SSCP Free Practice Test

- (Topic 6)
Which communication method is characterized by very high speed transmission rates that are governed by electronic clock timing signals?

1. A. Asynchronous Communication.
2. B. Synchronous Communication.
3. C. Automatic Communication.
4. D. Full duplex Communication.

Correct Answer: B
Synchronous Communication is characterized by very high speed transmission rates that are governed by electronic clock timing signals.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 100

- (Topic 2)
As per the Orange Book, what are two types of system assurance?

1. A. Operational Assurance and Architectural Assurance.
2. B. Design Assurance and Implementation Assurance.
3. C. Architectural Assurance and Implementation Assurance.
4. D. Operational Assurance and Life-Cycle Assurance.

Correct Answer: D
Are the two types of assurance mentioned in the Orange book. The following answers are incorrect:
Operational Assurance and Architectural Assurance. Is incorrect because Architectural Assurance is not a type of assurance mentioned in the Orange book.
Design Assurance and Implementation Assurance. Is incorrect because neither are types of assurance mentioned in the Orange book.
Architectural Assurance and Implementation Assurance. Is incorrect because neither are types of assurance mentioned in the Orange book.

- (Topic 5)
What key size is used by the Clipper Chip?

1. A. 40 bits
2. B. 56 bits
3. C. 64 bits
4. D. 80 bits

Correct Answer: D
The Clipper Chip is a NSA designed tamperproof chip for encrypting data and it uses the SkipJack algorithm. Each Clipper Chip has a unique serial number and a copy of the unit key is stored in the database under this serial number. The sending Clipper Chip generates and sends a Law Enforcement Access Field (LEAF) value included in the transmitted message. It is based on a 80-bit key and a 16-bit checksum.
Source: WALLHOFF, John, CBK#5 Cryptography (CISSP Study Guide), April 2002 (page 1).

- (Topic 5)
In a known plaintext attack, the cryptanalyst has knowledge of which of the following?

1. A. the ciphertext and the key
2. B. the plaintext and the secret key
3. C. both the plaintext and the associated ciphertext of several messages
4. D. the plaintext and the algorithm

Correct Answer: C
In a known plaintext attack, the attacker has the plaintext and ciphertext of one or more messages. The goal is to discover the key used to encrypt the messages so that other messages can be deciphered and read.
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw- Hill/Osborne, 3rd Ed., chapter 8: Cryptography (page 676). Also check out: Handbook of Applied Cryptography 4th Edition by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone.

- (Topic 6)
All following observations about IPSec are correct except:

1. A. Default Hashing protocols are HMAC-MD5 or HMAC-SHA-1
2. B. Default Encryption protocol is Cipher Block Chaining mode DES, but other algorithms like ECC (Elliptic curve cryptosystem) can be used
3. C. Support two communication modes - Tunnel mode and Transport mode
4. D. Works only with Secret Key Cryptography

Correct Answer: D
Source: TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 2, 2001, CRC Press, NY, Pages 166-167.