SSCP PREP EXAM QUESTIONS AND
ANSWER | VERIFIED | FULLY SOLVED||
LATEST UPDATE
Access Control Object -CORRECTANSWER A passive entity that typically receives or
contains some form of data.
Access Control Subject -CORRECTANSWER An active entity and can be any user,
program, or process that requests permission to cause data to flow from an access
control object to the access control subject or between access control objects.
Asynchronous Password Token -CORRECTANSWER A one-time password is
generated without the use of a clock, either from a one-time pad or cryptographic
algorithm.
Authorization -CORRECTANSWER Determines whether a user is permitted to access a
particular resource.
Connected Tokens -CORRECTANSWER Must be physically connected to the computer
to which the user is authenticating.
Contactless Tokens -CORRECTANSWER Form a logical connection to the client
computer but do not require a physical connection.
,Disconnected Tokens -CORRECTANSWER Have neither a physical nor logical
connection to the client computer.
Entitlement -CORRECTANSWER A set of rules, defined by the resource owner, for
managing access to a resource (asset, service, or entity) and for what purpose.
Identity Management -CORRECTANSWER The task of controlling information about
users on computers.
Proof of Identity -CORRECTANSWER Verify people's identities before the enterprise
issues them accounts and credentials.
Kerberos -CORRECTANSWER A popular network authentication protocol for indirect
(third-party) authentication services.
Lightweight Directory Access Protocol (LDAP) -CORRECTANSWER A client/server-
based directory query protocol loosely based on X.500, commonly used to manage user
information. LDAP is a front end and not used to manage or synchronize data per se as
opposed to DNS.
, Single Sign-On (SSO) -CORRECTANSWER Designed to provide strong authentication
using secret-key cryptography, allowing a single identity to be shared across multiple
applications.
Static Password Token -CORRECTANSWER The device contains a password that is
physically hidden (not visible to the possessor) but that is transmitted for each
authentication.
Synchronous Dynamic Password Token -CORRECTANSWER A timer is used to rotate
through various combinations produced by a cryptographic algorithm.
Trust Path -CORRECTANSWER A series of trust relationships that authentication
requests must follow between domains
Availability -CORRECTANSWER Refers to the ability to access and use information
systems when and as needed to support an organization's operations.
Breach -CORRECTANSWER The intentional or unintentional release of secure
information to an untrusted environment.
CMDB -CORRECTANSWER A configuration management database (CMDB) is a
repository that contains a collection of IT assets that are referred to as configuration
items.
ANSWER | VERIFIED | FULLY SOLVED||
LATEST UPDATE
Access Control Object -CORRECTANSWER A passive entity that typically receives or
contains some form of data.
Access Control Subject -CORRECTANSWER An active entity and can be any user,
program, or process that requests permission to cause data to flow from an access
control object to the access control subject or between access control objects.
Asynchronous Password Token -CORRECTANSWER A one-time password is
generated without the use of a clock, either from a one-time pad or cryptographic
algorithm.
Authorization -CORRECTANSWER Determines whether a user is permitted to access a
particular resource.
Connected Tokens -CORRECTANSWER Must be physically connected to the computer
to which the user is authenticating.
Contactless Tokens -CORRECTANSWER Form a logical connection to the client
computer but do not require a physical connection.
,Disconnected Tokens -CORRECTANSWER Have neither a physical nor logical
connection to the client computer.
Entitlement -CORRECTANSWER A set of rules, defined by the resource owner, for
managing access to a resource (asset, service, or entity) and for what purpose.
Identity Management -CORRECTANSWER The task of controlling information about
users on computers.
Proof of Identity -CORRECTANSWER Verify people's identities before the enterprise
issues them accounts and credentials.
Kerberos -CORRECTANSWER A popular network authentication protocol for indirect
(third-party) authentication services.
Lightweight Directory Access Protocol (LDAP) -CORRECTANSWER A client/server-
based directory query protocol loosely based on X.500, commonly used to manage user
information. LDAP is a front end and not used to manage or synchronize data per se as
opposed to DNS.
, Single Sign-On (SSO) -CORRECTANSWER Designed to provide strong authentication
using secret-key cryptography, allowing a single identity to be shared across multiple
applications.
Static Password Token -CORRECTANSWER The device contains a password that is
physically hidden (not visible to the possessor) but that is transmitted for each
authentication.
Synchronous Dynamic Password Token -CORRECTANSWER A timer is used to rotate
through various combinations produced by a cryptographic algorithm.
Trust Path -CORRECTANSWER A series of trust relationships that authentication
requests must follow between domains
Availability -CORRECTANSWER Refers to the ability to access and use information
systems when and as needed to support an organization's operations.
Breach -CORRECTANSWER The intentional or unintentional release of secure
information to an untrusted environment.
CMDB -CORRECTANSWER A configuration management database (CMDB) is a
repository that contains a collection of IT assets that are referred to as configuration
items.
