Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

Official (ISC)² SSCP Exam Questions with Verified Answers

Rating
-
Sold
-
Pages
173
Grade
A+
Uploaded on
15-09-2025
Written in
2025/2026

Official (ISC)² SSCP Exam Questions with Verified Answers

Institution
ICS
Course
ICS

Content preview

Official (ISC)² SSCP Exam Questions
with Verified Answers
Static Password Token - ANSWER-The device contains a password that is
physically hidden (not visible to the possessor) but that is transmitted for each
authentication.

Synchronous Dynamic Password Token - ANSWER-A timer is used to rotate through
various combinations produced by a cryptographic algorithm.

Trust Path - ANSWER-A series of trust relationships that authentication requests
must follow between domains

6to4 - ANSWER-Transition mechanism for migrating from IPv4 to IPv6. It allows
systems to use IPv6 to communicate if their traffic has to transverse an IPv4
network.

Absolute addresses - ANSWER-Hardware addresses used by the CPU.

Abstraction - ANSWER-The capability to suppress unnecessary details so the
important, inherent properties can be examined and reviewed.

Accepted ways for handling risk - ANSWER-Accept, transfer, mitigate, avoid.

Access - ANSWER-The flow of information between a subject and an object.

Access control matrix - ANSWER-A table of subjects and objects indicating what
actions individual subjects can take upon individual objects.

Access control model - ANSWER-An access control model is a framework that
dictates how subjects access objects.

Access controls - ANSWER-Are security features that control how users and
systems communicate and interact with other systems and resources.

Accreditation - ANSWER-Formal acceptance of the adequacy of a system's overall
security by management.

Active attack - ANSWER-Attack where the attacker does interact with processing or
communication activities.

ActiveX - ANSWER-A Microsoft technology composed of a set of OOP technologies
and tools based on COM and DCOM. It is a framework for defining reusable
software components in a programming language-independent manner

,Address bus - ANSWER-Physical connections between processing components and
memory segments used to communicate the physical memory addresses being used
during processing procedures.

Address resolution protocol (ARP) - ANSWER-A networking protocol used for
resolution of network layer IP addresses into link layer MAC addresses.

Address space layout randomization (ASLR) - ANSWER-Memory protection
mechanism used by some operating systems. The addresses used by components
of a process are randomized so that it is harder for an attacker to exploit specific
memory vulnerabilities.

Algebraic attack - ANSWER-Cryptanalysis attack that exploits vulnerabilities within
the intrinsic algebraic structure of mathematical functions.

Algorithm - ANSWER-Set of mathematical and logic rules used in cryptographic
functions.

Analog signals - ANSWER-Continuously varying electromagnetic wave that
represents and transmits data.

Analytic attack - ANSWER-Cryptanalysis attack that exploits vulnerabilities within the
algorithm structure.

Annualized loss expectancy (ALE) - ANSWER-Annual expected loss if a specific
vulnerability is exploited and how it affects a single asset. SLE × ARO = ALE.

Application programming interface (API) - ANSWER-Software interface that enables
process-to-
process interaction. Common way to provide access to standard routines to a set of
software programs.

Arithmetic logic unit (ALU) - ANSWER-A component of the computer's processing
unit, in which arithmetic and matching operations are performed.

AS/NZS 4360 - ANSWER-Australia and New Zealand business risk management
assessment approach.

Assemblers - ANSWER-Tools that convert assembly code into the necessary
machine-compatible binary language for processing activities to take place.

Assembly language - ANSWER-A low-level programming language that is the
mnemonic representation of machine-level instructions.

Assurance evaluation criteria - ANSWER-Check-list and process of examining the
security-relevant parts of a system (TCB, reference monitor, security kernel) and
assigning the system an assurance rating.

,Asymmetric algorithm - ANSWER-Encryption method that uses two different key
types, public and private. Also called public key cryptography.

Asymmetric mode multiprocessing - ANSWER-When a computer has two or more
CPUs and one CPU is dedicated to a specific program while the other CPUs carry
out general processing procedures

Asynchronous communication - ANSWER-Transmission sequencing technology that
uses start and stop bits or similar encoding mechanism. Used in environments that
transmit a variable amount of data in a periodic fashion.

Asynchronous token generating method - ANSWER-Employs a challenge/response
scheme to authenticate the user.

Attack surface - ANSWER-Components available to be used by an attacker against
the product itself.

Attenuation - ANSWER-Gradual loss in intensity of any kind of flux through a
medium. As an electrical signal travels down a cable, the signal can degrade and
distort or corrupt the data it is carrying.

Attribute - ANSWER-A column in a two-dimensional database.

Authentication Header (AH) Protocol - ANSWER-Protocol within the IPSec suite
used for integrity and authentication.

Authenticode - ANSWER-A type of code signing, which is the process of digitally
signing software components and scripts to confirm the software author and
guarantee that the code has not been altered or corrupted since it was digitally
signed. Authenticode is Microsoft's implementation of code signing.

Availability - ANSWER-Reliable and timely access to data and resources is provided
to authorized individuals.

Avalanche effect - ANSWER-Algorithm design requirement so that slight changes to
the input result in drastic changes to the output.

Base registers - ANSWER-Beginning of address space assigned to a process. Used
to ensure a process does not make a request outside its assigned memory
boundaries.

Baseband transmission - ANSWER-Uses the full bandwidth for only one
communication channel and has a low data transfer rate compared to broadband.

Bastion host - ANSWER-A highly exposed device that will most likely be targeted for
attacks, and thus should be hardened.

Behavior blocking - ANSWER-Allowing the suspicious code to execute within the
operating system and watches its interactions with the operating system, looking for
suspicious activities.

, Confidentiality - ANSWER-data is not disclosed to unauthorized users

Integrity - ANSWER-prevents any unauthorized or unwanted modification of data

Availability - ANSWER-ensures that IT systems and data are available when needed

Backups - ANSWER-Copies of data stored in case the original is stolen or becomes
corrupt

Redundant disks - ANSWER-Provides fault tolerance by mirroring data on another
drive. If the first drive fails, data is not lost since the system can automatically switch
over to the other drive.

Redundant servers - ANSWER-Provides fault tolerance by having one or more entire
systems available in case the primary one crashes.

Redundant connections - ANSWER-Provides fault tolerance by having redundant
internet connections so if one fails, the organization can still has connectivity

Redundant sites - ANSWER-Hot, cold, or warm sites are planned for business
continuity incase of emergency. Hot sites are ready at a moment's notice. Cold sites
are empty buildings with just electricity and running water. Warm sites are hybrids.

Hashing - ANSWER-These algorithms provide data integrity only

Defense in Depth - ANSWER-A defense that uses multiple types of security devices
to protect a network. Also called layered security.

Authenication - ANSWER-Identifies user(s)

Authorization - ANSWER-Defines what the user(s) can access

Accounting - ANSWER-Tracking user(s) activities.

Accountability - ANSWER-Underlying goals of the AAAs of security. The trait of
being willing to take responsibility for your actions

Nonrepudiation - ANSWER-A user cannot deny any particular act that he or she did
on the IT system

Least Privilege - ANSWER-Providing only the minimum amount of privileges
necessary to perform a job or function.

Separation of Duties - ANSWER-Distributing tasks and associated privileges among
multiple people, primary objective to prevent fraud and errors

Due Diligence - ANSWER-Necessary level of care and attention that is taken to
investigate an action before it is taken. (Look before jumping)

Written for

Institution
ICS
Course
ICS

Document information

Uploaded on
September 15, 2025
Number of pages
173
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$28.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF


Also available in package deal

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
lectknancy Boston University
Follow You need to be logged in order to follow users or courses
Sold
326
Member since
2 year
Number of followers
27
Documents
26133
Last sold
6 days ago

3.7

79 reviews

5
38
4
13
3
11
2
4
1
13

Recently viewed by you

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions