[UPDATED 2024] SSCP dumps Free Test Engine Verified By Certified Experts [Q180-Q195]

[UPDATED 2024] SSCP dumps Free Test Engine Verified By Certified Experts

Realistic SSCP Accurate & Verified Answers As Experienced in the Actual Test!

The SSCP certification is an excellent choice for IT professionals who are looking to specialize in network and systems security. The program is designed to provide a comprehensive understanding of the key concepts and best practices in information security, and it is recognized globally as a valuable credential. System Security Certified Practitioner (SSCP) certification is ideal for professionals working in roles such as network security engineer, systems administrator, security analyst, and security consultant.

The SSCP exam covers a wide range of topics related to system security, including access controls, network security, cryptography, risk management, and incident response. SSCP exam consists of 125 multiple-choice questions and must be completed within three hours. Candidates must achieve a score of at least 700 out of 1000 to pass the exam. The SSCP certification is valid for three years, after which candidates must recertify by demonstrating their continued knowledge and skills in the field of system security. Overall, the ISC SSCP exam is an essential certification for professionals who are looking to advance their career in the field of information security.

 

NEW QUESTION # 180
A DMZ is located:

• A. right in front of your first Internet facing firewall
• B. right behind your first Internet facing firewall
• C. right behind your first network passive Internet http firewall
• D. right behind your first network active firewall

Answer: B

Explanation:
Explanation/Reference:
While the purpose of systems in the DMZ is to allow public access to certain internal network resources (EMAIL, DNS, Web), it is a good practice to restrict that access to the minimum necessary to provide those services through use of a firewall.
In computer security, a DMZ or Demilitarized Zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external attacker only has direct access to equipment in the DMZ, rather than any other part of the network. The name is derived from the term
"demilitarized zone", an area between nation states in which military operation is not permitted.
The following are incorrect answers:
"Right in front of your first Internet facing firewall" While the purpose of systems in the DMZ is to allow public access to certain internal network resources (EMAIL, DNS, Web), it is a good practice to restrict that access to the minimum necessary to provide those services through use of a firewall.
"Right behind your first network active firewall" This is an almost-right-sounding answer meant to distract the unwary.
"Right behind your first network passive Internet http firewall" This is an almost-right-sounding answer meant to distract the unwary.
References:
CBK, p. 434
and
AIO3, p. 483
and
http://en.wikipedia.org/wiki/DMZ_%28computing%29

NEW QUESTION # 181
RADIUS incorporates which of the following services?

• A. Authentication of clients and static passwords generation.
• B. Authentication server as well as support for Static and Dynamic passwords.
• C. Authentication of clients and dynamic passwords generation.
• D. Authentication server and PIN codes.

Answer: B

Explanation:
A Network Access Server (NAS) operates as a client of RADIUS. The client
is responsible for passing user information to
designated RADIUS servers, and then acting on the response which is returned.
RADIUS servers are responsible for receiving user connection requests, authenticating the
user, and then returning all
configuration information necessary for the client to deliver service to the user.
RADIUS authentication is based on provisions of simple username/password credentials.
These credentials are encrypted
by the client using a shared secret between the client and the RADIUS server. OIG 2007,
Page 513
RADIUS incorporates an authentication server and can make uses of both dynamic and
static passwords.
Since it uses the PAP and CHAP protocols, it also incluses static passwords.
RADIUS is an Internet protocol. RADIUS carries authentication, authorization, and
configuration information between a Network Access Server and a shared Authentication
Server. RADIUS features and functions are described primarily in the IETF (International
Engineering Task Force) document RFC2138.
The term " RADIUS" is an acronym which stands for Remote Authentication Dial In User
Service.
The main advantage to using a RADIUS approach to authentication is that it can provide a
stronger form of authentication. RADIUS is capable of using a strong, two-factor form of
authentication, in which users need to possess both a user ID and a hardware or software
token to gain access.
Token-based schemes use dynamic passwords. Every minute or so, the token generates a
unique 4-, 6- or 8-digit access number that is synchronized with the security server. To gain
entry into the system, the user must generate both this one-time number and provide his or
her user ID and password.
Although protocols such as RADIUS cannot protect against theft of an authenticated
session via some realtime attacks, such as wiretapping, using unique, unpredictable
authentication requests can protect against a wide range of active attacks.
RADIUS: Key Features and Benefits
Features Benefits
RADIUS supports dynamic passwords and challenge/response passwords.
Improved system security due to the fact that passwords are not static.
It is much more difficult for a bogus host to spoof users into giving up their passwords or
password-generation algorithms.
RADIUS allows the user to have a single user ID and password for all computers in a
network.
Improved usability due to the fact that the user has to remember only one login
combination.
RADIUS is able to:
Prevent RADIUS users from logging in via login (or ftp).
Require them to log in via login (or ftp)
Require them to login to a specific network access server (NAS);
Control access by time of day.
Provides very granular control over the types of logins allowed, on a per-user basis.
The time-out interval for failing over from an unresponsive primary RADIUS server to a
backup RADIUS server is site-configurable.
RADIUS gives System Administrator more flexibility in managing which users can login
from which hosts or devices.
Stratus Technology Product Brief
http://www.stratus.com/products/vos/openvos/radius.htm
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, 2001, John Wiley & Sons, Pages 43, 44.
Also check: MILLER, Lawrence & GREGORY, Peter, CISSP for Dummies, 2002, Wiley
Publishing, Inc., pages 45-46.

NEW QUESTION # 182
Which of the following is NOT a common integrity goal?

• A. Prevent authorized users from making improper modifications.
• B. Prevent unauthorized users from making modifications.
• C. Maintain internal and external consistency.
• D. Prevent paths that could lead to inappropriate disclosure.

Answer: D

Explanation:
Inappropriate disclosure is a confidentiality, not an integrity goal.
All of the other choices above are integrity goals addressed by the Clark-Wilson integrity
model.
The Clark-Wilson model is an integrity model that addresses all three integrity goals:
1.prevent unauthorized users from making modifications,
2.prevent authorized users from making improper modifications, and
3.maintain internal and external consistency through auditing.
NOTE: Biba address only the first goal of integrity above
Reference(s) used for this question:
Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 1384). McGraw-
Hill. Kindle Edition.

NEW QUESTION # 183
Which of the following remote access authentication systems is the most robust?

• A. PAP
• B. TACACS
• C. RADIUS
• D. TACACS+

Answer: D

Explanation:
Section: Network and Telecommunications
Explanation/Reference:
TACACS+ is a proprietary Cisco enhancement to TACACS and is more robust than RADIUS. PAP is not a remote access authentication system but a remote node security protocol.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page
122).

NEW QUESTION # 184
Secure Shell (SSH-2) provides all the following services except:

• A. secure remote login
• B. port forwarding
• C. command execution
• D. user authentication

Answer: D

Explanation:
This is one of the tricky negative question. You have to pay close attention to the word EXCEPT within the question.
The SSH transport layer is a secure, low level transport protocol. It provides strong encryption, cryptographic host authentication, and integrity protection.
Authentication in this protocol level is host-based; this protocol does not perform user authentication. A higher level protocol for user authentication can be designed on top of this protocol.
The protocol has been designed to be simple and flexible to allow parameter negotiation, and to minimize the number of round-trips. The key exchange method, public key algorithm, symmetric encryption algorithm, message authentication algorithm, and hash algorithm are all negotiated. It is expected that in most environments, only 2 round-trips will be needed for full key exchange, server authentication, service request, and acceptance notification of service request. The worst case is 3 round-trips.
The following are incorrect answers:
"Remote log-on" is incorrect. SSH does provide remote log-on. "Command execution" is incorrect. SSH does provide command execution.
"Port forwarding" is incorrect. SSH does provide port forwarding. SSH also has a wonderful feature called SSH Port Forwarding, sometimes called SSH Tunneling, which allows you to establish a secure SSH session and then tunnel arbitrary TCP connections through it. Tunnels can be created at any time, with almost no effort and no programming, which makes them very appealing. See the article below in the reference to take a look at SSH Port Forwarding in detail, as it is a very useful but often misunderstood technology. SSH Port Forwarding can be used for secure communications in a myriad of different ways.
You can see a nice tutorial on the PUTTY web site on how to use PUTTY to do port forwarding at:
http://www.cs.uu.nl/technical/services/ssh/putty/puttyfw.html

NEW QUESTION # 185
Which of the following was developed as a simple mechanism for allowing simple network terminals to load their operating system from a server over the LAN?

• A. DHCP
• B. ARP
• C. BootP
• D. DNS

Answer: C

Explanation:
Section: Network and Telecommunications
Explanation/Reference:
BootP was developed as a simple mechanism for allowing simple network terminals to load their operating system from a server over the LAN. Over time, it has expanded to allow centralized configuration of many aspects of a host's identity and behavior on the network. Note that DHCP, more complex, has replaced BootP over time.
Source: STREBE, Matthew and PERKINS, Charles, Firewalls 24seven, Sybex 2000, Chapter 4: Sockets and Services from a Security Viewpoint.

NEW QUESTION # 186
Which of the following is used in database information security to hide information?

• A. Inheritance
• B. Delegation
• C. Polyinstantiation
• D. Polymorphism

Answer: C

Explanation:
Explanation/Reference:
Polyinstantiation enables a relation to contain multiple tuples with the same primary keys with each instance distinguished by a security level. When this information is inserted into a database, lower-level subjects need to be restricted from this information. Instead of just restricting access, another set of data is created to fool the lower-level subjects into thinking that the information actually means something else.
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter
11: Application and System Development (page 727).

NEW QUESTION # 187
What type of software can be used to prevent, detect (and possibly correct) malicious activities on a system?

• A. Personal Firewall
• B. Antivirus
• C. All methods listed
• D. IDS - host based

Answer: C

NEW QUESTION # 188
What is called an exception to the search warrant requirement that allows an officer to conduct a search without having the warrant in-hand if probable cause is present and destruction of the evidence is deemed imminent?

• A. Evidence of Admissibility Doctrine
• B. Exigent Probable Doctrine
• C. Evidence Circumstance Doctrine
• D. Exigent Circumstance Doctrine

Answer: D

Explanation:
Explanation/Reference:
An Exigent Circumstance is an unusual and time-sensitive circumstance that justifies conduct that might not be permissible or lawful in other circumstances.
For example, exigent circumstances may justify actions by law enforcement officers acting without a warrant such as a mortal danger to a young child. Examples of other exigent circumstances include protecting evidence or property from imminent destruction.
In US v Martinez, Justice Thomas of the United States Court of Appeal used these words:
"As a general rule, we define exigent circumstances as those circumstances that would cause a reasonable person to believe that entry was necessary to prevent physical harm to the officers or other persons, the destruction of relevant evidence, the escape of the suspect, or some other consequence improperly frustrating legitimate law enforcement efforts."
In Alvarado, Justice Blackburn of the Court of Appeals of Georgia referred to exigent circumstances in the context of a drug bust:
"The exigent circumstance doctrine provides that when probable cause has been established to believe that evidence will be removed or destroyed before a warrant can be obtained, a warrantless search and seizure can be justified. As many courts have noted, the need for the exigent circumstance doctrine is particularly compelling in narcotics cases, because contraband and records can be easily and quickly destroyed while a search is progressing. Police officers relying on this exception must demonstrate an objectively reasonable basis for deciding that immediate action is required." All of the other answers were only detractors made up and not legal terms.
Reference(s) used for this question:
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 313.
and
http://www.duhaime.org/LegalDictionary/E/ExigentCircumstances.aspx

NEW QUESTION # 189
What is the primary difference between FTP and TFTP?

• A. TFTP is used to transfer configuration files to and from network equipment.
• B. Speed of negotiation
• C. Ability to automate
• D. Authentication

Answer: D

Explanation:
Section: Network and Telecommunications
Explanation/Reference:
TFTP (Trivial File Transfer Protocol) is sometimes used to transfer configuration files from equipments such as routers but the primary difference between FTP and TFTP is that TFTP does not require authentication. Speed and ability to automate are not important.
Both of these protocols (FTP and TFTP) can be used for transferring files across the Internet. The differences between the two protocols are explained below:
FTP is a complete, session-oriented, general purpose file transfer protocol. TFTP is used as a bare-bones special purpose file transfer protocol.
FTP can be used interactively. TFTP allows only unidirectional transfer of files.
FTP depends on TCP, is connection oriented, and provides reliable control. TFTP depends on UDP, requires less overhead, and provides virtually no control.
FTP provides user authentication. TFTP does not.
FTP uses well-known TCP port numbers: 20 for data and 21 for connection dialog. TFTP uses UDP port number 69 for its file transfer activity.
The Windows NT FTP server service does not support TFTP because TFTP does not support authentication.
Windows 95 and TCP/IP-32 for Windows for Workgroups do not include a TFTP client program.
Ref: http://support.microsoft.com/kb/102737

NEW QUESTION # 190
Which of the following countermeasures would be the most appropriate to prevent possible intrusion or damage from wardialing attacks?

• A. Using completely different numbers for voice and data accesses
• B. Making sure only necessary phone numbers are made public
• C. Require user authentication
• D. Monitoring and auditing for such activity

Answer: C

Explanation:
Explanation/Reference:
Knowlege of modem numbers is a poor access control method as an attacker can discover modem numbers by dialing all numbers in a range. Requiring user authentication before remote access is granted will help in avoiding unauthorized access over a modem line.
"Monitoring and auditing for such activity" is incorrect. While monitoring and auditing can assist in detecting a wardialing attack, they do not defend against a successful wardialing attack.
"Making sure that only necessary phone numbers are made public" is incorrect. Since a wardialing attack blindly calls all numbers in a range, whether certain numbers in the range are public or not is irrelevant.
"Using completely different numbers for voice and data accesses" is incorrect. Using different number ranges for voice and data access might help prevent an attacker from stumbling across the data lines while wardialing the public voice number range but this is not an adequate countermeaure.
References:
CBK, p. 214
AIO3, p. 534-535

NEW QUESTION # 191
In telephony different types of connections are being used. The connection from the phone company's branch office to local customers is referred to as which of the following choices?

• A. loopback
• B. local loop
• C. indigenous loop
• D. new loop

Answer: B

Explanation:
Section: Network and Telecommunications
Explanation/Reference:
Transmission on fiber optic wire requires repeating at distance intervals. The glass fiber requires more protection within an outer cable than copper. For these reasons and because the installation of any new wiring is labor-intensive, few communities yet have fiber optic wires or cables from the phone company's branch office to local customers (local loop).
In telephony, a local loop is the wired connection from a telephone company's central office in a locality to its customers' telephones at homes and businesses. This connection is usually on a pair of copper wires called twisted pair. The system was originally designed for voice transmission only using analog transmission technology on a single voice channel. Today, your computer's modem makes the conversion between analog signals and digital signals. With Integrated Services Digital Network (ISDN) or Digital Subscriber Line (DSL), the local loop can carry digital signals directly and at a much higher bandwidth than they do for voice only.
Local Loop diagram

Image from: http://www.thenetworkencyclopedia.com/entry/local-loop/
The following are incorrect answers:
New loop This is only a detractor and does not exist
Loopback In telephone systems, a loopback is a test signal sent to a network destination that is returned as received to the originator. The returned signal may help diagnose a problem.
Ingenious loop This is only a detractor and does not exist
Reference(s) used for this question:
http://searchnetworking.techtarget.com/definition/local-loop
and
STEINER, Kurt, Telecommunications and Network Security, Version 1, May 2002, CISSP Open Study Group (Domain Leader: skottikus), Page 14.

NEW QUESTION # 192
Which of the following statements do not apply to a hot site?

• A. There are cases of common overselling of processing capabilities by the service provider.
• B. It provides a false sense of security.
• C. It is accessible on a first come first serve basis. In case of large disaster it might not be accessible.
• D. It is expensive.

Answer: B

Explanation:
Remember this is a NOT question. Hot sites do not provide a false sense of security since they are the best disaster recovery alternate for backup site that you rent.
A Cold, Warm, and Hot site is always a rental place in the context of the CBK. This is definivily the best choices out of the rental options that exists. It is fully configured and can be activated in a very short period of time.
Cold and Warm sites, not hot sites, provide a false sense of security because you can never fully test your plan.
In reality, using a cold site will most likely make effective recovery impossible or could lead to business closure if it takes more than two weeks for recovery.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 8: Business Continuity Planning and Disaster Recovery Planning (page 284).

NEW QUESTION # 193
Which of the following access control techniques best gives the security officers the ability to specify and enforce enterprise-specific security policies in a way that maps naturally to an organization's structure?

• A. Access control lists
• B. Discretionary access control
• C. Role-based access control
• D. Non-mandatory access control

Answer: C

Explanation:
Role-based access control (RBAC) gives the security officers the ability to specify and enforce enterprise-specific security policies in a way that maps naturally to an organization's structure.
Each user is assigned one or more roles, and each role is assigned one or more privileges that are given to users in that role. An access control list (ACL) is a table that tells a system which access rights each user has to a particular system object. With discretionary access control, administration is decentralized and owners of resources control other users' access. Non- mandatory access control is not a defined access control technique.

NEW QUESTION # 194
Which of the following are used in Biometrics?

• A. Voice Recognition
• B. Fingerprints
• C. All of the above
• D. Retinal Scanning
• E. Face Recognition
• F. None of the above

Answer: C

NEW QUESTION # 195
......

Latest ISC SSCP Practice Test Questions: https://pass4sure.practicedump.com/SSCP-exam-questions.html