(ISC)2 SSCP Practice Test 2 Exam Questions and
Complete Answers.
During a system audit, Casey notices that the private key for her organization's web
server has been stored in a public Amazon S3 storage bucket for more than a year.
What should she do? - Correct Answer The first thing Casey should do is notify her
management, but after that, replacing the certificate and using proper key management
practices with the new certificate's key should be at the top of her list.
Which of the following is not a common threat to access control mechanisms?
Fake login pages
Phishing
Dictionary attacks
Man-in-the-middle attacks - Correct Answer Phishing
Question 1:
Which one of the following describes a platform as a service (PaaS) cloud computing
model?
a. Web-based email service provided by a vendor
b. Servers provisioned by customers on a vendor-managed virtualization platform
c. A vendor-managed environment that executes customer-developed code
d. Payroll system managed by a vendor and delivered over the web - Correct Answer C
web-based email service provided by a vendor is considered an example of
PaaS
SaaS
IaaS
IaaC - Correct Answer Software as a Service (SaaS)
Which one of the following would be an example of software as a service (SaaS)?
a. Application environment managed by a vendor that runs customer code
b. Payroll system managed by a vendor and delivered over the web
c. Servers provisioned by customers on a vendor-managed virtualization platform
d. A dedicated physical server rented and managed by a third-party provider - Correct
Answer b. Payroll system managed by a vendor and delivered over the web ←
(Answer)
A dedicated physical server rented and managed by a third-party provider is an
example of? - Correct Answer IaaS
In an ________ model, the provider supplies the physical hardware (servers, storage,
networking), and the customer manages the operating systems, applications, and data.
With a dedicated physical server, the provider owns and maintains the server hardware,
while you have control over the software stack. - Correct Answer IaaS
,In a _______ model, the provider supplies the underlying infrastructure, including
servers, storage, and networking, as well as the operating systems and middleware.
The customer focuses on developing and deploying their applications without worrying
about the underlying hardware or software stack. - Correct Answer PaaS
_____ (like renting a restaurant kitchen): You get a ready-to-use environment where
you focus on your work.
_____ (like renting an empty warehouse): You get the raw infrastructure and manage
everything else within it. - Correct Answer PaaS
IaaS
Imagine you're developing a web application and you choose Google App Engine to
deploy it. With Google App Engine, you don't need to worry about setting up the
servers, handling load balancing, or managing the underlying infrastructure. You simply
upload your application code, and Google App Engine automatically handles the server
provisioning, scaling, and maintenance. You focus solely on developing and updating
your application.
This is an example of what? - Correct Answer PaaS
Suppose you need virtual servers to run a custom application. You use Amazon EC2 to
create and manage these virtual servers. With EC2, you have to set up the operating
system, install necessary software, and configure the servers according to your needs.
Amazon EC2 provides the virtual machines and infrastructure, but you manage the
configuration and maintenance of the servers.
This is an example of what? - Correct Answer IaaS
When it comes to fire extinguishers, what do each of these do?
Water
Soda acid
Carbon dioxide
Halon - Correct Answer Soda acid and other dry powder extinguishers work to remove
the fuel supply. Water suppresses temperature, while halon and carbon dioxide remove
the oxygen supply from a fire.
What type of alternate processing facility contains the hardware necessary to restore
operations but does not have a current copy of data? - Correct Answer Warm site
What kind of IP address are each of these?
201.19.7.45
169.254.0.0
127.0.0.1
92.168.255.255 - Correct Answer ?
APIPA
Loopback
, RFC18 (Private)
What are the RFC18 Private IP Addresses
What are the regular private IP Addresses? - Correct Answer They are one in the same
10.0.0.0 to 0.255.255.255, 172.16.0.0 to 172.31.255.255, and 192.168.0.0 to
192.168.255.255
The difference between pre & post admission philosophy. - Correct Answer Pre-
Admission Philosophy:
What it is: Pre-admission NAC checks a device's security posture before it's allowed
access to the network.
Post-Admission Philosophy:
What it is: Post-admission NAC monitors and enforces security after a device is already
connected to the network.
What is Continuous Authentication - Correct Answer Continuous Authentication:
Similar to post-admission NAC, continuous authentication ensures that even after a
user or device has been authenticated, their identity is regularly re-verified through
behavioral biometrics or activity analysis.
Zero Trust Architecture: - Correct Answer Zero Trust Architecture:
Zero Trust is a modern approach to network security where no device, user, or system
is trusted by default, regardless of whether it's inside or outside the network perimeter.
EDR - Correct Answer Endpoint Detection and Response (EDR):
EDR solutions monitor endpoint devices continuously, much like post-admission NAC.
They detect and respond to suspicious activities and potential threats in real time.
What is TCP wrapping? - Correct Answer TCP wrappers are a host-based network
access control system
What is Attribution? - Correct Answer attribution is determining who or what performed
an action or sent data
When the certificate authority (CA) created Renee's digital certificate, what key was
contained within the body of the certificate? - Correct Answer Renee's public key
When the certificate authority created Renee's digital certificate, what key did it use to
digitally sign the completed certificate? - Correct Answer CA's private key
When Mike receives Renee's digital certificate, what key does he use to verify the
authenticity of the certificate? - Correct Answer CA's public key
Complete Answers.
During a system audit, Casey notices that the private key for her organization's web
server has been stored in a public Amazon S3 storage bucket for more than a year.
What should she do? - Correct Answer The first thing Casey should do is notify her
management, but after that, replacing the certificate and using proper key management
practices with the new certificate's key should be at the top of her list.
Which of the following is not a common threat to access control mechanisms?
Fake login pages
Phishing
Dictionary attacks
Man-in-the-middle attacks - Correct Answer Phishing
Question 1:
Which one of the following describes a platform as a service (PaaS) cloud computing
model?
a. Web-based email service provided by a vendor
b. Servers provisioned by customers on a vendor-managed virtualization platform
c. A vendor-managed environment that executes customer-developed code
d. Payroll system managed by a vendor and delivered over the web - Correct Answer C
web-based email service provided by a vendor is considered an example of
PaaS
SaaS
IaaS
IaaC - Correct Answer Software as a Service (SaaS)
Which one of the following would be an example of software as a service (SaaS)?
a. Application environment managed by a vendor that runs customer code
b. Payroll system managed by a vendor and delivered over the web
c. Servers provisioned by customers on a vendor-managed virtualization platform
d. A dedicated physical server rented and managed by a third-party provider - Correct
Answer b. Payroll system managed by a vendor and delivered over the web ←
(Answer)
A dedicated physical server rented and managed by a third-party provider is an
example of? - Correct Answer IaaS
In an ________ model, the provider supplies the physical hardware (servers, storage,
networking), and the customer manages the operating systems, applications, and data.
With a dedicated physical server, the provider owns and maintains the server hardware,
while you have control over the software stack. - Correct Answer IaaS
,In a _______ model, the provider supplies the underlying infrastructure, including
servers, storage, and networking, as well as the operating systems and middleware.
The customer focuses on developing and deploying their applications without worrying
about the underlying hardware or software stack. - Correct Answer PaaS
_____ (like renting a restaurant kitchen): You get a ready-to-use environment where
you focus on your work.
_____ (like renting an empty warehouse): You get the raw infrastructure and manage
everything else within it. - Correct Answer PaaS
IaaS
Imagine you're developing a web application and you choose Google App Engine to
deploy it. With Google App Engine, you don't need to worry about setting up the
servers, handling load balancing, or managing the underlying infrastructure. You simply
upload your application code, and Google App Engine automatically handles the server
provisioning, scaling, and maintenance. You focus solely on developing and updating
your application.
This is an example of what? - Correct Answer PaaS
Suppose you need virtual servers to run a custom application. You use Amazon EC2 to
create and manage these virtual servers. With EC2, you have to set up the operating
system, install necessary software, and configure the servers according to your needs.
Amazon EC2 provides the virtual machines and infrastructure, but you manage the
configuration and maintenance of the servers.
This is an example of what? - Correct Answer IaaS
When it comes to fire extinguishers, what do each of these do?
Water
Soda acid
Carbon dioxide
Halon - Correct Answer Soda acid and other dry powder extinguishers work to remove
the fuel supply. Water suppresses temperature, while halon and carbon dioxide remove
the oxygen supply from a fire.
What type of alternate processing facility contains the hardware necessary to restore
operations but does not have a current copy of data? - Correct Answer Warm site
What kind of IP address are each of these?
201.19.7.45
169.254.0.0
127.0.0.1
92.168.255.255 - Correct Answer ?
APIPA
Loopback
, RFC18 (Private)
What are the RFC18 Private IP Addresses
What are the regular private IP Addresses? - Correct Answer They are one in the same
10.0.0.0 to 0.255.255.255, 172.16.0.0 to 172.31.255.255, and 192.168.0.0 to
192.168.255.255
The difference between pre & post admission philosophy. - Correct Answer Pre-
Admission Philosophy:
What it is: Pre-admission NAC checks a device's security posture before it's allowed
access to the network.
Post-Admission Philosophy:
What it is: Post-admission NAC monitors and enforces security after a device is already
connected to the network.
What is Continuous Authentication - Correct Answer Continuous Authentication:
Similar to post-admission NAC, continuous authentication ensures that even after a
user or device has been authenticated, their identity is regularly re-verified through
behavioral biometrics or activity analysis.
Zero Trust Architecture: - Correct Answer Zero Trust Architecture:
Zero Trust is a modern approach to network security where no device, user, or system
is trusted by default, regardless of whether it's inside or outside the network perimeter.
EDR - Correct Answer Endpoint Detection and Response (EDR):
EDR solutions monitor endpoint devices continuously, much like post-admission NAC.
They detect and respond to suspicious activities and potential threats in real time.
What is TCP wrapping? - Correct Answer TCP wrappers are a host-based network
access control system
What is Attribution? - Correct Answer attribution is determining who or what performed
an action or sent data
When the certificate authority (CA) created Renee's digital certificate, what key was
contained within the body of the certificate? - Correct Answer Renee's public key
When the certificate authority created Renee's digital certificate, what key did it use to
digitally sign the completed certificate? - Correct Answer CA's private key
When Mike receives Renee's digital certificate, what key does he use to verify the
authenticity of the certificate? - Correct Answer CA's public key
