SSCP

Which of the following is BEST defined as a physical control?A .  Monitoring of system activityB .  FencingC .  Identification and authentication methodsD .  Logical access control mechanismsView AnswerAnswer: B Explanation: Physical controls are items put into place to protect facility, personnel, and resources. Examples of physical controls are security...

Which of the following would be best suited to oversee the development of an information security policy?A .  System AdministratorsB .  End UserC .  Security OfficersD .  Security administratorsView AnswerAnswer: C Explanation: The security officer would be the best person to oversea the development of such policies. Security officers and...

Which of the following are additional access control objectives?A .  Consistency and utilityB .  Reliability and utilityC .  Usefulness and utilityD .  Convenience and utilityView AnswerAnswer: B Explanation: Availability assures that a system's authorized users have timely and uninterrupted access to the information in the system. The additional access control...

Which of the following would be the MOST serious risk where a systems development life cycle methodology is inadequate?A .  The project will be completed late.B .  The project will exceed the cost estimates.C .  The project will be incompatible with existing systems.D .  The project will fail to meet...

Which of the following logical access exposures INVOLVES CHANGING data before, or as it is entered into the computer?A .  Data diddlingB .  Salami techniquesC .  Trojan horsesD .  VirusesView AnswerAnswer: A Explanation: It involves changing data before , or as it is entered into the computer or in other...

Which of the following is NOT a basic component of security architecture?A .  MotherboardB .  Central Processing Unit (CPUC .  Storage DevicesD .  Peripherals (input/output devices)View AnswerAnswer: A Explanation: The CPU, storage devices and peripherals each have specialized roles in the security archecture. The CPU, or microprocessor, is the brains...

Which of the following biometric parameters are better suited for authentication use over a long period of time?A .  Iris patternB .  Voice patternC .  Signature dynamicsD .  Retina patternView AnswerAnswer: A Explanation: The iris pattern is considered lifelong. Unique features of the iris are: freckles, rings, rifts, pits, striations,...

Which of the following centralized access control mechanisms is the least appropriate for mobile workers accessing the corporate network over analog lines?A .  TACACSB .  Call-backC .  CHAPD .  RADIUSView AnswerAnswer: B Explanation: Call-back allows for a distant user connecting into a system to be called back at a number...

Which of the following access control models requires security clearance for subjects?A .  Identity-based access controlB .  Role-based access controlC .  Discretionary access controlD .  Mandatory access controlView AnswerAnswer: D Explanation: With mandatory access control (MAC), the authorization of a subject's access to an object is dependant upon labels, which...

What is called a password that is the same for each log-on session?A .  "one-time password"B .  "two-time password"C .  static passwordD .  dynamic passwordView AnswerAnswer: C Explanation: Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley...