SSCP Free Practice Test

- (Topic 1)
Detective/Technical measures:

1. A. include intrusion detection systems and automatically-generated violation reports from audit trail information.
2. B. do not include intrusion detection systems and automatically-generated violation reports from audit trail information.
3. C. include intrusion detection systems but do not include automatically-generated violation reports from audit trail information.
4. D. include intrusion detection systems and customised-generated violation reports from audit trail information.

Correct Answer: A
Detective/Technical measures include intrusion detection systems and automatically-generated violation reports from audit trail information. These reports can indicate variations from "normal" operation or detect known signatures of unauthorized access episodes. In order to limit the amount of audit information flagged and reported by automated violation analysis and reporting mechanisms, clipping levels can be set. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 35.

- (Topic 5)
Which of the following identifies the encryption algorithm selected by NIST for the new Advanced Encryption Standard?

1. A. Twofish
2. B. Serpent
3. C. RC6
4. D. Rijndael

Correct Answer: D
The Answer Rijndael. Rijndael is the new approved method of encrypting sensitive but unclassified information for the U.S. government. It has been accepted by and is also widely used in the public arena as well. It has low memory requirements and has been constructed to easily defend against timing attacks.
The following answers are incorrect: Twofish. Twofish was among the final candidates chosen for AES, but was not selected.
Serpent. Serpent was among the final candidates chosen for AES, but was not selected. RC6. RC6 was among the final candidates chosen for AES, but was not selected.
The following reference(s) were/was used to create this question: ISC2 OIG, 2007 p. 622, 629-630
Shon Harris AIO, v.3 p 247-250

- (Topic 6)
What is called the access protection system that limits connections by calling back the number of a previously authorized location?

1. A. Sendback systems
2. B. Callback forward systems
3. C. Callback systems
4. D. Sendback forward systems

Correct Answer: C
The Answer: Call back Systems; Callback systems provide access protection by calling back the number of a previously authorized location, but this control can be compromised by call forwarding.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 35.

- (Topic 4)
Which of the following steps should be one of the first step performed in a Business Impact Analysis (BIA)?

1. A. Identify all CRITICAL business units within the organization.
2. B. Evaluate the impact of disruptive events.
3. C. Estimate the Recovery Time Objectives (RTO).
4. D. Identify and Prioritize Critical Organization Functions

Correct Answer: D
Project Initiation and Management
This is the first step in building the Business Continuity program is project initiation and management. During this phase, the following activities will occur:
Obtain senior management support to go forward with the project
Define a project scope, the objectives to be achieved, and the planning assumptions Estimate the project resources needed to be successful, both human resources and financial resources
Define a timeline and major deliverables of the project In this phase, the program will be managed like a project, and a project manager should be assigned to the BC and DR domain.
The next step in the planning process is to have the planning team perform a BIA. The BIA will help the company decide what needs to be recovered, and how quickly. Mission functions are typically designated with terms such as critical, essential, supporting and nonessential to help determine the appropriate prioritization.
One of the first steps of a BIA is to Identify and Prioritize Critical Organization Functions. All organizational functions and the technology that supports them need to be classified based on their recovery priority. Recovery time frames for organization operations are driven by the consequences of not performing the function. The consequences may be the result of organization lost during the down period; contractual commitments not met resulting in fines or lawsuits, lost goodwill with customers.
All other answers are incorrect. Reference(s) used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third
Edition ((ISC)2 Press) (Kindle Locations 21073-21075). Auerbach Publications. Kindle Edition.
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 20697-20710). Auerbach Publications. Kindle Edition.

- (Topic 1)
Which of the following are not Remote Access concerns?

1. A. Justification for remote access
2. B. Auditing of activities
3. C. Regular review of access privileges
4. D. Access badges

Correct Answer: D
Access badges are more relevant to physical security rather than remote access.
"Justification for remote access" is incorrect. Justification for remote access is a relevant concern.
"Auditing of activities" is incorrect. Auditing of activites is an imporant aspect to assure that malicious or unauthorized activities are not occuring.
"Regular review of access privileges" is incorrect. Regular review of remote accept privileges is an important management responsibility.
References:
AIO3, pp. 547 - 548