Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

SSCP by ISC - Page 1 | ExamCademy

Mode Selection

Question 1

Question 2

Question 3

Which of the following protects a password from eavesdroppers and supports the encryption of communication?

A Challenge Handshake Authentication Protocol (CHAP)
B Challenge Handshake Identification Protocol (CHIP)
C Challenge Handshake Encryption Protocol (CHEP)
D Challenge Handshake Substitution Protocol (CHSP) A

Question 4

Which of the following exemplifies proper separation of duties?

A Operators are not permitted modify the system time.
B Programmers are permitted to use the system console.
C Console operators are permitted to mount tapes and disks.
D Tape operators are permitted to use the system console.

Question 5

Which of the following biometric devices offers the LOWEST CER?

A Keystroke dynamics
B Voice verification
C Iris scan
D Fingerprint

Question 6

Which of the following statements pertaining to access control is false?

A Users should only access data on a need-to-know basis.
B If access is not explicitly denied, it should be implicitly allowed.
C Access rights should be granted based on the level of trust a company has on a subject.
D Roles can be an efficient way to assign rights to a type of user who performs certain tasks.

Question 7

Which of the following is not a logical control when implementing logical access security?

A access profiles.
B userids.
C employee badges.
D passwords.

Question 8

Which access control model is also called Non Discretionary Access Control (NDAC)?

A Lattice based access control
B Mandatory access control
C Role-based access control
D Label-based access control

Question 9

What can be defined as a list of subjects along with their access rights that are authorized to access a specific object?

A A capability table
B An access control list
C An access control matrix
D A role-based matrix

Question 10

What is the difference between Access Control Lists (ACLs) and Capability Tables?

A Access control lists are related/attached to a subject whereas capability tables are related/attached to an object.
B Access control lists are related/attached to an object whereas capability tables are related/attached to a subject.
C Capability tables are used for objects whereas access control lists are used for users.
D They are basically the same.

Question 11

How are memory cards and smart cards different?

A Memory cards normally hold more memory than smart cards
B Smart cards provide a two-factor authentication whereas memory cards don't
C Memory cards have no processing power
D Only smart cards can be used for ATM cards

Question 12

What is the main focus of the Bell-LaPadula security model?

A Accountability
B Integrity
C Confidentiality
D Availability

Question 13

What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?

A A
B D
C E
D F

Question 14

Smart cards are an example of which type of control?

A Detective control
B Administrative control
C Technical control
D Physical control

Question 15

What security model implies a central authority that define rules and sometimes global rules, dictating what subjects can have access to what objects?

A Flow Model
B Discretionary access control
C Mandatory access control
D Non-discretionary access control

Question 16

Which of the following statements pertaining to biometrics is false?

A Increased system sensitivity can cause a higher false rejection rate
B The crossover error rate is the point at which false rejection rate equals the false acceptance rate.
C False acceptance rate is also known as Type II error.
D Biometrics are based on the Type 2 authentication mechanism.

Question 17

Which of the following statements pertaining to Kerberos is TRUE?

A Kerberos does not address availability
B Kerberos does not address integrity
C Kerberos does not make use of Symmetric Keys
D Kerberos cannot address confidentiality of information

Question 18

Which of the following centralized access control mechanisms is the least appropriate for mobile workers accessing the corporate network over analog lines?

A TACACS
B Call-back
C CHAP
D RADIUS

Question 19

What refers to legitimate users accessing networked services that would normally be restricted to them?

A Spoofing
B Piggybacking
C Eavesdropping
D Logon abuse D

Question 20

Which of the following is not a two-factor authentication mechanism?

A Something you have and something you know.
B Something you do and a password.
C A smartcard and something you are.
D Something you know and a password.

Question 21

Which of the following access control models requires defining classification for objects?

A Role-based access control
B Discretionary access control
C Identity-based access control
D Mandatory access control

Question 22

Which of the following statements pertaining to using Kerberos without any extension is false?

A A client can be impersonated by password-guessing.
B Kerberos is mostly a third-party authentication protocol.
C Kerberos uses public key cryptography.
D Kerberos provides robust authentication.

Question 23

Which of the following statements pertaining to Kerberos is false?

A The Key Distribution Center represents a single point of failure.
B Kerberos manages access permissions.
C Kerberos uses a database to keep a copy of all users' public keys.
D Kerberos uses symmetric key cryptography.

Question 24

Which of the following is an example of discretionary access control?

A Identity-based access control
B Task-based access control
C Role-based access control
D Rule-based access control

Question 25

Which of the following is NOT an advantage that TACACS+ has over TACACS?

A Event logging
B Use of two-factor password authentication
C User has the ability to change his password
D Ability for security tokens to be resynchronized

Page 1 of 7 • Questions 1-25 of 166

1 2 3 4 5

→

Know a question that should be here? Contribute to this exam

A potential problem related to the physical installation of the Iris Scanner in regards to the usage of the iris pattern within a biometric system is:

A concern that the laser beam may cause eye damage
B the iris pattern changes as a person grows older.
C there is a relatively high rate of false accepts.
D the optical unit must be positioned so that the sun does not shine into the aperture.

A confidential number used as an authentication factor to verify a user's identity is called a:

A PIN
B User ID
C Password
D Challenge

SSCPPreview