SSCP Practice Test Questions

1048 Questions


Topic 1: Access Control

Which of the following questions is less likely to help in assessing physical access
controls?


A.

Does management regularly review the list of persons with physical access to sensitive
facilities?




B.

Is the operating system configured to prevent circumvention of the security software and
application controls?


C.

Are keys or other access devices needed to enter the computer room and media library?


D.

Are visitors to sensitive areas signed in and escorted?





What is the Biba security model concerned with?


A.

Confidentiality



B.

Reliability


C.

Availability


D.

Integrity





Which of the following remote access authentication systems is the most robust?


A.

TACACS




B.

RADIUS


C.

PAP


D.

TACACS





Which one of the following authentication mechanisms creates a problem for mobile users?


A.

Mechanisms based on IP addresses



B.

Mechanism with reusable passwords


C.

 one-time password mechanism.


D.

challenge response mechanism.





A central authority determines what subjects can have access to certain objects based on
the organizational security policy is called:


A.

Mandatory Access Control




B.

Discretionary Access Control


C.

 Non-Discretionary Access Control


D.

Rule-based Access control





In Discretionary Access Control the subject has authority, within certain limitations,


A.

but he is not permitted to specify what objects can be accessible and so we need to get
an independent third party to specify what objects can be accessible.




B.

 to specify what objects can be accessible.


C.

to specify on a aggregate basis without understanding what objects can be accessible.


D.

to specify in full detail what objects can be accessible.





Access Control techniques do not include which of the following choices?


A.

Relevant Access Controls




B.

Discretionary Access Control


C.

Mandatory Access Control


D.

 Lattice Based Access Control





Considerations of privacy, invasiveness, and psychological and physical comfort when
using the system are important elements for which of the following?


A.

Accountability of biometrics systems



B.

Acceptability of biometrics systems


C.

Availability of biometrics systems


D.

Adaptability of biometrics systems





What does the simple security (ss) property mean in the Bell-LaPadula model?


A.

No read up



B.

No write down


C.

No read down


D.

No write up





What does the (star) integrity axiom mean in the Biba model?


A.

No read up



B.

No write down


C.

No read down


D.

No write up





What does the simple integrity axiom mean in the Biba model?


A.

No write down



B.

No read down


C.


No read up


D.

No write up





Controlling access to information systems and associated networks is necessary for thepreservation of their:


A.

 Authenticity, confidentiality and availability



B.

Confidentiality, integrity, and availability.


C.


integrity and availability.


D.

authenticity,confidentiality, integrity and availability.






Page 12 out of 88 Pages
Previous