Tag - SSCP exam

What can best be defined as the sum of protection mechanisms inside the computer, including hardware, firmware and software?A .  Trusted systemB .  Security kernelC .  Trusted computing baseD .  Security perimeterView AnswerAnswer: C Explanation: The Trusted Computing Base (TCB) is defined as the total combination of protection mechanisms within...

Which of the following would be true about Static password tokens?A .  The owner identity is authenticated by the tokenB .  The owner will never be authenticated by the token.C .  The owner will authenticate himself to the system.D .  The token does not authenticates the token owner but the...

What does the simple integrity axiom mean in the Biba model?A .  No write downB .  No read downC .  No read upD .  No write upView AnswerAnswer: B Explanation: The simple integrity axiom of the Biba access control model states that a subject at one level of integrity is...

Which of the following attacks could capture network user passwords?A .  Data diddlingB .  SniffingC .  IP SpoofingD .  SmurfingView AnswerAnswer: B Explanation: A network sniffer captures a copy every packet that traverses the network segment the sniffer is connect to. Sniffers are typically devices that can collect information from...

Which of the following is the WEAKEST authentication mechanism?A .  PassphrasesB .  PasswordsC .  One-time passwordsD .  Token devicesView AnswerAnswer: B Explanation: Most of the time users usually choose passwords which can be guessed , hence passwords is the BEST answer out of the choices listed above. The following answers...

An access system that grants users only those rights necessary for them to perform their work is operating on which security principle?A .  Discretionary AccessB .  Least PrivilegeC .  Mandatory AccessD .  Separation of DutiesView AnswerAnswer: B Explanation: Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.

Which is the last line of defense in a physical security sense?A .  peopleB .  interior barriersC .  exterior barriersD .  perimeter barriersView AnswerAnswer: A Explanation: "Ultimately, people are the last line of defense for your company’s assets" (Pastore & Dulaney, 2006, p. 529). Pastore, M. and Dulaney, E. (2006). CompTIA...

In addition to the accuracy of the biometric systems, there are other factors that must also be considered:A .  These factors include the enrollment time and the throughput rate, but not acceptability.B .  These factors do not include the enrollment time, the throughput rate, and acceptability.C .  These factors include...

Related to information security, the guarantee that the message sent is the message received with the assurance that the message was not intentionally or unintentionally altered is an example of which of the following?A .  integrityB .  confidentialityC .  availabilityD .  identityView AnswerAnswer: A Explanation: Integrity is the guarantee that...

Which of the following biometric characteristics cannot be used to uniquely authenticate an individual's identity?A .  Retina scansB .  Iris scansC .  Palm scansD .  Skin scansView AnswerAnswer: D Explanation: The following are typical biometric characteristics that are used to uniquely authenticate an individual's identity: Fingerprints Retina scans Iris scans...