SSCP Exam Questions

Total 1048 Questions

Last Updated Exam : 28-Mar-2025

Topic 1: Access Control

Which of the following biometric devices offers the LOWEST CER?


A.

Keystroke dynamics




B.

Voice verification


C.

Iris scan


D.

Fingerprint





In the CIA triad, what does the letter A stand for?


A.

 Auditability




B.

Accountability


C.

Availability


D.

 Authentication





What is the primary role of smartcards in a PKI?


A.

 Transparent renewal of user keys


B.

Easy distribution of the certificates between the users


C.

Easy distribution of the certificates between the users


D.

Tamper resistant, mobile storage and application of private keys of the users





Which of the following is not a physical control for physical security?


A.

 lighting




B.

 fences


C.

training


D.

facility construction materials





Guards are appropriate whenever the function required by the security program involves
which of the following?


A.

The use of discriminating judgment




B.

The use of physical force


C.

The operation of access control devices


D.

The need to detect unauthorized access





Detective/Technical measures:


A.

 include intrusion detection systems and automatically-generated violation reports from
audit trail information.

.


B.

do not include intrusion detection systems and automatically-generated violation reports
from audit trail information.


C.

 include intrusion detection systems but do not include automatically-generated violation
reports from audit trail information


D.

 include intrusion detection systems and customised-generated violation reports from
audit trail information





When submitting a passphrase for authentication, the passphrase is converted into ...


A.

 a virtual password by the system


B.

 a new passphrase by the system


C.

a new passphrase by the encryption technology


D.

 a real password by the system which can be used forever





Which of the following is needed for System Accountability?


A.

Audit mechanisms.
.



B.

Documented design as laid out in the Common Criteria


C.

Authorization.


D.

 Formal verification of system design





In biometric identification systems, at the beginning, it was soon apparent that truly positive
identification could only be based on :


A.

 sex of a person




B.

physical attributes of a person


C.

age of a person


D.

 voice of a person





Which type of attack involves impersonating a user or a system?


A.

Smurfing attack




B.

 Spoofing attack


C.

Spamming attack


D.

Sniffing attack






Page 19 out of 105 Pages
Previous