SSCP Dumps

SSCP Free Practice Test

ISC2 SSCP: System Security Certified Practitioner (SSCP)

QUESTION 1

- (Topic 4)
Once evidence is seized, a law enforcement officer should emphasize which of the following?

Correct Answer: B
All people that handle the evidence from the time the crime was committed through the final disposition must be identified. This is to ensure that the evidence can be used and has not been tampered with.
The following answers are incorrect:
chain of command. Is incorrect because chain of command is the order of authority and does not apply to evidence.
chain of control. Is incorrect because it is a distractor.
chain of communications. Is incorrect because it is a distractor.

QUESTION 2

- (Topic 6)
Which of the following is NOT a characteristic or shortcoming of packet filtering gateways?

Correct Answer: D
Packet filtering firewalls use routers with packet filtering rules to grant or deny access based on source address, destination address, and port.
They offer minimum security but at a very low cost, and can be an appropriate choice for a low-risk environment.
Source: TIPTON, Harold F. & KRAUSE, Micki, Information Security Management Handbook, 4th edition (volume 1), 2000, CRC Press, Chapter 3, Secured Connections to External Networks (page 60).

QUESTION 3

- (Topic 5)
Which of the following is not a property of the Rijndael block cipher algorithm?

Correct Answer: C
All other properties above apply to the Rijndael algorithm, chosen as the AES standard to replace DES.
The AES algorithm is capable of using cryptographic keys of 128, 192, and 256 bits to encrypt and decrypt data in blocks of 128 bits. Rijndael was designed to handle additional block sizes and key lengths, however they are not adopted in the AES standard.
IDEA cipher algorithm operates on 64-bit plaintext blocks and uses a 128 bit key. Reference(s) used for this question: http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
and
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

QUESTION 4

- (Topic 6)
Which of the following protocols operates at the session layer (layer 5)?

Correct Answer: A
Remotre Procedure Call (RPC) is the only of the above choices to operate at the session layer (layer 5).
All of the other answers were wrong. LPD operates at layer 7
SPX operates at layer 4
IGMP operates at layer 3.
Reference:
WALLHOFF, John, CBK#2 Telecommunications and Network Security (CISSP Study Guide), April 2002 (page 1).

QUESTION 5

- (Topic 5)
Which of the following encryption algorithms does not deal with discrete logarithms?

Correct Answer: C
The security of the RSA system is based on the assumption that factoring the product into two original large prime numbers is difficult
Source:
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 4: Cryptography (page 159).
Shon Harris, CISSP All-in-One Examine Guide, Third Edition, McGraw-Hill Companies, August 2005, Chapter 8: Cryptography, Page 636 - 639