SSCP TEST QUESTIONS COMPLETE
WITH VERIFIED ANSWERS
\Q\.DES - Data Encryption standard has a 128 bit key and is very difficult to break.
A. True
B. False - ANSWERS✔-B
\Q\.What is the main difference between computer abuse and computer crime?
A. Amount of damage
B. Intentions of the perpetrator
C. Method of compromise
D. Abuse = company insider; crime = company outsider - ANSWERS✔-B
\Q\.A standardized list of the most common security weaknesses and exploits is the
__________.
A. SANS Top 10
B. CSI/FBI Computer Crime Study
C. CVE - Common Vulnerabilities and Exposures
D. CERT Top 10 - ANSWERS✔-C
,\Q\.A salami attack refers to what type of activity?
A. Embedding or hiding data inside of a legitimate communication - a picture, etc.
B. Hijacking a session and stealing passwords
C. Committing computer crimes in such small doses that they almost go unnoticed
D. Setting a program to attack a website at11:59 am on New Year's Eve - ANSWERS✔-C
\Q\.Multi-partite viruses perform which functions?
A. Infect multiple partitions
B. Infect multiple boot sectors
C. Infect numerous workstations
D. Combine both boot and file virus behavior - ANSWERS✔-D
\Q\.What security principle is based on the division of job responsibilities - designed to prevent
fraud?
A. Mandatory Access Control
B. Separation of Duties
C. Information Systems Auditing
D. Concept of Least Privilege - ANSWERS✔-B
\Q\.________ is the authoritative entity which lists port assignments
A. IANA
B. ISSA
,C. Network Solutions
D. Register.com
E. InterNIC - ANSWERS✔-A
\Q\.Cable modems are less secure than DSL connections because cable modems are shared
with
other subscribers?
A. True
B. False - ANSWERS✔-B
\Q\.____________ is a file system that was poorly designed and has numerous security flaws.
A. NTS
B. RPC
C. TCP
D. NFS
E. None of the above - ANSWERS✔-D
\Q\.Trend Analysis involves analyzing historical ___________ files in order to look for patterns of
abuse or misuse. - ANSWERS✔-Log files
\Q\.HTTP, FTP, SMTP reside at which layer of the OSI model?
A. Layer 1 - Physical
B. Layer 3 - Network
, C. Layer 4 - Transport
D. Layer 7 - Application
E. Layer 2 - Data Link - ANSWERS✔-D
\Q\.Layer 4 in the DoD model overlaps with which layer(s) of the OSI model?
A. Layer 7 - Application Layer
B. Layers 2, 3, & 4 - Data Link, Network, and Transport Layers
C. Layer 3 - Network Layer
D. Layers 5, 6, & 7 - Session, Presentation, and Application Layers - ANSWERS✔-D
\Q\.A Security Reference Monitor relates to which DoD security standard?
A. LC3
B. C2
C. D1
D. L2TP
E. None of the items listed - ANSWERS✔-B
\Q\.The ability to identify and audit a user and his / her actions is known as ____________.
A. Journaling
B. Auditing
C. Accessibility
D. Accountability
E. Forensics - ANSWERS✔-D
WITH VERIFIED ANSWERS
\Q\.DES - Data Encryption standard has a 128 bit key and is very difficult to break.
A. True
B. False - ANSWERS✔-B
\Q\.What is the main difference between computer abuse and computer crime?
A. Amount of damage
B. Intentions of the perpetrator
C. Method of compromise
D. Abuse = company insider; crime = company outsider - ANSWERS✔-B
\Q\.A standardized list of the most common security weaknesses and exploits is the
__________.
A. SANS Top 10
B. CSI/FBI Computer Crime Study
C. CVE - Common Vulnerabilities and Exposures
D. CERT Top 10 - ANSWERS✔-C
,\Q\.A salami attack refers to what type of activity?
A. Embedding or hiding data inside of a legitimate communication - a picture, etc.
B. Hijacking a session and stealing passwords
C. Committing computer crimes in such small doses that they almost go unnoticed
D. Setting a program to attack a website at11:59 am on New Year's Eve - ANSWERS✔-C
\Q\.Multi-partite viruses perform which functions?
A. Infect multiple partitions
B. Infect multiple boot sectors
C. Infect numerous workstations
D. Combine both boot and file virus behavior - ANSWERS✔-D
\Q\.What security principle is based on the division of job responsibilities - designed to prevent
fraud?
A. Mandatory Access Control
B. Separation of Duties
C. Information Systems Auditing
D. Concept of Least Privilege - ANSWERS✔-B
\Q\.________ is the authoritative entity which lists port assignments
A. IANA
B. ISSA
,C. Network Solutions
D. Register.com
E. InterNIC - ANSWERS✔-A
\Q\.Cable modems are less secure than DSL connections because cable modems are shared
with
other subscribers?
A. True
B. False - ANSWERS✔-B
\Q\.____________ is a file system that was poorly designed and has numerous security flaws.
A. NTS
B. RPC
C. TCP
D. NFS
E. None of the above - ANSWERS✔-D
\Q\.Trend Analysis involves analyzing historical ___________ files in order to look for patterns of
abuse or misuse. - ANSWERS✔-Log files
\Q\.HTTP, FTP, SMTP reside at which layer of the OSI model?
A. Layer 1 - Physical
B. Layer 3 - Network
, C. Layer 4 - Transport
D. Layer 7 - Application
E. Layer 2 - Data Link - ANSWERS✔-D
\Q\.Layer 4 in the DoD model overlaps with which layer(s) of the OSI model?
A. Layer 7 - Application Layer
B. Layers 2, 3, & 4 - Data Link, Network, and Transport Layers
C. Layer 3 - Network Layer
D. Layers 5, 6, & 7 - Session, Presentation, and Application Layers - ANSWERS✔-D
\Q\.A Security Reference Monitor relates to which DoD security standard?
A. LC3
B. C2
C. D1
D. L2TP
E. None of the items listed - ANSWERS✔-B
\Q\.The ability to identify and audit a user and his / her actions is known as ____________.
A. Journaling
B. Auditing
C. Accessibility
D. Accountability
E. Forensics - ANSWERS✔-D
