SSCP - WGU - Practice Test B || 100% Correct Answers.
Which of the following should be included in every policy that states possible penalties or
restrictions for individuals? correct answers An enforcement statement
Which converged network communications concept includes support for real-time chat, video
conferencing, voice and video mail, and file exchange? correct answers VoIP
What type of network deployment is the most fault tolerant? correct answers Mesh
What is the result of an access control management process that adds new capabilities to users as
their job tasks change over time, but does not perform a regular reassessment of the assigned
authorization? correct answers Privilege creep
Which choice best describes a federation? correct answers An association of nonrelated third-
party organizations that share information based upon a single sign-on
What is the term used for the range of values that can be used to control the symmetric
encryption function while converting plaintext into ciphertext? correct answers Key space
What is a primary goal of a forensic investigator while collecting evidence? correct answers
Preserve evidence integrity.
How is granular control of objects and resources implemented within a mandatory access control
environment? correct answers Need to know
Which of the following types of access control is preferred for its ease of administration when
there are a large number of personnel with the same job in an organization? correct answers
Role-based Access Control
, How does a network access control (NAC) system ensure that only systems with current
configurations and the most recently approved updates are allowed to access the production
network? correct answers By checking for compliance each time a system attempts to access the
production network
Which attack attempts to steal information from victims by tricking them into visiting false or
fake Web sites using a spoofed email communication that seems to originate from a legitimate
source? correct answers Phishing
When crafting a digital signature, what are the initial steps in the process performed by the
sender? correct answers Hash the message, and then encrypt the digest with the private key.
Which means of authentication is NOT supported by IPSec? correct answers Biometrics
When an organization is unable to lose more than a few hours of data without experiencing
severe consequences, what means or method of backup is most appropriate? correct answers
Real-time backup
Which trust architecture or model is based on the concept of an individual top level entity that all
other entities trust and with entities organized in levels or layers below the top level? correct
answers Hierarchical trust
Which of the following statements is not true of an organizations incident response policy?
correct answers It should require the retaliation against repeat attackers.
When an organization has a properly implemented enterprise risk management (ERM), what is
the tool used to list and categorize each discovered or encountered risk? correct answers Risk
register
What is the only viable method a determined attacker can attempt to compromise an encrypted
file, assuming a publicly available cryptography standard was used? correct answers Brute force
guess the key
Which of the following should be included in every policy that states possible penalties or
restrictions for individuals? correct answers An enforcement statement
Which converged network communications concept includes support for real-time chat, video
conferencing, voice and video mail, and file exchange? correct answers VoIP
What type of network deployment is the most fault tolerant? correct answers Mesh
What is the result of an access control management process that adds new capabilities to users as
their job tasks change over time, but does not perform a regular reassessment of the assigned
authorization? correct answers Privilege creep
Which choice best describes a federation? correct answers An association of nonrelated third-
party organizations that share information based upon a single sign-on
What is the term used for the range of values that can be used to control the symmetric
encryption function while converting plaintext into ciphertext? correct answers Key space
What is a primary goal of a forensic investigator while collecting evidence? correct answers
Preserve evidence integrity.
How is granular control of objects and resources implemented within a mandatory access control
environment? correct answers Need to know
Which of the following types of access control is preferred for its ease of administration when
there are a large number of personnel with the same job in an organization? correct answers
Role-based Access Control
, How does a network access control (NAC) system ensure that only systems with current
configurations and the most recently approved updates are allowed to access the production
network? correct answers By checking for compliance each time a system attempts to access the
production network
Which attack attempts to steal information from victims by tricking them into visiting false or
fake Web sites using a spoofed email communication that seems to originate from a legitimate
source? correct answers Phishing
When crafting a digital signature, what are the initial steps in the process performed by the
sender? correct answers Hash the message, and then encrypt the digest with the private key.
Which means of authentication is NOT supported by IPSec? correct answers Biometrics
When an organization is unable to lose more than a few hours of data without experiencing
severe consequences, what means or method of backup is most appropriate? correct answers
Real-time backup
Which trust architecture or model is based on the concept of an individual top level entity that all
other entities trust and with entities organized in levels or layers below the top level? correct
answers Hierarchical trust
Which of the following statements is not true of an organizations incident response policy?
correct answers It should require the retaliation against repeat attackers.
When an organization has a properly implemented enterprise risk management (ERM), what is
the tool used to list and categorize each discovered or encountered risk? correct answers Risk
register
What is the only viable method a determined attacker can attempt to compromise an encrypted
file, assuming a publicly available cryptography standard was used? correct answers Brute force
guess the key
