SSCP

What is the most critical characteristic of a biometric identifying system?A .  Perceived intrusivenessB .  Storage requirementsC .  AccuracyD .  ScalabilityView AnswerAnswer: C Explanation: Accuracy is the most critical characteristic of a biometric identifying verification system. Accuracy is measured in terms of false rejection rate (FRR, or type I errors) and...

Which access model is most appropriate for companies with a high employee turnover?A .  Role-based access controlB .  Mandatory access controlC .  Lattice-based access controlD .  Discretionary access controlView AnswerAnswer: A Explanation: The underlying problem for a company with a lot of turnover is assuring that new employees are assigned...

During which phase of an IT system life cycle are security requirements developed?A .  OperationB .  InitiationC .  Functional design analysis and PlanningD .  ImplementationView AnswerAnswer: C Explanation: The software development life cycle (SDLC) (sometimes referred to as the System Development Life Cycle) is the process of creating or altering...

RADIUS incorporates which of the following services?A .  Authentication server and PIN codes.B .  Authentication of clients and static passwords generation.C .  Authentication of clients and dynamic passwords generation.D .  Authentication server as well as support for Static and Dynamic passwords.View AnswerAnswer: D Explanation: A Network Access Server (NAS) operates as...

What does the (star) integrity axiom mean in the Biba model?A .  No read upB .  No write downC .  No read downD .  No write upView AnswerAnswer: D Explanation: The (star) integrity axiom of the Biba access control model states that an object at one level of integrity is...

Who first described the DoD multilevel military security policy in abstract, formal terms?A .  David Bell and Leonard LaPadulaB .  Rivest, Shamir and AdlemanC .  Whitfield Diffie and Martin HellmanD .  David Clark and David WilsonView AnswerAnswer: A Explanation: It was David Bell and Leonard LaPadula who, in 1973, first...

Which one of the following authentication mechanisms creates a problem for mobile users?A .  Mechanisms based on IP addressesB .  Mechanism with reusable passwordsC .  one-time password mechanism.D .  challenge response mechanism.View AnswerAnswer: A Explanation: Anything based on a fixed IP address would be a problem for mobile users because...

What does "System Integrity" mean?A .  The software of the system has been implemented as designed.B .  Users can't tamper with processes they do not own.C .  Hardware and firmware have undergone periodic testing to verify that they are functioning properly.D .  Design specifications have been verified against the formal...

Controls like guards and general steps to maintain building security, securing of server rooms or laptops, the protection of cables, and usage of magnetic switches on doors and windows are some of the examples of:A .  Administrative controlsB .  Logical controlsC .  Technical controlsD .  Physical controlsView AnswerAnswer: D Explanation:...

What prevents a process from accessing another process' data?A .  Memory segmentationB .  Process isolationC .  The reference monitorD .  Data hidingView AnswerAnswer: B Explanation: Process isolation is where each process has its own distinct address space for its application code and data. In this way, it is possible to...