Certs Vault
See all results for ""
Home Exams
CRISC ISACA CISSP ISC2 200-301 Cisco SY0-701 CompTIA AZ-104 Microsoft AI-900 Microsoft AIGP IAPP 1Z0-1067-26 Oracle View All Exams →
Sign in Create account

ISC2 Systems Security Certified Practitioner SSCP Exam Questions

Preparing for the SSCP exam is simple with Certs Vault. We offer easy-to-understand study materials that help you learn the most important exam topics. You can study using our PDF questions, practice online with a real exam-style test, or use the desktop practice software. Choose the study method that works best for you and prepare at your own pace.

At Certs Vault, we keep our SSCP practice questions up to date. Whenever the exam syllabus or objectives change, we update our study materials so you always learn the latest topics. This helps you save time, avoid outdated content, and feel more confident when you take your exam.

Download Exam View Entire Exam
Page: 2 / 2
Question #6 (Topic: Demo Questions)

Which of the following is NOT a technical control?

A.
Password and resource management
B.
Identification and authentication methods
C.
Monitoring for physical intrusion
D.
Intrusion Detection Systems
Correct Answer: C
Explanation:
It is considered to be a ' Physical Control '
There are three broad categories of access control: administrative, technical, and physical. Each category has different access control mechanisms that can be carried out manually or automatically. All of these access control mechanisms should work in concert with each other to protect an infrastructure and its data.
Each category of access control has several components that fall within it, a partial list is shown here. Not all controls fall into a single category, many of the controls will be in two or more categories. Below you have an example with backups where it is in all three categories:
Administrative Controls
Policy and procedures
- A backup policy would be in place
Personnel controls
Supervisory structure
Security-awareness training
Testing
Physical Controls
Network segregation
Perimeter security
Computer controls
Work area separation
Data backups (actual storage of the media, i:e Offsite Storage Facility)
Cabling
Technical Controls
System access
Network architecture
Network access
Encryption and protocols
Control zone
Auditing
Backup (Actual software doing the backups)
The following answers are incorrect :
Password and resource management is considered to be a logical or technical control.
Identification and authentication methods is considered to be a logical or technical control.
Intrusion Detection Systems is considered to be a logical or technical control.
Question #7 (Topic: Demo Questions)

Which of the following are suitable protocols for securing VPN connections at the lower layers of the OSI model?

A.
S/MIME and SSH
B.
TLS and SSL
C.
IPsec and L2TP
D.
PKCS#10 and X.509
Correct Answer: C
Explanation not available for this question.
Question #8 (Topic: Demo Questions)

The control of communications test equipment should be clearly addressed by security policy for which of the following reasons?

A.
Test equipment is easily damaged.
B.
Test equipment can be used to browse information passing on a network.
C.
Test equipment is difficult to replace if lost or stolen.
D.
Test equipment must always be available for the maintenance personnel.
Correct Answer: B
Explanation:
Test equipment must be secured. There are equipment and other tools that if in the wrong hands could be used to " sniff " network traffic and also be used to commit fraud. The storage and use of this equipment should be detailed in the security policy for this reason.
The following answers are incorrect:
Test equipment is easily damaged. Is incorrect because it is not the best answer, and from a security point of view not relevent.
Test equipment is difficult to replace if lost or stolen. Is incorrect because it is not the best answer, and from a security point of view not relevent.
Test equipment must always be available for the maintenance personnel. Is incorrect because it is not the best answer, and from a security point of view not relevent.
Download Exam
« Prev Page: 2 / 2
Next Page