WGU C845 Information Systems Security (SSCP) Exam 2026 | Complete Study Guide & Verified
Answers
Which of the following is a symmetric algorithm?
A Diffie-Hellman
B RSA
C AES
D HMAC - (answer)C
How can a user be given the power to set privileges on an object for other users when within a DAC
operating system?
A Remove special permissions for the user on the object.
B Grant the user full control over the object.
C Give the user the modify privilege on the object.
D Issue an administrative job label to the user. - (answer)B
Your company adopts a new end-user security awareness program. This training includes malware
introduction, social media issues, password guidelines, data exposure, and lost devices. How often
should end users receive this training?
A once a year and upon termination
B upon new hire and once a year thereafter
C upon termination
D twice a year
E upon new hire
F once a year - (answer)B
What type of event is more likely to trigger the business continuity plan (BCP) rather than the disaster
recovery plan (DRP)?
,WGU C845 Information Systems Security (SSCP) Exam 2026 | Complete Study Guide & Verified
Answers
A A port-scanning event against your public servers in the DMZ
B A security breach of an administrator account
C Several users failing to remember their logon credentials
D A level 5 hurricane - (answer)B
What is the IEEE standard known as port-based network access control which is used to leverage
authentication already present in a network to validate clients connecting over hardware devices, such
as wireless access points or VPN concentrators?
A IEEE 802.1x
B IEEE 802.15
C IEEE 802.3
D IEEE 802.11 - (answer)A
Why is change control and management used as a component of software asset management?
A To stop changes from being implemented into an environment
B To oversee the asset procurement process
C To prevent or reduce unintended reduction in security
D To restrict the privileges assigned to compartmentalized administrators - (answer)C
What is the cost benefit equation?
A [ALE1 - ALE2] - CCM
B AES - CCMP
C total initial risk - countermeasure benefit
D AV x EF x ARO - (answer)A
,WGU C845 Information Systems Security (SSCP) Exam 2026 | Complete Study Guide & Verified
Answers
What is the best means to restore the most current form of data when a backup strategy is based on
starting each week off with a full backup followed by a daily differential?
A Restore the initial week's full backup and then the last differential backup before the failure.
B Restore only the last differential backup.
C Restore the initial week's full backup and then each differential backup up to the failure.
D Restore the last differential backup and then the week's full backup. - (answer)A
Which of the following is not considered an example of a non-discretionary access control system?
A MAC
B ACL
C ABAC
D RBAC - (answer)B
How should countermeasures be implemented as part of the recovery phase of incident response?
A During next year's security review
B Based on the lowest cost among available options
C As defined by the current security policy
D As determined by the violation that occurred - (answer)D
Remote control malware was found on a client device, and an unknown attacker was manipulating the
network from afar. The attack resulted in the network switches reverting to flooding mode, thereby
, WGU C845 Information Systems Security (SSCP) Exam 2026 | Complete Study Guide & Verified
Answers
enabling the attacker to eavesdrop on a significant portion of network communications. After reviewing
IDS and traffic logs, you determine that this was accomplished by an attack utility which generated a
constant Ethernet frames with random source MAC addresses. What can be done to prevent this attack
from occurring in the future?
A Restrict access to DHCP.
B Use a static HOSTS file.
C Use MAC limiting on the switch ports.
D Implement an ARP monitor. - (answer)C
How is quantitative risk analysis performed?
A Through the Delphi technique
B With scenario-based assessments
C Using calculations
D Via employee interviews - (answer)C
What special component on a motherboard can be used to securely store the encryption key for whole
drive encryption?
A CMOS
B RAM
C TPM
D CPU - (answer)C
When is it appropriate to contact law enforcement when an organization experiences a security breach?
A If a violation is more severe than just breaking company policy rules
Answers
Which of the following is a symmetric algorithm?
A Diffie-Hellman
B RSA
C AES
D HMAC - (answer)C
How can a user be given the power to set privileges on an object for other users when within a DAC
operating system?
A Remove special permissions for the user on the object.
B Grant the user full control over the object.
C Give the user the modify privilege on the object.
D Issue an administrative job label to the user. - (answer)B
Your company adopts a new end-user security awareness program. This training includes malware
introduction, social media issues, password guidelines, data exposure, and lost devices. How often
should end users receive this training?
A once a year and upon termination
B upon new hire and once a year thereafter
C upon termination
D twice a year
E upon new hire
F once a year - (answer)B
What type of event is more likely to trigger the business continuity plan (BCP) rather than the disaster
recovery plan (DRP)?
,WGU C845 Information Systems Security (SSCP) Exam 2026 | Complete Study Guide & Verified
Answers
A A port-scanning event against your public servers in the DMZ
B A security breach of an administrator account
C Several users failing to remember their logon credentials
D A level 5 hurricane - (answer)B
What is the IEEE standard known as port-based network access control which is used to leverage
authentication already present in a network to validate clients connecting over hardware devices, such
as wireless access points or VPN concentrators?
A IEEE 802.1x
B IEEE 802.15
C IEEE 802.3
D IEEE 802.11 - (answer)A
Why is change control and management used as a component of software asset management?
A To stop changes from being implemented into an environment
B To oversee the asset procurement process
C To prevent or reduce unintended reduction in security
D To restrict the privileges assigned to compartmentalized administrators - (answer)C
What is the cost benefit equation?
A [ALE1 - ALE2] - CCM
B AES - CCMP
C total initial risk - countermeasure benefit
D AV x EF x ARO - (answer)A
,WGU C845 Information Systems Security (SSCP) Exam 2026 | Complete Study Guide & Verified
Answers
What is the best means to restore the most current form of data when a backup strategy is based on
starting each week off with a full backup followed by a daily differential?
A Restore the initial week's full backup and then the last differential backup before the failure.
B Restore only the last differential backup.
C Restore the initial week's full backup and then each differential backup up to the failure.
D Restore the last differential backup and then the week's full backup. - (answer)A
Which of the following is not considered an example of a non-discretionary access control system?
A MAC
B ACL
C ABAC
D RBAC - (answer)B
How should countermeasures be implemented as part of the recovery phase of incident response?
A During next year's security review
B Based on the lowest cost among available options
C As defined by the current security policy
D As determined by the violation that occurred - (answer)D
Remote control malware was found on a client device, and an unknown attacker was manipulating the
network from afar. The attack resulted in the network switches reverting to flooding mode, thereby
, WGU C845 Information Systems Security (SSCP) Exam 2026 | Complete Study Guide & Verified
Answers
enabling the attacker to eavesdrop on a significant portion of network communications. After reviewing
IDS and traffic logs, you determine that this was accomplished by an attack utility which generated a
constant Ethernet frames with random source MAC addresses. What can be done to prevent this attack
from occurring in the future?
A Restrict access to DHCP.
B Use a static HOSTS file.
C Use MAC limiting on the switch ports.
D Implement an ARP monitor. - (answer)C
How is quantitative risk analysis performed?
A Through the Delphi technique
B With scenario-based assessments
C Using calculations
D Via employee interviews - (answer)C
What special component on a motherboard can be used to securely store the encryption key for whole
drive encryption?
A CMOS
B RAM
C TPM
D CPU - (answer)C
When is it appropriate to contact law enforcement when an organization experiences a security breach?
A If a violation is more severe than just breaking company policy rules
