Systems Security Certified
Practitioner (SSCP) - Exam Prep
Latest Update 2026 GRADED A+
Access Control Object - correct answerA passive entity that typically receives or
contains some form of data.
Access Control Subject - correct answerAn active entity and can be any user, program,
or process that requests permission to cause data to flow from an access control object
to the access control subject or between access control objects.
Asynchronous Password Token - correct answerA one-time password is generated
without the use of a clock, either from a one-time pad or cryptographic algorithm.
Authorization - correct answerDetermines whether a user is permitted to access a
particular resource.
Connected Tokens - correct answerMust be physically connected to the computer to
which the user is authenticating.
Contactless Tokens - correct answerForm a logical connection to the client computer
but do not require a physical connection.
Disconnected Tokens - correct answerHave neither a physical nor logical connection to
the client computer.
Entitlement - correct answerA set of rules, defined by the resource owner, for managing
access to a resource (asset, service, or entity) and for what purpose.
Identity Management - correct answerThe task of controlling information about users on
computers.
Proof of Identity - correct answerVerify people's identities before the enterprise issues
them accounts and credentials.
Kerberos - correct answerA popular network authentication protocol for indirect (third-
party) authentication services.
Lightweight Directory Access Protocol (LDAP) - correct answerA client/server-based
directory query protocol loosely based on X.500, commonly used to manage user
, information. LDAP is a front end and not used to manage or synchronize data per se as
opposed to DNS.
Single Sign-On (SSO) - correct answerDesigned to provide strong authentication using
secret-key cryptography, allowing a single identity to be shared across multiple
applications.
Static Password Token - correct answerThe device contains a password that is
physically hidden (not visible to the possessor) but that is transmitted for each
authentication.
Synchronous Dynamic Password Token - correct answerA timer is used to rotate
through various combinations produced by a cryptographic algorithm.
Trust Path - correct answerA series of trust relationships that authentication requests
must follow between domains
Availability - correct answerRefers to the ability to access and use information systems
when and as needed to support an organization's operations.
Breach - correct answerThe intentional or unintentional release of secure information to
an untrusted environment.
CMDB - correct answerA configuration management database (CMDB) is a repository
that contains a collection of IT assets that are referred to as configuration items.
Compensating Controls - correct answerIntroduced when the existing capabilities of a
system do not support the requirements of a policy.
Confidentiality - correct answerRefers to the property of information in which it is only
made available to those who have a legitimate need to know.
Configuration Management (CM) - correct answerA discipline that seeks to manage
configuration changes so that they are appropriately approved and documented, so that
the integrity of the security state is maintained, and so that disruptions to performance
and availability are minimized.
Corrective Control - correct answerThese controls remedy the circumstances that
enabled unwarranted activity, and/ or return conditions to where they were prior to the
unwanted activity.
COTS - correct answerA Federal Acquistion Regulation (FAR) term for commercial off-
the-shelf (COTS) items, that can be purchased n the commercial marketplace and used
under government contract.
Practitioner (SSCP) - Exam Prep
Latest Update 2026 GRADED A+
Access Control Object - correct answerA passive entity that typically receives or
contains some form of data.
Access Control Subject - correct answerAn active entity and can be any user, program,
or process that requests permission to cause data to flow from an access control object
to the access control subject or between access control objects.
Asynchronous Password Token - correct answerA one-time password is generated
without the use of a clock, either from a one-time pad or cryptographic algorithm.
Authorization - correct answerDetermines whether a user is permitted to access a
particular resource.
Connected Tokens - correct answerMust be physically connected to the computer to
which the user is authenticating.
Contactless Tokens - correct answerForm a logical connection to the client computer
but do not require a physical connection.
Disconnected Tokens - correct answerHave neither a physical nor logical connection to
the client computer.
Entitlement - correct answerA set of rules, defined by the resource owner, for managing
access to a resource (asset, service, or entity) and for what purpose.
Identity Management - correct answerThe task of controlling information about users on
computers.
Proof of Identity - correct answerVerify people's identities before the enterprise issues
them accounts and credentials.
Kerberos - correct answerA popular network authentication protocol for indirect (third-
party) authentication services.
Lightweight Directory Access Protocol (LDAP) - correct answerA client/server-based
directory query protocol loosely based on X.500, commonly used to manage user
, information. LDAP is a front end and not used to manage or synchronize data per se as
opposed to DNS.
Single Sign-On (SSO) - correct answerDesigned to provide strong authentication using
secret-key cryptography, allowing a single identity to be shared across multiple
applications.
Static Password Token - correct answerThe device contains a password that is
physically hidden (not visible to the possessor) but that is transmitted for each
authentication.
Synchronous Dynamic Password Token - correct answerA timer is used to rotate
through various combinations produced by a cryptographic algorithm.
Trust Path - correct answerA series of trust relationships that authentication requests
must follow between domains
Availability - correct answerRefers to the ability to access and use information systems
when and as needed to support an organization's operations.
Breach - correct answerThe intentional or unintentional release of secure information to
an untrusted environment.
CMDB - correct answerA configuration management database (CMDB) is a repository
that contains a collection of IT assets that are referred to as configuration items.
Compensating Controls - correct answerIntroduced when the existing capabilities of a
system do not support the requirements of a policy.
Confidentiality - correct answerRefers to the property of information in which it is only
made available to those who have a legitimate need to know.
Configuration Management (CM) - correct answerA discipline that seeks to manage
configuration changes so that they are appropriately approved and documented, so that
the integrity of the security state is maintained, and so that disruptions to performance
and availability are minimized.
Corrective Control - correct answerThese controls remedy the circumstances that
enabled unwarranted activity, and/ or return conditions to where they were prior to the
unwanted activity.
COTS - correct answerA Federal Acquistion Regulation (FAR) term for commercial off-
the-shelf (COTS) items, that can be purchased n the commercial marketplace and used
under government contract.
