Download Cybersecurity Concepts and Practices and more Exams Nursing in PDF only on Docsity! SSCP Practice Tests How does IPSec verify that data arrived at the destination without intentional or accidental corruption? - correct answer ✔✔By using a randomized hashing operation How is quantitative risk analysis performed? - correct answer ✔✔Using calculations Your company adopts a new end-user security awareness program. This training includes malware introduction, social media issues, password guidelines, data exposure, and lost devices. How often should end users receive this training? - correct answer ✔✔upon new hire and once a year thereafter Your organization experienced an impersonation attack recently that compromised the network administrator's user account. In response, new security measures are being implemented throughout the organization. You have been assigned the task of improving authentication. You want a new authentication system that ensures the following: Eavesdropped passwords cannot be used by an attacker. Passwords are only able to be used once. Password predication must be prevented. Passwords are only valid for a short period of time. How can you accomplish these goals? - correct answer ✔✔Implement a synchronized, one-time password token-based authentication system. How can a user be assured that a file downloaded from a vendor's Web site is free from malicious code? - correct answer ✔✔Check the file's signature and hash calculation. Why do many security monitoring systems produce a visualization of the collected results? - correct answer ✔✔It represents complex or bulky data in an easy to understand format. What is the name of a cryptographic attack based on a database of pre-computed hash values and the original plaintext values? - correct answer ✔✔Rainbow table attack In addition to having at least one year of relevant experience in a domain of SSCP, what is another requirement to be qualified to take the SSCP exam? - correct answer ✔✔Agreeing to abide by the (ISC)2 Code Of Ethics What is the definition of the principle of least privilege? - correct answer ✔✔Users are assigned minimal privileges sufficient to accomplish job responsibilities. A common attack against converged network communications is eavesdropping. How can this attack be prevented? - correct answer ✔✔Use a VPN. What is the term used to describe an entry in a database describing a violation or exploit which is used to match real-time events in order to detect and record attacks by the continuous monitoring solution? - correct answer ✔✔Signature What would the most successful means of attacking an environment relying upon guest OSes that would result in the destruction or loss of use of the guest OSes be? - correct answer ✔✔Compromise the host OS. What is the technology that enables a user to authenticate to a company network from their assigned workstation and then be able to interact with resources throughout the private network without needing to enter additional credentials? - correct answer ✔✔Single sign-on What is a means to ensure that endpoint devices can interact with the Internet while minimizing risk of system compromise? - correct answer ✔✔Use a virtualized OS. When designing end-user training to teach employees about using cryptography within business tasks, which of the following is an important element to include? - correct answer ✔✔The consequences of failing to encrypt Which of the following is not considered an example of a non-discretionary access control system? - correct answer ✔✔ACL After searching for a version to purchase either from a local store or over the Internet, you discover that there are no copies of the software available for immediate access and use. The only version you can locate for purchase is through an overseas retailer. However, even with expedited shipping, it will not arrive until next Wednesday. During your search, you notice that there is a pirated copy available for download available immediately. How should you handle this situation according to (ISC)2 guidance? - correct answer ✔✔Purchase the legitimate product, and ask for a deadline extension. Which security service or benefit is NOT provided by a digital signature? - correct answer ✔✔Confidentiality How can multiple distinct physical network topologies be combined into a single network structure? - correct answer ✔✔Deploy a tree topology. Which type of network segment is created by a switch, but requires a routing function to be present to interact between network segments? - correct answer ✔✔VLAN Which action should be avoided when collecting evidence of a cybercrime? - correct answer ✔✔Rebooting the suspect's computer Which of the following is NOT a means to implement a Denial of Service (DoS) attack? - correct answer ✔✔Send dozens of email solicitation messages to an organization. Why are the audit findings presented to senior management? - correct answer ✔✔Only with approval can a response plan be implemented. What is the name of the process used to replace an old asymmetric key pair set with a new key pair set? - correct answer ✔✔Key rotation Which procedure is NOT a valid mechanism for performing account proofing when users are attempting to log into their account? - correct answer ✔✔Have the user type in the username and password a second time. Which type of cloud deployment involves several businesses working together to create a cloud system which they can each use? - correct answer ✔✔Community How does salting passwords reduce the likelihood that a password cracking attack will be successful? - correct answer ✔✔It increases the work load required to become successful. How can account provisioning be configured so that the assignment of rights and privileges is nearly automatic once the account is created? - correct answer ✔✔Use an RBAC mechanism where a new user's role is set by an HR admin. If an organization is able to process credit card transactions because they have entered into an arrangement to comply with the Payment Card Industry Data Security Standard (PCI-DSS), how is this arrangement integrated into the organization's incident handling scheme? - correct answer ✔✔Contractual obligations are included in the Standards policy. Which of the following is the best example of a threat agent? - correct answer ✔✔A disgruntled employee Remote control malware was found on a client device, and an unknown attacker was manipulating the network from afar. The attack resulted in the network switches reverting to flooding mode, thereby enabling the attacker to eavesdrop on a significant portion of network communications. After reviewing IDS and traffic logs, you determine that this was accomplished by an attack utility which generated a constant Ethernet frames with random source MAC addresses. What can be done to prevent this attack from occurring in the future? - correct answer ✔✔Use MAC limiting on the switch ports. An IT security manager is struggling to keep the organization's computers in working order. He is testing updates and configuring them to be installed onto systems and making tweaks to the configuration settings to various systems as business tasks require. However, he often discovers systems which do not have the necessary updates or which are using out-of-date settings. This may be caused by systems being disconnected from the company network when taken into the field or when used for special offline projects. What technology should the IT security manager implement to help handle this complex issue? - correct answer ✔✔NAC How is accountability typically enforced? - correct answer ✔✔Through AAA services Why is a security impact assessment performed as part of a change management process? - correct answer ✔✔To determine the likelihood of downtime or security reduction caused by a potential change When is it appropriate to contact law enforcement when an organization experiences a security breach? - correct answer ✔✔If a violation is more severe than just breaking company policy rules When using a cloud solution as a component of a backup strategy, what is the most important concern? - correct answer ✔✔Encryption of transfer and storage How is role-based access control implemented? - correct answer ✔✔By assigning a job name label to subjects Which security rule should be implemented to minimize risk of malware infection of endpoint systems? - correct answer ✔✔Disable the use of USB storage devices. How can the burden of handling a specific security risk be transferred to the shoulders of another organization? - correct answer ✔✔Outsourcing An intrusion prevention system (IPS) is considered a more active security product than that of an intrusion detection system (IDS). Which of the following is an active response? - correct answer ✔✔Disconnect a session What is the purpose of a business continuity plan (BCP)? - correct answer ✔✔To maintain the ability to perform mission critical work tasks while dealing with harmful events A common attack against wireless networks is to guess the static password needed to authenticate to the base station. Which technology can be used to minimize this risk? - correct answer ✔✔IEEE 802.1x Your company is partnering with Verigon to produce a new suite of services for the financial industry. To create and support these new services, both organizations will need to share content and perform What is the term used to refer to an activity, occurrence, or event which could cause damage or harm to an organization? - correct answer ✔✔Incident Which of the following clearance levels or classification labels is not generally used in a government- or military-based MAC scheme? - correct answer ✔✔Proprietary What is a security procedure? - correct answer ✔✔Detailed steps for performing specific tasks Your organization is using Kerberos for private network authentication. How does Kerberos demonstrate to a resource host that the identity of a user is valid? - correct answer ✔✔An ST is issued to the user, which is then sent to the resource host. What is the purpose of sharing threat intelligence? - correct answer ✔✔Equip other organizations to handle a looming security concern. When is a search warrant required? - correct answer ✔✔When evidence is located within a private location How is a digital certificate created? - correct answer ✔✔A subject's public key is signed by a CA's private key. What is the bit-length, hash-digest output of the SHA-1 hashing algorithm? - correct answer ✔✔160 How does a change management system ensure that updates to software do not cause unexpected downtime or reduction of security? - correct answer ✔✔By testing patches thoroughly before deployment What is the primary concern for any situation involving the triggering of a disaster recovery plan (DRP)? - correct answer ✔✔Preservation of human life Which malicious activity countermeasure is most effective at removing vulnerable elements from an organization's IT infrastructure? - correct answer ✔✔Patch management Which of the following types of activities is NOT commonly performed in preparation for a security assessment? - correct answer ✔✔Apply patches. When should security be implemented or included in the asset life cycle? - correct answer ✔✔As early as possible What is the purpose or benefit of an after-action report in an incident response strategy? - correct answer ✔✔To learn from events in order to improve future incident handling To avoid downtime and the need to trigger a business continuity plan (BCP), what preventative technique can be used to avoid single points of failure? - correct answer ✔✔Redundancy How can skilled IT workers evaluate new software without exposing their systems to infection or malware compromise? - correct answer ✔✔Test using a sandbox. What is the most appropriate use of IPSec? - correct answer ✔✔Data transmission protection Which wireless configuration protocol can use either RC4 or TKIP for communication encryption? - correct answer ✔✔WPA Why is it important to perform a physical security assessment after a fire, chemical release, or bomb false alarm? - correct answer ✔✔The event could have been triggered as a distraction to alter physical security mechanisms. What type of event is more likely to trigger the business continuity plan (BCP) rather than the disaster recovery plan (DRP)? - correct answer ✔✔A security breach of an administrator account Why is change control and management used as a component of software asset management? - correct answer ✔✔To prevent or reduce unintended reduction in security How can a user be given the power to set privileges on an object for other users when within a DAC operating system? - correct answer ✔✔Grant the user full control over the object. Which term refers to the virtualization of networking which grants more control and flexibility over networking than using the traditional hardware-only means of network management? - correct answer ✔✔Software-defined network What is the activity called where hackers travel around an area in search for wireless network signals? - correct answer ✔✔War driving Selecting a cloud provider can be a challenge. Often, it is not possible to determine whether a provider's services are sufficient for your needs until you have started using its service. If you determine that an initial cloud system is insufficient and you need to move your data and custom code to a different cloud provider, what is needed as a feature of the initial cloud provider that did not work out for you? - correct answer ✔✔Data portability What is a benefit of a host-based firewall? - correct answer ✔✔Block attacks originating from the local network. What is the primary method of authentication used in a typical PKI deployment? - correct answer ✔✔Digital certificates Why are initialization vectors used as common components of encryption algorithms? - correct answer ✔✔They increase the chaos in encrypted output. When working with big data, the storage location where all of the raw data is housed until it is needed for mining or processing is known as? - correct answer ✔✔Data lake How can operational controls be used to improve security compliance? - correct answer ✔✔Set procedures for work tasks and provide training. What is the term used to refer to anything that can potentially cause harm to an asset? - correct answer ✔✔Threat Why should the risks of an organization be reported as defined by enterprise risk management (ERM)? - correct answer ✔✔It helps with internal transparency, risk assessment, risk response, and risk monitoring.