WGU SSCP PRACTICE TEST B EXAM 125 QUESTIONS
WITH VERIFIED ANSWERS 2025/2026
An enforcement statement - CORRECT ANSWER Which of the following should be
included in every policy that states possible penalties or restrictions for
individuals?
VoIP - CORRECT ANSWER Which converged network communications concept
includes support for real-time chat, video conferencing, voice and video mail, and
file exchange?
Mesh - CORRECT ANSWER What type of network deployment is the most fault
tolerant?
Privilege creep - CORRECT ANSWER What is the result of an access control
management process that adds new capabilities to users as their job tasks change
over time, but does not perform a regular reassessment of the assigned
authorization?
An association of nonrelated third-party organizations that share information
based upon a single sign-on - CORRECT ANSWER Which choice best describes a
federation?
Key space - CORRECT ANSWER What is the term used for the range of values that
can be used to control the symmetric encryption function while converting
plaintext into ciphertext?
,Preserve evidence integrity. - CORRECT ANSWER What is a primary goal of a
forensic investigator while collecting evidence?
Need to know - CORRECT ANSWER How is granular control of objects and
resources implemented within a mandatory access control environment?
Role-based Access Control - CORRECT ANSWER Which of the following types of
access control is preferred for its ease of administration when there are a large
number of personnel with the same job in an organization?
By checking for compliance each time a system attempts to access the production
network - CORRECT ANSWER How does a network access control (NAC) system
ensure that only systems with current configurations and the most recently
approved updates are allowed to access the production network?
Phishing - CORRECT ANSWER Which attack attempts to steal information from
victims by tricking them into visiting false or fake Web sites using a spoofed email
communication that seems to originate from a legitimate source?
Hash the message, and then encrypt the digest with the private key. - CORRECT
ANSWER When crafting a digital signature, what are the initial steps in the process
performed by the sender?
Biometrics - CORRECT ANSWER Which means of authentication is NOT supported
by IPSec?
, Real-time backup - CORRECT ANSWER When an organization is unable to lose
more than a few hours of data without experiencing severe consequences, what
means or method of backup is most appropriate?
Hierarchical trust - CORRECT ANSWER Which trust architecture or model is based
on the concept of an individual top level entity that all other entities trust and
with entities organized in levels or layers below the top level?
It should require the retaliation against repeat attackers. - CORRECT ANSWER
Which of the following statements is not true of an organizations incident
response policy?
Risk register - CORRECT ANSWER When an organization has a properly
implemented enterprise risk management (ERM), what is the tool used to list and
categorize each discovered or encountered risk?
Brute force guess the key - CORRECT ANSWER What is the only viable method a
determined attacker can attempt to compromise an encrypted file, assuming a
publicly available cryptography standard was used?
X.509 v3 - CORRECT ANSWER What is the certificate standard used by PKI?
Create user groups based on assigned company department or job responsibility. -
CORRECT ANSWER How is account provisioning commonly accomplished?
WITH VERIFIED ANSWERS 2025/2026
An enforcement statement - CORRECT ANSWER Which of the following should be
included in every policy that states possible penalties or restrictions for
individuals?
VoIP - CORRECT ANSWER Which converged network communications concept
includes support for real-time chat, video conferencing, voice and video mail, and
file exchange?
Mesh - CORRECT ANSWER What type of network deployment is the most fault
tolerant?
Privilege creep - CORRECT ANSWER What is the result of an access control
management process that adds new capabilities to users as their job tasks change
over time, but does not perform a regular reassessment of the assigned
authorization?
An association of nonrelated third-party organizations that share information
based upon a single sign-on - CORRECT ANSWER Which choice best describes a
federation?
Key space - CORRECT ANSWER What is the term used for the range of values that
can be used to control the symmetric encryption function while converting
plaintext into ciphertext?
,Preserve evidence integrity. - CORRECT ANSWER What is a primary goal of a
forensic investigator while collecting evidence?
Need to know - CORRECT ANSWER How is granular control of objects and
resources implemented within a mandatory access control environment?
Role-based Access Control - CORRECT ANSWER Which of the following types of
access control is preferred for its ease of administration when there are a large
number of personnel with the same job in an organization?
By checking for compliance each time a system attempts to access the production
network - CORRECT ANSWER How does a network access control (NAC) system
ensure that only systems with current configurations and the most recently
approved updates are allowed to access the production network?
Phishing - CORRECT ANSWER Which attack attempts to steal information from
victims by tricking them into visiting false or fake Web sites using a spoofed email
communication that seems to originate from a legitimate source?
Hash the message, and then encrypt the digest with the private key. - CORRECT
ANSWER When crafting a digital signature, what are the initial steps in the process
performed by the sender?
Biometrics - CORRECT ANSWER Which means of authentication is NOT supported
by IPSec?
, Real-time backup - CORRECT ANSWER When an organization is unable to lose
more than a few hours of data without experiencing severe consequences, what
means or method of backup is most appropriate?
Hierarchical trust - CORRECT ANSWER Which trust architecture or model is based
on the concept of an individual top level entity that all other entities trust and
with entities organized in levels or layers below the top level?
It should require the retaliation against repeat attackers. - CORRECT ANSWER
Which of the following statements is not true of an organizations incident
response policy?
Risk register - CORRECT ANSWER When an organization has a properly
implemented enterprise risk management (ERM), what is the tool used to list and
categorize each discovered or encountered risk?
Brute force guess the key - CORRECT ANSWER What is the only viable method a
determined attacker can attempt to compromise an encrypted file, assuming a
publicly available cryptography standard was used?
X.509 v3 - CORRECT ANSWER What is the certificate standard used by PKI?
Create user groups based on assigned company department or job responsibility. -
CORRECT ANSWER How is account provisioning commonly accomplished?
