SSCP

Which of the following is not a preventive login control?A .  Last login messageB .  Password agingC .  Minimum password lengthD .  Account expirationView AnswerAnswer: A Explanation: The last login message displays the last login date and time, allowing a user to discover if their account was used by someone...

Which authentication technique best protects against hijacking?A .  Static authenticationB .  Continuous authenticationC .  Robust authenticationD .  Strong authenticationView AnswerAnswer: B Explanation: A continuous authentication provides protection against impostors who can see, alter, and insert information passed between the claimant and verifier even after the claimant/verifier authentication is complete. This...

Logical or technical controls involve the restriction of access to systems and the protection of information. Which of the following statements pertaining to these types of controls is correct?A .  Examples of these types of controls include policies and procedures, security awareness training, background checks, work habit checks but do...

What physical characteristic does a retinal scan biometric device measure?A .  The amount of light reaching the retinaB .  The amount of light reflected by the retinaC .  The pattern of light receptors at the back of the eyeD .  The pattern of blood vessels at the back of the...

Which of the following choices describe a condition when RAM and Secondary storage are used together?A .  Primary storageB .  Secondary storageC .  Virtual storageD .  Real storageView AnswerAnswer: C Explanation: Virtual storage a service provided by the operating system where it uses a combination of RAM and disk storage...

Guards are appropriate whenever the function required by the security program involves which of the following?A .  The use of discriminating judgmentB .  The use of physical forceC .  The operation of access control devicesD .  The need to detect unauthorized accessView AnswerAnswer: A Explanation: The Answer The use of...

Which of the following is most concerned with personnel security?A .  Management controlsB .  Operational controlsC .  Technical controlsD .  Human resources controlsView AnswerAnswer: B Explanation: Many important issues in computer security involve human users, designers, implementers, and managers. A broad range of security issues relates to how these individuals interact...

Examples of types of physical access controls include all EXCEPT which of the following?A .  badgesB .  locksC .  guardsD .  passwordsView AnswerAnswer: D Explanation: Passwords are considered a Preventive/Technical (logical) control. The following answers are incorrect: badges Badges are a physical control used to identify an individual. A badge can...

Which of the following determines that the product developed meets the projects goals?A .  verificationB .  validationC .  concurrenceD .  accuracyView AnswerAnswer: B Explanation: Software Development Verification vs. Validation: Verification determines if the product accurately represents and meets the design specifications given to the developers. A product can be developed that...

Which TCSEC class specifies discretionary protection?A .  B2B .  B1C .  C2D .  C1View AnswerAnswer: D Explanation: C1 involves discretionary protection, C2 involves controlled access protection, B1 involves labeled security protection and B2 involves structured protection. Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.