SSCPFree trialFree trial

By isc
Aug, 2025

Verified

25Q per page

Question 1

A potential problem related to the physical installation of the Iris Scanner in regards to the usage of the iris pattern within a biometric system is:

  • A: concern that the laser beam may cause eye damage
  • B: the iris pattern changes as a person grows older.
  • C: there is a relatively high rate of false accepts.
  • D: the optical unit must be positioned so that the sun does not shine into the aperture.

Question 2

A confidential number used as an authentication factor to verify a user's identity is called a:

  • A: PIN
  • B: User ID
  • C: Password
  • D: Challenge

Question 3

Which of the following protects a password from eavesdroppers and supports the encryption of communication?

  • A: Challenge Handshake Authentication Protocol (CHAP)
  • B: Challenge Handshake Identification Protocol (CHIP)
  • C: Challenge Handshake Encryption Protocol (CHEP)
  • D: Challenge Handshake Substitution Protocol (CHSP) A

Question 4

Which of the following exemplifies proper separation of duties?

  • A: Operators are not permitted modify the system time.
  • B: Programmers are permitted to use the system console.
  • C: Console operators are permitted to mount tapes and disks.
  • D: Tape operators are permitted to use the system console.

Question 5

Which of the following biometric devices offers the LOWEST CER?

  • A: Keystroke dynamics
  • B: Voice verification
  • C: Iris scan
  • D: Fingerprint

Question 6

Which of the following statements pertaining to access control is false?

  • A: Users should only access data on a need-to-know basis.
  • B: If access is not explicitly denied, it should be implicitly allowed.
  • C: Access rights should be granted based on the level of trust a company has on a subject.
  • D: Roles can be an efficient way to assign rights to a type of user who performs certain tasks.

Question 7

Which of the following is not a logical control when implementing logical access security?

  • A: access profiles.
  • B: userids.
  • C: employee badges.
  • D: passwords.

Question 8

Which access control model is also called Non Discretionary Access Control (NDAC)?

  • A: Lattice based access control
  • B: Mandatory access control
  • C: Role-based access control
  • D: Label-based access control

Question 9

What can be defined as a list of subjects along with their access rights that are authorized to access a specific object?

  • A: A capability table
  • B: An access control list
  • C: An access control matrix
  • D: A role-based matrix

Question 10

What is the difference between Access Control Lists (ACLs) and Capability Tables?

  • A: Access control lists are related/attached to a subject whereas capability tables are related/attached to an object.
  • B: Access control lists are related/attached to an object whereas capability tables are related/attached to a subject.
  • C: Capability tables are used for objects whereas access control lists are used for users.
  • D: They are basically the same.

Question 11

How are memory cards and smart cards different?

  • A: Memory cards normally hold more memory than smart cards
  • B: Smart cards provide a two-factor authentication whereas memory cards don't
  • C: Memory cards have no processing power
  • D: Only smart cards can be used for ATM cards

Question 12

What is the main focus of the Bell-LaPadula security model?

  • A: Accountability
  • B: Integrity
  • C: Confidentiality
  • D: Availability

Question 13

What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?

  • A: A
  • B: D
  • C: E
  • D: F

Question 14

Smart cards are an example of which type of control?

  • A: Detective control
  • B: Administrative control
  • C: Technical control
  • D: Physical control

Question 15

What security model implies a central authority that define rules and sometimes global rules, dictating what subjects can have access to what objects?

  • A: Flow Model
  • B: Discretionary access control
  • C: Mandatory access control
  • D: Non-discretionary access control

Question 16

Which of the following statements pertaining to biometrics is false?

  • A: Increased system sensitivity can cause a higher false rejection rate
  • B: The crossover error rate is the point at which false rejection rate equals the false acceptance rate.
  • C: False acceptance rate is also known as Type II error.
  • D: Biometrics are based on the Type 2 authentication mechanism.

Question 17

Which of the following statements pertaining to Kerberos is TRUE?

  • A: Kerberos does not address availability
  • B: Kerberos does not address integrity
  • C: Kerberos does not make use of Symmetric Keys
  • D: Kerberos cannot address confidentiality of information

Question 18

Which of the following centralized access control mechanisms is the least appropriate for mobile workers accessing the corporate network over analog lines?

  • A: TACACS
  • B: Call-back
  • C: CHAP
  • D: RADIUS

Question 19

What refers to legitimate users accessing networked services that would normally be restricted to them?

  • A: Spoofing
  • B: Piggybacking
  • C: Eavesdropping
  • D: Logon abuse D

Question 20

Which of the following is not a two-factor authentication mechanism?

  • A: Something you have and something you know.
  • B: Something you do and a password.
  • C: A smartcard and something you are.
  • D: Something you know and a password.

Question 21

Which of the following access control models requires defining classification for objects?

  • A: Role-based access control
  • B: Discretionary access control
  • C: Identity-based access control
  • D: Mandatory access control

Question 22

Which of the following statements pertaining to using Kerberos without any extension is false?

  • A: A client can be impersonated by password-guessing.
  • B: Kerberos is mostly a third-party authentication protocol.
  • C: Kerberos uses public key cryptography.
  • D: Kerberos provides robust authentication.

Question 23

Which of the following statements pertaining to Kerberos is false?

  • A: The Key Distribution Center represents a single point of failure.
  • B: Kerberos manages access permissions.
  • C: Kerberos uses a database to keep a copy of all users' public keys.
  • D: Kerberos uses symmetric key cryptography.

Question 24

Which of the following is an example of discretionary access control?

  • A: Identity-based access control
  • B: Task-based access control
  • C: Role-based access control
  • D: Rule-based access control

Question 25

Which of the following is NOT an advantage that TACACS+ has over TACACS?

  • A: Event logging
  • B: Use of two-factor password authentication
  • C: User has the ability to change his password
  • D: Ability for security tokens to be resynchronized
Page 1 of 7 • Questions 1-25 of 166
12345

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!