Free Practice Questions for ISC2 SSCP Exam

Which of the following is true about link encryption?

• Each entity has a common key with the destination node.
• Encrypted messages are only decrypted by the final node.
• This mode does not provide protection if anyone of the nodes along the transmission path is compromised.
• Only secure nodes are used in this type of transmission.

Which of the following statements pertaining to a Criticality Survey is incorrect?

• It is implemented to gather input from all personnel that is going to be part of the recovery teams.
• The purpose of the survey must be clearly stated.
• Management's approval should be obtained before distributing the survey.
• Its intent is to find out what services and systems are critical to keeping the organization in business.

Which type of attack involves hijacking a session between a host and a target by predicting the target's choice of an initial TCP sequence number?

• IP spoofing attack
• SYN flood attack
• TCP sequence number attack
• Smurf attack

A timely review of system access audit records would be an example of which of the basic security functions?

• avoidance.
• deterrence.
• prevention.
• detection.

The session layer provides a logical persistent connection between peer hosts. Which of the following is one of the modes used in the session layer to establish this connection?

• Full duplex
• Synchronous
• Asynchronous
• Half simplex
• 245 - Call Control Protocol for Multimedia Communication ISO-SP OSI session-layer protocol (X.225, ISO 8327) iSNS - Internet Storage Name Service The following are incorrect answers: Synchronous and Asynchronous are not session layer modes. Half simplex does not exist. By definition, simplex means that information travels one way only, so half-simplex is a oxymoron. Reference(s) used for this question: Hernandez CISSP , Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 5603-5636). Auerbach Publications. Kindle Edition. and http://www.tcpipguide.com/free/t_SimplexFullDuplexandHalfDuplexOperation.htm and http://www.wisegeek.com/what-is-a-session-layer.htm

What is it called when a computer uses more than one CPU in parallel to execute instructions?

• Multiprocessing
• Multitasking
• Multithreading
• Parallel running

Which of the following are additional access control objectives?

• Consistency and utility
• Reliability and utility
• Usefulness and utility
• Convenience and utility

Which of the following services is NOT provided by the digital signature standard (DSS)?

• Encryption
• Integrity
• Digital signature
• Authentication

Which of the following protocols is designed to send individual messages securely?

• Kerberos
• Secure Electronic Transaction (SET).
• Secure Sockets Layer (SSL).
• Secure HTTP (S-HTTP).

What refers to legitimate users accessing networked services that would normally be restricted to them?

• Spoofing
• Piggybacking
• Eavesdropping
• Logon abuse