• Home
  • Articles
  • SSCP Questions Prepare with Learning Information! 2025 Regularly updated [Q633-Q657]

SSCP Questions Prepare with Learning Information! 2025 Regularly updated [Q633-Q657]

Share

SSCP Questions Prepare with Learning Information! 2025 Regularly updated

Get SSCP Products Practice Material for SSCP Exam Question Preparation


ISC SSCP certification exam is a challenging exam that requires candidates to have a deep understanding of system security concepts and practices. SSCP exam is designed to test a candidate's knowledge and skills in various areas of system security, including access controls, cryptography, network and communications security, risk management, and security operations and administration. Candidates who pass the exam are recognized as experts in the field of system security and are highly sought after by organizations around the world.


The SSCP exam covers seven domains in system security, including access controls, network and communications security, risk identification, monitoring and analysis, cryptography, malware and vulnerability analysis, and security operations and administration. SSCP exam is designed to test the candidate's knowledge and skills in each of these domains, and the candidate must demonstrate proficiency in all of them to earn the certification. SSCP exam consists of 125 multiple-choice questions, and candidates have three hours to complete it.

 

NEW QUESTION # 633
Which of the following category of UTP cables is specified to be able to handle gigabit Ethernet (1 Gbps) according to the EIA/TIA-568-B standards?

  • A. Category 3 UTP
  • B. Category 2 UTP
  • C. Category 5e UTP
  • D. Category 1e UTP

Answer: C

Explanation:
Section: Network and Telecommunications
Explanation/Reference:
Categories 1 through 6 are based on the EIA/TIA-568-B standards.
On the newer wiring for LANs is CAT5e, an improved version of CAT5 which used to be outside of the standard, for more information on twisted pair, please see: twisted pair.
Category Cable Type Mhz Usage Speed
CAT1 UTP Analog voice, Plain Old Telephone System (POTS)
CAT2 UTP 4 Mbps on Token Ring, also used on Arcnet networks
CAT3 UTP, ScTP, STP 16 MHz 10 Mbps
CAT4 UTP, ScTP, STP 20 MHz 16 Mbps on Token Ring Networks
CAT5 UTP, ScTP, STP 100 MHz 100 Mbps on ethernet, 155 Mbps on ATM
CAT5e UTP, ScTP, STP 100 MHz 1 Gbps (out of standard version, improved version of CAT5) CAT6 UTP, ScTP, STP 250 MHz 10 Gbps CAT7 ScTP, STP 600 M 100 Gbps Category 6 has a minumum of 250 MHz of bandwidth. Allowing 10/100/1000 use with up to 100 meter cable length, along with 10GbE over shorter distances.
Category 6a or Augmented Category 6 has a minimum of 500 MHz of bandwidth. It is the newest standard and allows up to 10GbE with a length up to 100m.
Category 7 is a future cabling standard that should allow for up to 100GbE over 100 meters of cable. Expected availability is in 2013. It has not been approved as a cable standard, and anyone now selling you Cat. 7 cable is fooling you.
REFERENCES:
http://donutey.com/ethernet.php
http://en.wikipedia.org/wiki/TIA/EIA-568-B
http://en.wikipedia.org/wiki/Category_1_cable


NEW QUESTION # 634
Which of the following is a device that is used to regenerate or replicate the received signals?

  • A. Router
  • B. Brouter
  • C. Repeater
  • D. Bridge

Answer: C

Explanation:
Repeaters offer the simplest form of connectivity. They regenerate received electrical signals at their original strength between cable segments. Bridges are devices used to connect similar or dissimilar LANs together to form an extended LAN. Routers provide packet routing between network segments. Brouter are devices that combine router and bridge functionality.


NEW QUESTION # 635
What can be defined as a list of subjects along with their access rights that are authorized to access a specific object?

  • A. A capability table
  • B. An access control list
  • C. A role-based matrix
  • D. An access control matrix

Answer: B

Explanation:
Section: Access Control
Explanation/Reference:
"It [ACL] specifies a list of users [subjects] who are allowed access to each object" CBK, p. 188 A capability table is incorrect. "Capability tables are used to track, manage and apply controls based on the object and rights, or capabilities of a subject. For example, a table identifies the object, specifies access rights allowed for a subject, and permits access based on the user's posession of a capability (or ticket) for the object." CBK, pp. 191-192. The distinction that makes this an incorrect choice is that access is based on posession of a capability by the subject.
To put it another way, as noted in AIO3 on p. 169, "A capabiltiy table is different from an ACL because the subject is bound to the capability table, whereas the object is bound to the ACL." An access control matrix is incorrect. The access control matrix is a way of describing the rules for an access control strategy. The matrix lists the users, groups and roles down the left side and the resources and functions across the top. The cells of the matrix can either indicate that access is allowed or indicate the type of access.
CBK pp 317 - 318.
AIO3, p. 169 describes it as a table if subjects and objects specifying the access rights a certain subject possesses pertaining to specific objects.
In either case, the matrix is a way of analyzing the access control needed by a population of subjects to a population of objects. This access control can be applied using rules, ACL's, capability tables, etc.
A role-based matrix is incorrect. Again, a matrix of roles vs objects could be used as a tool for thinking about the access control to be applied to a set of objects. The results of the analysis could then be implemented using RBAC.
References:
CBK, Domain 2: Access Control.
AIO3, Chapter 4: Access Control


NEW QUESTION # 636
A code, as is pertains to cryptography:

  • A. Deals with linguistic units.
  • B. Is specific to substitution ciphers.
  • C. Is specific to transposition ciphers.
  • D. Is a generic term for encryption.

Answer: A

Explanation:
Explanation/Reference:
Historically, a code refers to a cryptosystem that deals with linguistic units: words, phrases, sentences, and so forth. Codes are only useful for specialized circumstances where the message to transmit has an already defined equivalent ciphertext word.
Source: DUPUIS, Cl?ment, CISSP Open Study Guide on domain 5, cryptography, April 1999.


NEW QUESTION # 637
In what type of attack does an attacker try, from several encrypted messages, to figure out the key used in the encryption process?

  • A. Chosen-Ciphertext attack
  • B. Ciphertext-only attack
  • C. Known-plaintext attack
  • D. Plaintext-only attack

Answer: B

Explanation:
Explanation/Reference:
In a ciphertext-only attack, the attacker has the ciphertext of several messages encrypted with the same encryption algorithm. Its goal is to discover the plaintext of the messages by figuring out the key used in the encryption process. In a known-plaintext attack, the attacker has the plaintext and the ciphertext of one or more messages. In a chosen-ciphertext attack, the attacker can chose the ciphertext to be decrypted and has access to the resulting plaintext.
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, Chapter
8: Cryptography (page 578).


NEW QUESTION # 638
What term describes the amount of risk that remains after the countermeasures have been deployed and the vulnerabilities classified?

  • A. Infinite risk
  • B. Residual risk
  • C. Terminal risk
  • D. Imminent risk

Answer: B


NEW QUESTION # 639
In this type of attack, the intruder re-routes data traffic from a network device to a personal machine. This diversion allows an attacker to gain access to critical resources and user credentials, such as passwords, and to gain unauthorized access to critical systems of an organization. Pick the best choice below.

  • A. Network Address Supernetting
  • B. Network Address Hijacking
  • C. Network Address Sniffing
  • D. Network Address Translation

Answer: B

Explanation:
Explanation/Reference:
Network address hijacking allows an attacker to reroute data traffic from a network device to a personal computer.
Also referred to as session hijacking, network address hijacking enables an attacker to capture and analyze the data addressed to a target system. This allows an attacker to gain access to critical resources and user credentials, such as passwords, and to gain unauthorized access to critical systems of an organization.
Session hijacking involves assuming control of an existing connection after the user has successfully created an authenticated session. Session hijacking is the act of unauthorized insertion of packets into a data stream. It is normally based on sequence number attacks, where sequence numbers are either guessed or intercepted.
The following are incorrect answers:
Network address translation (NAT) is a methodology of modifying network address information in Internet Protocol (IP) datagram packet headers while they are in transit across a traffic routing device for the purpose of remapping one IP address space into another. See RFC 1918 for more details.
Network Address Supernetting There is no such thing as Network Address Supernetting. However, a supernetwork, or supernet, is an Internet Protocol (IP) network that is formed from the combination of two or more networks (or subnets) with a common Classless Inter-Domain Routing (CIDR) prefix. The new routing prefix for the combined network aggregates the prefixes of the constituent networks.
Network Address Sniffing This is another bogus choice that sound good but does not even exist.
However, sniffing is a common attack to capture cleartext password and information unencrypted over the network. Sniffier is accomplished using a sniffer also called a Protocol Analyzer. A network sniffers monitors data flowing over computer network links. It can be a self-contained software program or a hardware device with the appropriate software or firmware programming. Also sometimes called "network probes" or "snoops," sniffers examine network traffic, making a copy of the data but without redirecting or altering it.
The following reference(s) were used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press ) (Kindle Locations 8641-8642). Auerbach Publications. Kindle Edition.
http://compnetworking.about.com/od/networksecurityprivacy/g/bldef_sniffer.htm
http://wiki.answers.com/Q/What_is_network_address_hijacking
KRUTZ, Ronald L & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 239.


NEW QUESTION # 640
Tripwire is a ___________________-

  • A. Digital Certificate Company
  • B. Port Scanner
  • C. Polymorphic virus
  • D. Log analyzer
  • E. File Integrity Checker

Answer: E


NEW QUESTION # 641
Which of the following is true about digital certificate?

  • A. Can't contain geography data such as country for example.
  • B. Electronic credential proving that the person the certificate was issued to is who they claim to be
  • C. You can only get digital certificate from Verisign, RSA if you wish to prove the key belong to a specific user.
  • D. It is the same as digital signature proving Integrity and Authenticity of the data

Answer: B

Explanation:
Explanation/Reference:
Digital certificate helps others verify that the public keys presented by users are genuine and valid. It is a form of Electronic credential proving that the person the certificate was issued to is who they claim to be.
The certificate is used to identify the certificate holder when conducting electronic transactions.
It is issued by a certification authority (CA). It contains the name of an organization or individual, the business address, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Some digital certificates conform to a standard, X.509. Digital certificates can be kept in registries so that authenticating users can look up other users' public keys.
Digital certificates are key to the PKI process. The digital certificate serves two roles. First, it ensures the integrity of the public key and makes sure that the key remains unchanged and in a valid state. Second, it validates that the public key is tied to the stated owner and that all associated information is true and correct. The information needed to accomplish these goals is added into the digital certificate.
A Certificate Authority (CA) is an entity trusted by one or more users as an authority in a network that issues, revokes, and manages digital certificates.
A Registration Authority (RA) performs certificate registration services on behalf of a CA. The RA, a single purpose server, is responsible for the accuracy of the information contained in a certificate request. The RA is also expected to perform user validation before issuing a certificate request.
A Digital Certificate is not like same as a digital signature, they are two different things, a digital Signature is created by using your Private key to encrypt a message digest and a Digital Certificate is issued by a trusted third party who vouch for your identity.
There are many other third parties which are providing Digital Certifictes and not just Verisign, RSA.
Reference(s) used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 14894-14903). Auerbach Publications. Kindle Edition.
Gregg, Michael; Haines, Billy (2012-02-16). CASP: CompTIA Advanced Security Practitioner Study Guide Authorized Courseware: Exam CAS-001 (p. 24). Wiley. Kindle Edition.
Please refer to http://en.wikipedia.org/wiki/Digital_certificate
What is Digital certificate: http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci211947,00.html another deifination on http://www.webopedia.com/TERM/D/digital_certificate.html


NEW QUESTION # 642
Which of the following is NOT a task normally performed by a Computer Incident Response Team (CIRT)?

  • A. Develop an information security policy.
  • B. Mitigate risk to the enterprise.
  • C. Coordinate the distribution of information pertaining to the incident to the appropriate parties.
  • D. Assemble teams to investigate the potential vulnerabilities.

Answer: A

Explanation:
Writing a corporate security policy is normally a task of upper management in an organization.
Other tasks would usually be performed by a Computer Incident Response Team.


NEW QUESTION # 643
Devices that supply power when the commercial utility power system fails are called which of the following?

  • A. power conditioners
  • B. power filters
  • C. uninterruptible power supplies
  • D. power dividers

Answer: C

Explanation:
From Shon Harris AIO Fifth Edition:
Protecting power can be done in three ways: through UPSs, power line conditioners, and backup sources.
UPSs use battery packs that range in size and capacity. A UPS can be online or standby.
Online UPS systems use AC line voltage to charge a bank of batteries. When in use, the UPS has an inverter that changes the DC output from the batteries into the required AC form and that regulates the voltage as it powers computer devices.
Online UPS systems have the normal primary power passing through them day in and day out. They constantly provide power from their own inverters, even when the electric power is in proper use. Since the environment's electricity passes through this type of UPS all the time, the UPS device is able to quickly detect when a power failure takes place. An online UPS can provide the necessary electricity and picks up the load after a power failure much more quickly than a standby UPS.
Standby UPS devices stay inactive until a power line fails. The system has sensors that detect a power failure, and the load is switched to the battery pack. The switch to the battery pack is what causes the small delay in electricity being provided. So an online UPS picks up the load much more quickly than a standby UPS, but costs more of course.


NEW QUESTION # 644
Which TCSEC level is labeled Controlled Access Protection?

  • A. C2
  • B. B1
  • C. C1
  • D. C3

Answer: A

Explanation:
C2 is labeled Controlled Access Protection.
The TCSEC defines four divisions: D, C, B and A where division A has the highest security.
Each division represents a significant difference in the trust an individual or organization can place on the evaluated system. Additionally divisions C, B and A are broken into a series of hierarchical subdivisions called classes: C1, C2, B1, B2, B3 and A1.
Each division and class expands or modifies as indicated the requirements of the immediately prior division or class.
D -- Minimal protection
Reserved for those systems that have been evaluated but that fail to meet the requirements for a higher division C -- Discretionary protection C1 -- Discretionary Security Protection Identification and authentication Separation of users and data Discretionary Access Control (DAC) capable of enforcing access limitations on an individual basis Required System Documentation and user manuals C2 -- Controlled Access Protection More finely grained DAC Individual accountability through login procedures Audit trails Object reuse Resource isolation B -- Mandatory protection B1 -- Labeled Security Protection Informal statement of the security policy model Data sensitivity labels Mandatory Access Control (MAC) over selected subjects and objects Label exportation capabilities All discovered flaws must be removed or otherwise mitigated Design specifications and verification B2 -- Structured Protection Security policy model clearly defined and formally documented DAC and MAC enforcement extended to all subjects and objects Covert storage channels are analyzed for occurrence and bandwidth Carefully structured into protection-critical and non-protection-critical elements Design and implementation enable more comprehensive testing and review Authentication mechanisms are strengthened Trusted facility management is provided with administrator and operator segregation Strict configuration management controls are imposed B3 -- Security Domains Satisfies reference monitor requirements Structured to exclude code not essential to security policy enforcement Significant system engineering directed toward minimizing complexity Security administrator role defined Audit security-relevant events Automated imminent intrusion detection, notification, and response Trusted system recovery procedures Covert timing channels are analyzed for occurrence and bandwidth An example of such a system is the XTS-300, a precursor to the XTS-400 A -- Verified protection A1 -- Verified Design Functionally identical to B3 Formal design and verification techniques including a formal top-level specification Formal management and distribution procedures An example of such a system is Honeywell's Secure Communications Processor SCOMP, a precursor to the XTS-400 Beyond A1 System Architecture demonstrates that the requirements of self-protection and completeness for reference monitors have been implemented in the Trusted Computing Base (TCB). Security Testing automatically generates test-case from the formal top-level specification or formal lower- level specifications.
Formal Specification and Verification is where the TCB is verified down to the source code level, using formal verification methods where feasible.
Trusted Design Environment is where the TCB is designed in a trusted facility with only trusted (cleared) personnel.
The following are incorrect answers:
C1 is Discretionary security
C3 does not exists, it is only a detractor
B1 is called Labeled Security Protection.


NEW QUESTION # 645
Which auditing practice relates to the controlling of hardware, software, firmware, and documentation to insure it has not been improperly modified?

  • A. Certification / Accreditation
  • B. Configuration Control
  • C. System Control
  • D. Consequence Assessment

Answer: B


NEW QUESTION # 646
In an organization where there are frequent personnel changes, non-discretionary access control using Role Based Access Control (RBAC) is useful because:

  • A. the access controls are not based on the individual's role or title within the organization
  • B. people need not use discretion
  • C. the access controls are often based on the individual's role or title within the organization
  • D. the access controls are based on the individual's role or title within the organization.

Answer: D

Explanation:
Section: Access Control
Explanation/Reference:
In an organization where there are frequent personnel changes, non-discretionary access control (also called Role Based Access Control) is useful because the access controls are based on the individual's role or title within the organization. You can easily configure a new employee acces by assigning the user to a role that has been predefine. The user will implicitly inherit the permissions of the role by being a member of that role.
These access permissions defined within the role do not need to be changed whenever a new person takes over the role.
Another type of non-discretionary access control model is the Rule Based Access Control (RBAC or RuBAC) where a global set of rule is uniformly applied to all subjects accessing the resources. A good example of RuBAC would be a firewall.
This question is a sneaky one, one of the choice has only one added word to it which is often. Reading questions and their choices very carefully is a must for the real exam. Reading it twice if needed is recommended.
Shon Harris in her book list the following ways of managing RBAC:
Role-based access control can be managed in the following ways:
Non-RBAC Users are mapped directly to applications and no roles are used. (No roles being used) Limited RBAC Users are mapped to multiple roles and mapped directly to other types of applications that do not have role-based access functionality. (A mix of roles for applications that supports roles and explicit access control would be used for applications that do not support roles) Hybrid RBAC Users are mapped to multiapplication roles with only selected rights assigned to those roles.
Full RBAC Users are mapped to enterprise roles. (Roles are used for all access being granted) NIST defines RBAC as:
Security administration can be costly and prone to error because administrators usually specify access control lists for each user on the system individually. With RBAC, security is managed at a level that corresponds closely to the organization's structure. Each user is assigned one or more roles, and each role is assigned one or more privileges that are permitted to users in that role. Security administration with RBAC consists of determining the operations that must be executed by persons in particular jobs, and assigning employees to the proper roles. Complexities introduced by mutually exclusive roles or role hierarchies are handled by the RBAC software, making security administration easier.
Reference(s) used for this question:
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 32.
and
Harris, Shon (2012-10-25). CISSP All-in-One Exam Guide, 6th Edition McGraw-Hill.
and
http://csrc.nist.gov/groups/SNS/rbac/


NEW QUESTION # 647
A weakness or lack of a safeguard, which may be exploited by a threat, causing harm to the information systems or networks is called a ?

  • A. Threat
  • B. Vulnerability
  • C. Risk
  • D. Overflow

Answer: B

Explanation:
Section: Risk, Response and Recovery
Explanation/Reference:
The Answer: Vulnerability; Vulnerability is a weakness or lack of a safeguard, which may be exploited by a threat, causing harm to the information systems or networks.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Pages 16, 32.


NEW QUESTION # 648
Integrity = ______________

  • A. Ability to access data when requested
  • B. Data being delivered from the source to the intended receiver without being altered
  • C. Protection of data from unauthorized users
  • D. All answers are correct
  • E. Data being kept correct and current

Answer: B


NEW QUESTION # 649
The National Institute of Standards and Technology (NIST) standard pertaining to perimeter protection states that critical areas should be illuminated up to?

  • A. Illiminated at eight feet high with at least two foot-candles
  • B. Illuminated at nine feet high with at least two foot-candles
  • C. Illiminated at eight feet high with at least three foot-candles
  • D. Illiminated at nine feet high with at least three foot-candles

Answer: C

Explanation:
The National Institute of Standards and Technology (NIST) standard pertaining to perimeter protection states that critical areas should be illuminated eight feet high with at least two foot candles.
It can also be referred to as illuminating to a height of eight feet, with a BRIGHTNESS of two foot- candles.
One footcandle 10.764 lux. The footcandle (or lumen per square foot) is a non-SI unit of illuminance. Like the BTU, it is obsolete but it is still in fairly common use in the United States, particularly in construction-related engineering and in building codes. Because lux and footcandles are different units of the same quantity, it is perfectly valid to convert footcandles to lux and vice versa.
The name "footcandle" conveys "the illuminance cast on a surface by a one-candela source one foot away." As natural as this sounds, this style of name is now frowned upon, because the dimensional formula for the unit is not foot ?candela, but lumens per square foot.
Some sources do however note that the "lux" can be thought of as a "metre-candle" (i.e. the illuminance cast on a surface by a one-candela source one meter away). A source that is farther away casts less illumination than one that is close, so one lux is less illuminance than one footcandle. Since illuminance follows the inverse-square law, and since one foot = 0.3048 m, one lux = 0.30482 footcandle 1/10.764 footcandle.
TIPS FROM CLEMENT:
Illuminance (light level) ?The amount of light, measured in foot-candles (US unit), that falls n a surface, either horizontal or vertical.
Parking lots lighting needs to be an average of 2 foot candles; uniformity of not more than 3:1, no area less than 1 fc.
All illuminance measurements are to be made on the horizontal plane with a certified light meter calibrated to NIST standards using traceable light sources.
The CISSP Exam Cram 2 from Michael Gregg says:
Lighting is a commonly used form of perimeter protection.
Some studies have found that up to 80% of criminal acts at businesses and shopping centers happen in adjacent parking lots. Therefore, it's easy to see why lighting can be such an important concern.
Outside lighting discourages prowlers and thieves.
The National Institute of Standards and Technologies (NIST) states that, for effective perimeter control, buildings should be illuminated 8 feet high, with 2-foot candle power.


NEW QUESTION # 650
What is the primary difference between FTP and TFTP?

  • A. Speed of negotiation
  • B. Ability to automate
  • C. TFTP is used to transfer configuration files to and from network equipment.
  • D. Authentication

Answer: D

Explanation:
TFTP (Trivial File Transfer Protocol) is sometimes used to transfer configuration files from equipments such as routers but the primary difference between FTP and TFTP is that TFTP does not require authentication. Speed and ability to automate are not important.
Both of these protocols (FTP and TFTP) can be used for transferring files across the Internet.
The differences between the two protocols are explained below:
FTP is a complete, session-oriented, general purpose file transfer protocol.
TFTP is used as a bare-bones special purpose file transfer protocol.
FTP can be used interactively. TFTP allows only unidirectional transfer of files.
FTP depends on TCP, is connection oriented, and provides reliable control.
TFTP depends on UDP, requires less overhead, and provides virtually no control.
FTP provides user authentication. TFTP does not.
FTP uses well-known TCP port numbers: 20 for data and 21 for connection dialog.
TFTP uses UDP port number 69 for its file transfer activity.
The Windows NT FTP server service does not support TFTP because TFTP does not support authentication.
Windows 95 and TCP/IP-32 for Windows for Workgroups do not include a TFTP client program.


NEW QUESTION # 651
Which of the following will a Business Impact Analysis NOT identify?

  • A. The outage time that can be tolerated by the enterprise as a result of a disaster.
  • B. The names of individuals to be contacted during a disaster.
  • C. Systems critical to the survival of the enterprise.
  • D. Areas that would suffer the greatest financial or operational loss in the event of a disaster.

Answer: B

Explanation:
Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.


NEW QUESTION # 652
Which virus category has the capability of changing its own code, making it harder to detect by anti-virus software?

  • A. Stealth viruses
  • B. Logic bombs
  • C. Polymorphic viruses
  • D. Trojan horses

Answer: C

Explanation:
A polymorphic virus has the capability of changing its own code, enabling it to have many different variants, making it harder to detect by anti-virus software. The particularity of a stealth virus is that it tries to hide its presence after infecting a system. A Trojan horse is a set of unauthorized instructions that are added to or replacing a legitimate program. A logic bomb is a set of instructions that is initiated when a specific event occurs.


NEW QUESTION # 653
Which of the following is not a responsibility of an information (data) owner?

  • A. Periodically review the classification assignments against business needs.
  • B. Running regular backups and periodically testing the validity of the backup data.
  • C. Determine what level of classification the information requires.
  • D. Delegate the responsibility of data protection to data custodians.

Answer: B

Explanation:
This responsibility would be delegated to a data custodian rather than being performed directly by the information owner.
"Determine what level of classification the information requires" is incorrect. This is one of the major responsibilities of an information owner.
"Periodically review the classification assignments against business needs" is incorrect. This is one of the major responsibilities of an information owner.
"Delegates responsibility of maintenance of the data protection mechanisms to the data custodian" is incorrect. This is a responsibility of the information owner.


NEW QUESTION # 654

  • A. L2F
  • B. PPTP
  • C. L2TP
  • D. LDAP

Answer: D


NEW QUESTION # 655
Which of the following concerning the Rijndael block cipher algorithm is false?

  • A. The design of Rijndael was strongly influenced by the design of the block cipher Square.
  • B. Both block size and key length can be extended to multiples of 64 bits.
  • C. The cipher has a variable block length and key length.
  • D. A total of 25 combinations of key length and block length are possible

Answer: B

Explanation:
The answer above is the correct answer because it is FALSE. Rijndael does not support multiples of 64 bits but multiples of 32 bits in the range of 128 bits to 256 bits. Key length could be 128,
160, 192, 224, and 256.
Both block length and key length can be extended very easily to multiples of 32 bits. For a total combination of 25 different block and key size that are possible.
The Rijndael Cipher
Rijndael is a block cipher, designed by Joan Daemen and Vincent Rijmen as a candidate algorithm for the Advanced Encryption Standard (AES) in the United States of America. The cipher has a variable block length and key length.
Rijndael can be implemented very efficiently on a wide range of processors and in hardware.
The design of Rijndael was strongly influenced by the design of the block cipher Square.
The Advanced Encryption Standard (AES)
The Advanced Encryption Standard (AES) keys are defined to be either 128, 192, or 256 bits in accordance with the requirements of the AES.
The number of rounds, or iterations of the main algorithm, can vary from 10 to 14 within the Advanced Encryption Standard (AES) and is dependent on the block size and key length. 128 bits keys uses 10 rounds or encryptions, 192 bits keys uses 12 rounds of encryption, and 256 bits keys uses 14 rounds of encryption.
The low number of rounds has been one of the main criticisms of Rijndael, but if this ever becomes a problem the number of rounds can easily be increased at little extra cost performance wise by increasing the block size and key length.
Range of key and block lengths in Rijndael and AES
Rijndael and AES differ only in the range of supported values for the block length and cipher key length.
For Rijndael, the block length and the key length can be independently specified to any multiple of 32 bits, with a minimum of 128 bits, and a maximum of 256 bits. The support for block and key lengths 160 and 224 bits was introduced in Joan Daemen and Vincent Rijmen, AES submission document on Rijndael, Version 2, September 1999 available at
http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf
AES fixes the block length to 128 bits, and supports key lengths of 128, 192 or 256 bits only.


NEW QUESTION # 656
According to the annual CSI/FBI Computer Crime report, which group commits the most computer crimes?

  • A. Foreign governments
  • B. Company Competitors
  • C. Company Insiders
  • D. Teenage Hackers
  • E. All of these groups create equal numbers of computer crimes

Answer: C


NEW QUESTION # 657
......

Most Reliable ISC SSCP Training Materials: https://learningtree.actualvce.com/ISC/SSCP-valid-vce-dumps.html

Related Articles

more
ISC SSCP Certification Practice Exam