Systems Security Certified Practitioner
(SSCP) - Exam Questions with Answers
Access Control Object - CORRECT ANSWER>>A passive entity that typically
receives or contains some form of data.
Access Control Subject - CORRECT ANSWER>>An active entity and can be any
user, program, or process that requests permission to cause data to flow from an
access control object to the access control subject or between access control
objects.
Asynchronous Password Token - CORRECT ANSWER>>A one-time password is
generated without the use of a clock, either from a one-time pad or cryptographic
algorithm.
Authorization - CORRECT ANSWER>>Determines whether a user is permitted to
access a particular resource.
Connected Tokens - CORRECT ANSWER>>Must be physically connected to the
computer to which the user is authenticating.
Contactless Tokens - CORRECT ANSWER>>Form a logical connection to the client
computer but do not require a physical connection.
Disconnected Tokens - CORRECT ANSWER>>Have neither a physical nor logical
connection to the client computer.
Entitlement - CORRECT ANSWER>>A set of rules, defined by the resource owner,
for managing access to a resource (asset, service, or entity) and for what purpose.
,Identity Management - CORRECT ANSWER>>The task of controlling information
about users on computers.
Proof of Identity - CORRECT ANSWER>>Verify people's identities before the
enterprise issues them accounts and credentials.
Kerberos - CORRECT ANSWER>>A popular network authentication protocol for
indirect (third-party) authentication services.
Lightweight Directory Access Protocol (LDAP) - CORRECT ANSWER>>A
client/server-based directory query protocol loosely based on X.500, commonly
used to manage user information. LDAP is a front end and not used to manage or
synchronize data per se as opposed to DNS.
Single Sign-On (SSO) - CORRECT ANSWER>>Designed to provide strong
authentication using secret-key cryptography, allowing a single identity to be
shared across multiple applications.
Static Password Token - CORRECT ANSWER>>The device contains a password that
is physically hidden (not visible to the possessor) but that is transmitted for each
authentication.
Synchronous Dynamic Password Token - CORRECT ANSWER>>A timer is used to
rotate through various combinations produced by a cryptographic algorithm.
Trust Path - CORRECT ANSWER>>A series of trust relationships that
authentication requests must follow between domains
Availability - CORRECT ANSWER>>Refers to the ability to access and use
information systems when and as needed to support an organization's
operations.
, Breach - CORRECT ANSWER>>The intentional or unintentional release of secure
information to an untrusted environment.
CMDB - CORRECT ANSWER>>A configuration management database (CMDB) is a
repository that contains a collection of IT assets that are referred to as
configuration items.
Compensating Controls - CORRECT ANSWER>>Introduced when the existing
capabilities of a system do not support the requirements of a policy.
Confidentiality - CORRECT ANSWER>>Refers to the property of information in
which it is only made available to those who have a legitimate need to know.
Configuration Management (CM) - CORRECT ANSWER>>A discipline that seeks to
manage configuration changes so that they are appropriately approved and
documented, so that the integrity of the security state is maintained, and so that
disruptions to performance and availability are minimized.
Corrective Control - CORRECT ANSWER>>These controls remedy the
circumstances that enabled unwarranted activity, and/ or return conditions to
where they were prior to the unwanted activity.
COTS - CORRECT ANSWER>>A Federal Acquistion Regulation (FAR) term for
commercial off-the-shelf (COTS) items, that can be purchased n the commercial
marketplace and used under government contract.
Deduplication - CORRECT ANSWER>>A process that scans the entire collection of
information looking for similar chunks of data that can be consolidated.
Defense-in-depth - CORRECT ANSWER>>Provision of several overlapping
subsequent limiting barriers with no respect to one safety or security threshold,
so that the threshold can only be surpassed if all barriers have failed.
(SSCP) - Exam Questions with Answers
Access Control Object - CORRECT ANSWER>>A passive entity that typically
receives or contains some form of data.
Access Control Subject - CORRECT ANSWER>>An active entity and can be any
user, program, or process that requests permission to cause data to flow from an
access control object to the access control subject or between access control
objects.
Asynchronous Password Token - CORRECT ANSWER>>A one-time password is
generated without the use of a clock, either from a one-time pad or cryptographic
algorithm.
Authorization - CORRECT ANSWER>>Determines whether a user is permitted to
access a particular resource.
Connected Tokens - CORRECT ANSWER>>Must be physically connected to the
computer to which the user is authenticating.
Contactless Tokens - CORRECT ANSWER>>Form a logical connection to the client
computer but do not require a physical connection.
Disconnected Tokens - CORRECT ANSWER>>Have neither a physical nor logical
connection to the client computer.
Entitlement - CORRECT ANSWER>>A set of rules, defined by the resource owner,
for managing access to a resource (asset, service, or entity) and for what purpose.
,Identity Management - CORRECT ANSWER>>The task of controlling information
about users on computers.
Proof of Identity - CORRECT ANSWER>>Verify people's identities before the
enterprise issues them accounts and credentials.
Kerberos - CORRECT ANSWER>>A popular network authentication protocol for
indirect (third-party) authentication services.
Lightweight Directory Access Protocol (LDAP) - CORRECT ANSWER>>A
client/server-based directory query protocol loosely based on X.500, commonly
used to manage user information. LDAP is a front end and not used to manage or
synchronize data per se as opposed to DNS.
Single Sign-On (SSO) - CORRECT ANSWER>>Designed to provide strong
authentication using secret-key cryptography, allowing a single identity to be
shared across multiple applications.
Static Password Token - CORRECT ANSWER>>The device contains a password that
is physically hidden (not visible to the possessor) but that is transmitted for each
authentication.
Synchronous Dynamic Password Token - CORRECT ANSWER>>A timer is used to
rotate through various combinations produced by a cryptographic algorithm.
Trust Path - CORRECT ANSWER>>A series of trust relationships that
authentication requests must follow between domains
Availability - CORRECT ANSWER>>Refers to the ability to access and use
information systems when and as needed to support an organization's
operations.
, Breach - CORRECT ANSWER>>The intentional or unintentional release of secure
information to an untrusted environment.
CMDB - CORRECT ANSWER>>A configuration management database (CMDB) is a
repository that contains a collection of IT assets that are referred to as
configuration items.
Compensating Controls - CORRECT ANSWER>>Introduced when the existing
capabilities of a system do not support the requirements of a policy.
Confidentiality - CORRECT ANSWER>>Refers to the property of information in
which it is only made available to those who have a legitimate need to know.
Configuration Management (CM) - CORRECT ANSWER>>A discipline that seeks to
manage configuration changes so that they are appropriately approved and
documented, so that the integrity of the security state is maintained, and so that
disruptions to performance and availability are minimized.
Corrective Control - CORRECT ANSWER>>These controls remedy the
circumstances that enabled unwarranted activity, and/ or return conditions to
where they were prior to the unwanted activity.
COTS - CORRECT ANSWER>>A Federal Acquistion Regulation (FAR) term for
commercial off-the-shelf (COTS) items, that can be purchased n the commercial
marketplace and used under government contract.
Deduplication - CORRECT ANSWER>>A process that scans the entire collection of
information looking for similar chunks of data that can be consolidated.
Defense-in-depth - CORRECT ANSWER>>Provision of several overlapping
subsequent limiting barriers with no respect to one safety or security threshold,
so that the threshold can only be surpassed if all barriers have failed.
