Get 2023 Free ISC SSCP Exam Practice Materials Collection [Q459-Q482] : Free Exams Dumps Materials : http://exams.dumpsmaterials.com

This page was exported from Free Exams Dumps Materials [ http://exams.dumpsmaterials.com ]
Export date: Thu Nov 21 14:44:44 2024 / +0000 GMT

Get 2023 Free ISC SSCP Exam Practice Materials Collection [Q459-Q482]

Get 2023 Free ISC SSCP Exam Practice Materials Collection

Get Latest and 100% Accurate SSCP Exam Questions

NO.459 Which of the following control pairings include: organizational policies and procedures, pre-employment background checks, strict hiring practices, employment agreements, employee termination procedures, vacation scheduling, labeling of sensitive materials, increased supervision, security awareness training, behavior awareness, and sign-up procedures to obtain access to information systems and networks?

Preventive/Administrative Pairing

Preventive/Technical Pairing

Preventive/Physical Pairing

Detective/Administrative Pairing

NO.460 Which of the following is the core of fiber optic cables made of?

PVC

Glass fibers

Kevlar

Teflon

NO.461 Which of the following is the core of fiber optic cables made of?

PVC

Glass fibers

Kevlar

Teflon

NO.462 Which of the following can best be defined as a key distribution protocol that uses hybrid encryption to convey session keys. This protocol establishes a long-term key once, and then requires no prior communication in order to establish or exchange keys on a session-by-session basis?

Internet Security Association and Key Management Protocol (ISAKMP)

Simple Key-management for Internet Protocols (SKIP)

Diffie-Hellman Key Distribution Protocol

IPsec Key exchange (IKE)

NO.463 What does “residual risk” mean?

The security risk that remains after controls have been implemented

Weakness of an assets which can be exploited by a threat

Risk that remains after risk assessment has has been performed

A security risk intrinsic to an asset being audited, where no mitigation has taken place.

NO.464 The IDEA algorithm (used in PGP) is _______ bits long.

158

128

168

NO.465 This type of backup management provides a continuous on-line backup by using optical or tape “jukeboxes,” similar to WORMs (Write Once, Read Many):

Hierarchical Storage Management (HSM).

Hierarchical Resource Management (HRM).

Hierarchical Access Management (HAM).

Hierarchical Instance Management (HIM).

NO.466 Because all the secret keys are held and authentication is performed on the Kerberos TGS and the authentication servers, these servers are vulnerable to:

neither physical attacks nor attacks from malicious code.

physical attacks only

both physical attacks and attacks from malicious code.

physical attacks but not attacks from malicious code.

NO.467 Which of following is not a service provided by AAA servers (Radius, TACACS and DIAMETER)?

Authentication

Administration

Accounting

Authorization

NO.468 Which security model is based on the military classification of data and people with clearances?

Brewer-Nash model

Clark-Wilson model

Bell-LaPadula model

Biba model

NO.469 The end result of implementing the principle of least privilege means which of the following?

Users would get access to only the info for which they have a need to know

Users can access all systems.

Users get new privileges added when they change positions.

Authorization creep.

NO.470 What size is an MD5 message digest (hash)?

128 bits

160 bits

256 bits

128 bytes

NO.471 There are parallels between the trust models in Kerberos and Public Key Infrastructure (PKI). When we compare them side by side, Kerberos tickets correspond most closely to which of the following?

public keys

private keys

public-key certificates

private-key certificates

NO.472 Which of the following statements pertaining to link encryption is false?

It encrypts all the data along a specific communication path.

It provides protection against packet sniffers and eavesdroppers.

Information stays encrypted from one end of its journey to the other.

User information, header, trailers, addresses and routing data that are part of the packets are encrypted.

NO.473 How are memory cards and smart cards different?

Memory cards normally hold more memory than smart cards

Smart cards provide a two-factor authentication whereas memory cards don’t

Memory cards have no processing power

Only smart cards can be used for ATM cards

Explanation/Reference:
The main difference between memory cards and smart cards is their capacity to process information. A memory card holds information but cannot process information. A smart card holds information and has the necessary hardware and software to actually process that information.
A memory card holds a user’s authentication information, so that this user needs only type in a user ID or PIN and presents the memory card to the system. If the entered information and the stored information match and are approved by an authentication service, the user is successfully authenticated.
A common example of a memory card is a swipe card used to provide entry to a building. The user enters a PIN and swipes the memory card through a card reader. If this is the correct combination, the reader flashes green and the individual can open the door and enter the building.
Memory cards can also be used with computers, but they require a reader to process the information. The reader adds cost to the process, especially when one is needed for every computer. Additionally, the overhead of PIN and card generation adds additional overhead and complexity to the whole authentication process. However, a memory card provides a more secure authentication method than using only a password because the attacker would need to obtain the card and know the correct PIN.
Administrators and management need to weigh the costs and benefits of a memory card implementation as well as the security needs of the organization to determine if it is the right authentication mechanism for their environment.
One of the most prevalent weaknesses of memory cards is that data stored on the card are not protected.
Unencrypted data on the card (or stored on the magnetic strip) can be extracted or copied. Unlike a smart card, where security controls and logic are embedded in the integrated circuit, memory cards do not employ an inherent mechanism to protect the data from exposure.
Very little trust can be associated with confidentiality and integrity of information on the memory cards.
The following answers are incorrect:
“Smart cards provide two-factor authentication whereas memory cards don’t” is incorrect. This is not necessarily true. A memory card can be combined with a pin or password to offer two factors authentication where something you have and something you know are used for factors.
“Memory cards normally hold more memory than smart cards” is incorrect. While a memory card may or may not have more memory than a smart card, this is certainly not the best answer to the question.
“Only smart cards can be used for ATM cards” is incorrect. This depends on the decisions made by the particular institution and is not the best answer to the question.
Reference(s) used for this question:
Shon Harris, CISSP All In One, 6th edition , Access Control, Page 199 and also for people using the Kindle edition of the book you can look at Locations 4647-4650.
Schneiter, Andrew (2013-04-15). Official (ISC)2 Guide to the CISSP CBK, Third Edition : Access Control ((ISC)2 Press) (Kindle Locations 2124-2139). Auerbach Publications. Kindle Edition.

NO.474 An intrusion detection system is an example of what type of countermeasure?

Preventative

Corrective

Subjective

Detective

Postulative

NO.475 There are parallels between the trust models in Kerberos and Public Key Infrastructure (PKI). When we compare them side by side, Kerberos tickets correspond most closely to which of the following?

public keys

private keys

public-key certificates

private-key certificates

NO.476 Which of the following is a tool often used to reduce the risk to a local area network (LAN) that has external connections by filtering Ingress and Egress traffic?

a firewall.

dial-up.

passwords.

fiber optics.

NO.477 Which of the following is NOT an example of an operational control?

backup and recovery

Auditing

contingency planning

operations procedures

NO.478 Which of the following is an IP address that is private (i.e. reserved for internal networks, and not a valid address to use on the Internet)?

10.0.42.5

11.0.42.5

12.0.42.5

13.0.42.5

NO.479 Which of the following statements pertaining to VPN protocol standards is false?

L2TP is a combination of PPTP and L2F.

L2TP and PPTP were designed for single point-to-point client to server communication.

L2TP operates at the network layer.

PPTP uses native PPP authentication and encryption services.

NO.480 Controls provide accountability for individuals who are accessing sensitive information. This accountability is accomplished:

through access control mechanisms that require identification and authentication and through the audit function.

through logical or technical controls involving the restriction of access to systems and the protection of information.

through logical or technical controls but not involving the restriction of access to systems and the protection of information.

through access control mechanisms that do not require identification and authentication and do not operate through the audit function.

NO.481 In the process of gathering evidence from a computer attack, a system administrator took a series of actions which are listed below. Can you identify which one of these actions has compromised the whole evidence collection process?

Using a write blocker

Made a full-disk image

Created a message digest for log files

Displayed the contents of a folder

NO.482 Which of the following is the BEST way to detect software license violations?

Implementing a corporate policy on copyright infringements and software use.

Requiring that all PCs be diskless workstations.

Installing metering software on the LAN so applications can be accessed through the metered software.

Regularly scanning PCs in use to ensure that unauthorized copies of software have not been loaded on the PC.

Maximum Grades By Making ready With SSCP Dumps: https://www.dumpsmaterials.com/SSCP-real-torrent.html

Post date: 2023-10-14 16:16:32
Post date GMT: 2023-10-14 16:16:32
Post modified date: 2023-10-14 16:16:32
Post modified date GMT: 2023-10-14 16:16:32