WGU C845 SSCP EXAM QUESTIONS
WITH CORRECT SOLUTIONS||100%
GUARANTEED PASS||UPDATED
2026/2027 SYLLABUS||RECENT
VERSION>>
What type of firewall has two protected zones behind it?
A. A single-tier firewall
B. A two-tier firewall
C. A three-tier firewall
D. A four-tier firewall - ANSWER ✓ B. A two-tier firewall
A remote access tool that copies what is displayed on a desktop PC to a
remote computer is an example of what type of technology?
A. Remote Node operation
B. Screen scraping
C. Remote control
D. RDP - ANSWER ✓ B. Screen scrapers copy the actual screen
displayed and display it at a remote location. RDP provides terminal
sessions without doing screen scraping, remote node operation is the
same as dial-up access, and remote control is a means of controlling a
remote system (screen scraping is a specialized subset of remote
control).
Ben is troubleshooting a network and discovers that the NAT router he
is connected to has the 192.168.x.x subnet as its internal network and
that its external IP is 192.168.1.40. What problem is he encountering? -
ANSWER ✓ Double NATing isn't possible with the same IP range; the
,same IP addresses cannot appear inside and outside a NAT router. RFC
1918 addresses are reserved, but only so they are not used and routable
on the Internet, and changing to PAT would not fix the issue.
Which of the following is not a problem with active wireless scanning?
A. Accidentally scanning apparent rogue devices that actually belong to
guests
B. Causing alarms on the organization's wireless IPS
C. Scanning devices that belong to nearby organizations
D. Misidentifying rogue devices - ANSWER ✓ B. Not only should
active scanning be expected to cause wireless IPS alarms, but they may
actually be desired if the test is done to test responses. Accidentally
scanning guests or neighbors or misidentifying devices belonging to
third parties are all potential problems with active scanning and require
the security assessor to carefully verify the systems that she is scanning.
The Address Resolution Protocol (ARP) and the Reverse Address
Resolution Protocol (RARP) operate at what layer of the OSI model?
A. Layer 1
B. Layer 2
C. Layer 3
D. Layer 4 - ANSWER ✓ B. ARP and RARP operate at the Data Link
Layer, the second layer of the OSI model. Both protocols deal with
physical (MAC) hardware addresses, which are used above the Physical
layer (layer 1) and below the Network layer (layer 3), thus falling at the
Data Link layer.
How could Lauren's company best address a desire for secure
messaging for users of internal systems?
A. Use a third-party messaging service
B. Implement and use a locally hosted service
C. Use HTTPS
D. Discontinue use of messaging and instead use email, which is more
secure - ANSWER ✓ B. If a business need requires messaging, using a
,local messaging server is the best option. This prevents traffic from
traveling to a third-party server and can offer additional benefits such as
logging, archiving, and control f security options like the use of
encryption.
Chris is configuring an IDS to monitor for unencrypted FTP traffic.
What ports should Chris use in his configuration?
A. TCP 20 and 21
B. TCP 21 only
C. UDP port 69
D. TCP port 21 and UDP port 21 - ANSWER ✓ A. The File Transfer
Protocol (FTP) operates on TCP ports 20 and 21. UDP port 69 is used
for the Trivial File Transfer Protocol, or TFTP, while UDP port 21 is not
used for any common file transfer protocol.
During a penetration test, Lauren is asked to test the organization's
Bluetooth security. Which of the following is not a concern she should
explain to her employers?
A. Bluetooth scanning can be time-consuming.
B. Many devices that may be scanned are likely to be personal devices.
C. Bluetooth passive scans may require multiple visits at different times
to identify all targets.
D. Bluetooth active scans can't evaluate the security mode of Bluetooth
devices. - ANSWER ✓ D. Bluetooth active scans can determine both the
strength of the PIN and what security mode the device is operating in.
Unfortunately, Bluetooth scans can be challenging because of the
limited range of Bluetooth and the prevalence of personally owned
Bluetooth-enabled devices. Passive Bluetooth scanning only detects
active connections and typically requires multiple visits to have a chance
of identifying all devices.
What network tool can be used to protect the identity of clients while
providing Internet access by accepting client requests, altering the
, source addresses of the requests, mapping requests to clients, and
sending the modified requests out to their destination?
A. A gateway
B. A proxy
C. A router
D. A firewall - ANSWER ✓ B. A proxy is a form of gateway that
provides clients with a filtering, caching, or other service that protects
their information from remote systems. A router connects networks,
while a firewall uses rules to limit traffic permitted through it. A
gateway translates between protocols.
In the OSI model, when a packet changes from a data stream to a
segment or a datagram, what layer has it traversed?
A. The Transport layer
B. The Application layer
C. The Data Link layer
D. The Physical layer - ANSWER ✓ A. When a data stream is converted
to into a segment (TCP) or a datagram (UDP), it transitions from the
Session layer to the Transport layer. This change from a message sent to
an encoded segment allows it to then travers the Network layer.
There are four common VPN protocols. Which group listed contains all
of the common VPN protocols?
A. PPTP, LTP, L2TP, IPsec
B. PPP, L2TP, IPsec, VNC
C. PPTP, L2F, L2TP, IPsec
D. PPTP, L2TP, IPsec, SPAP - ANSWER ✓ C. PPTP, L2F, L2TP, and
IPSEC are the most common VPN protocols. TLS is also used for an
increasingly large percentage of VPN connections and may appear at
some point in the CISSP exam. PPP is a dial-up protocol, LTP is not a
protocol, and SPAP is the Shiva Password Authentication Protocol
sometimes used with PPTP.
WITH CORRECT SOLUTIONS||100%
GUARANTEED PASS||UPDATED
2026/2027 SYLLABUS||RECENT
VERSION>>
What type of firewall has two protected zones behind it?
A. A single-tier firewall
B. A two-tier firewall
C. A three-tier firewall
D. A four-tier firewall - ANSWER ✓ B. A two-tier firewall
A remote access tool that copies what is displayed on a desktop PC to a
remote computer is an example of what type of technology?
A. Remote Node operation
B. Screen scraping
C. Remote control
D. RDP - ANSWER ✓ B. Screen scrapers copy the actual screen
displayed and display it at a remote location. RDP provides terminal
sessions without doing screen scraping, remote node operation is the
same as dial-up access, and remote control is a means of controlling a
remote system (screen scraping is a specialized subset of remote
control).
Ben is troubleshooting a network and discovers that the NAT router he
is connected to has the 192.168.x.x subnet as its internal network and
that its external IP is 192.168.1.40. What problem is he encountering? -
ANSWER ✓ Double NATing isn't possible with the same IP range; the
,same IP addresses cannot appear inside and outside a NAT router. RFC
1918 addresses are reserved, but only so they are not used and routable
on the Internet, and changing to PAT would not fix the issue.
Which of the following is not a problem with active wireless scanning?
A. Accidentally scanning apparent rogue devices that actually belong to
guests
B. Causing alarms on the organization's wireless IPS
C. Scanning devices that belong to nearby organizations
D. Misidentifying rogue devices - ANSWER ✓ B. Not only should
active scanning be expected to cause wireless IPS alarms, but they may
actually be desired if the test is done to test responses. Accidentally
scanning guests or neighbors or misidentifying devices belonging to
third parties are all potential problems with active scanning and require
the security assessor to carefully verify the systems that she is scanning.
The Address Resolution Protocol (ARP) and the Reverse Address
Resolution Protocol (RARP) operate at what layer of the OSI model?
A. Layer 1
B. Layer 2
C. Layer 3
D. Layer 4 - ANSWER ✓ B. ARP and RARP operate at the Data Link
Layer, the second layer of the OSI model. Both protocols deal with
physical (MAC) hardware addresses, which are used above the Physical
layer (layer 1) and below the Network layer (layer 3), thus falling at the
Data Link layer.
How could Lauren's company best address a desire for secure
messaging for users of internal systems?
A. Use a third-party messaging service
B. Implement and use a locally hosted service
C. Use HTTPS
D. Discontinue use of messaging and instead use email, which is more
secure - ANSWER ✓ B. If a business need requires messaging, using a
,local messaging server is the best option. This prevents traffic from
traveling to a third-party server and can offer additional benefits such as
logging, archiving, and control f security options like the use of
encryption.
Chris is configuring an IDS to monitor for unencrypted FTP traffic.
What ports should Chris use in his configuration?
A. TCP 20 and 21
B. TCP 21 only
C. UDP port 69
D. TCP port 21 and UDP port 21 - ANSWER ✓ A. The File Transfer
Protocol (FTP) operates on TCP ports 20 and 21. UDP port 69 is used
for the Trivial File Transfer Protocol, or TFTP, while UDP port 21 is not
used for any common file transfer protocol.
During a penetration test, Lauren is asked to test the organization's
Bluetooth security. Which of the following is not a concern she should
explain to her employers?
A. Bluetooth scanning can be time-consuming.
B. Many devices that may be scanned are likely to be personal devices.
C. Bluetooth passive scans may require multiple visits at different times
to identify all targets.
D. Bluetooth active scans can't evaluate the security mode of Bluetooth
devices. - ANSWER ✓ D. Bluetooth active scans can determine both the
strength of the PIN and what security mode the device is operating in.
Unfortunately, Bluetooth scans can be challenging because of the
limited range of Bluetooth and the prevalence of personally owned
Bluetooth-enabled devices. Passive Bluetooth scanning only detects
active connections and typically requires multiple visits to have a chance
of identifying all devices.
What network tool can be used to protect the identity of clients while
providing Internet access by accepting client requests, altering the
, source addresses of the requests, mapping requests to clients, and
sending the modified requests out to their destination?
A. A gateway
B. A proxy
C. A router
D. A firewall - ANSWER ✓ B. A proxy is a form of gateway that
provides clients with a filtering, caching, or other service that protects
their information from remote systems. A router connects networks,
while a firewall uses rules to limit traffic permitted through it. A
gateway translates between protocols.
In the OSI model, when a packet changes from a data stream to a
segment or a datagram, what layer has it traversed?
A. The Transport layer
B. The Application layer
C. The Data Link layer
D. The Physical layer - ANSWER ✓ A. When a data stream is converted
to into a segment (TCP) or a datagram (UDP), it transitions from the
Session layer to the Transport layer. This change from a message sent to
an encoded segment allows it to then travers the Network layer.
There are four common VPN protocols. Which group listed contains all
of the common VPN protocols?
A. PPTP, LTP, L2TP, IPsec
B. PPP, L2TP, IPsec, VNC
C. PPTP, L2F, L2TP, IPsec
D. PPTP, L2TP, IPsec, SPAP - ANSWER ✓ C. PPTP, L2F, L2TP, and
IPSEC are the most common VPN protocols. TLS is also used for an
increasingly large percentage of VPN connections and may appear at
some point in the CISSP exam. PPP is a dial-up protocol, LTP is not a
protocol, and SPAP is the Shiva Password Authentication Protocol
sometimes used with PPTP.
