate to the individual's role in the organization

D.

The group-dynamics as they relate to the master-slave role in the organization

Questions 138

How would nonrepudiation be best classified as?

Options:
A.

A preventive control

B.

A logical control

C.

A corrective control

D.

A compensating control

Questions 139

What protocol is used on the Local Area Network (LAN) to obtain an IP address from it's known MAC address?

Options:
A.

Reverse address resolution protocol (RARP)

B.

Address resolution protocol (ARP)

C.

Data link layer

D.

Network address translation (NAT)

Questions 140

Which of the following elements of telecommunications is not used in assuring confidentiality?

Options:
A.

Network security protocols

B.

Network authentication services

C.

Data encryption services

D.

Passwords