SSCP Free Practice Test

- (Topic 4)
Once evidence is seized, a law enforcement officer should emphasize which of the following?

1. A. Chain of command
2. B. Chain of custody
3. C. Chain of control
4. D. Chain of communications

Correct Answer: B
All people that handle the evidence from the time the crime was committed through the final disposition must be identified. This is to ensure that the evidence can be used and has not been tampered with.
The following answers are incorrect:
chain of command. Is incorrect because chain of command is the order of authority and does not apply to evidence.
chain of control. Is incorrect because it is a distractor.
chain of communications. Is incorrect because it is a distractor.

- (Topic 6)
Which of the following is NOT a characteristic or shortcoming of packet filtering gateways?

1. A. The source and destination addresses, protocols, and ports contained in the IP packet header are the only information that is available to the router in making a decision whether or not to permit traffic access to an internal network.
2. B. They don't protect against IP or DNS address spoofing.
3. C. They do not support strong user authentication.
4. D. They are appropriate for medium-risk environment.

Correct Answer: D
Packet filtering firewalls use routers with packet filtering rules to grant or deny access based on source address, destination address, and port.
They offer minimum security but at a very low cost, and can be an appropriate choice for a low-risk environment.
Source: TIPTON, Harold F. & KRAUSE, Micki, Information Security Management Handbook, 4th edition (volume 1), 2000, CRC Press, Chapter 3, Secured Connections to External Networks (page 60).

- (Topic 5)
Which of the following is not a property of the Rijndael block cipher algorithm?

1. A. It employs a round transformation that is comprised of three layers of distinct and invertible transformations.
2. B. It is suited for high speed chips with no area restrictions.
3. C. It operates on 64-bit plaintext blocks and uses a 128 bit key.
4. D. It could be used on a smart card.

Correct Answer: C
All other properties above apply to the Rijndael algorithm, chosen as the AES standard to replace DES.
The AES algorithm is capable of using cryptographic keys of 128, 192, and 256 bits to encrypt and decrypt data in blocks of 128 bits. Rijndael was designed to handle additional block sizes and key lengths, however they are not adopted in the AES standard.
IDEA cipher algorithm operates on 64-bit plaintext blocks and uses a 128 bit key. Reference(s) used for this question: http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
and
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

- (Topic 6)
Which of the following protocols operates at the session layer (layer 5)?

1. A. RPC
2. B. IGMP
3. C. LPD
4. D. SPX

Correct Answer: A
Remotre Procedure Call (RPC) is the only of the above choices to operate at the session layer (layer 5).
All of the other answers were wrong. LPD operates at layer 7
SPX operates at layer 4
IGMP operates at layer 3.
Reference:
WALLHOFF, John, CBK#2 Telecommunications and Network Security (CISSP Study Guide), April 2002 (page 1).

- (Topic 5)
Which of the following encryption algorithms does not deal with discrete logarithms?

1. A. El Gamal
2. B. Diffie-Hellman
3. C. RSA
4. D. Elliptic Curve

Correct Answer: C
The security of the RSA system is based on the assumption that factoring the product into two original large prime numbers is difficult
Source:
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 4: Cryptography (page 159).
Shon Harris, CISSP All-in-One Examine Guide, Third Edition, McGraw-Hill Companies, August 2005, Chapter 8: Cryptography, Page 636 - 639