SSCP Free Practice Test

- (Topic 6)
The IP header contains a protocol field. If this field contains the value of 1, what type of data is contained within the IP datagram?

1. A. TCP.
2. B. ICMP.
3. C. UDP.
4. D. IGMP.

Correct Answer: B
If the protocol field has a value of 1 then it would indicate it was ICMP. The following answers are incorrect:
TCP. Is incorrect because the value for a TCP protocol would be 6. UDP. Is incorrect because the value for an UDP protocol would be 17.
IGMP. Is incorrect because the value for an IGMP protocol would be 2.

- (Topic 4)
Which of the following steps should be one of the first step performed in a Business Impact Analysis (BIA)?

1. A. Identify all CRITICAL business units within the organization.
2. B. Evaluate the impact of disruptive events.
3. C. Estimate the Recovery Time Objectives (RTO).
4. D. Identify and Prioritize Critical Organization Functions

Correct Answer: D
Project Initiation and Management
This is the first step in building the Business Continuity program is project initiation and management. During this phase, the following activities will occur:
Obtain senior management support to go forward with the project
Define a project scope, the objectives to be achieved, and the planning assumptions Estimate the project resources needed to be successful, both human resources and financial resources
Define a timeline and major deliverables of the project In this phase, the program will be managed like a project, and a project manager should be assigned to the BC and DR domain.
The next step in the planning process is to have the planning team perform a BIA. The BIA will help the company decide what needs to be recovered, and how quickly. Mission functions are typically designated with terms such as critical, essential, supporting and nonessential to help determine the appropriate prioritization.
One of the first steps of a BIA is to Identify and Prioritize Critical Organization Functions. All organizational functions and the technology that supports them need to be classified based on their recovery priority. Recovery time frames for organization operations are driven by the consequences of not performing the function. The consequences may be the result of organization lost during the down period; contractual commitments not met resulting in fines or lawsuits, lost goodwill with customers.
All other answers are incorrect. Reference(s) used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third
Edition ((ISC)2 Press) (Kindle Locations 21073-21075). Auerbach Publications. Kindle Edition.
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 20697-20710). Auerbach Publications. Kindle Edition.

- (Topic 4)
Which of the following could be BEST defined as the likelihood of a threat agent taking advantage of a vulnerability?

1. A. A risk
2. B. A residual risk
3. C. An exposure
4. D. A countermeasure

Correct Answer: A
Risk is the likelihood of a threat agent taking advantage of a vulnerability and the corresponding business impact. If a firewall has several ports open , there is a higher likelihood that an intruder will use one to access the network in an unauthorized method.
The following answers are incorrect :
Residual Risk is very different from the notion of total risk. Residual Risk would be the risks that still exists after countermeasures have been implemented. Total risk is the amount of risk a company faces if it chooses not to implement any type of safeguard.
Exposure: An exposure is an instance of being exposed to losses from a threat agent. Countermeasure: A countermeasure or a safeguard is put in place to mitigate the potential
risk. Examples of countermeasures include strong password management , a security
guard.
REFERENCES : SHON HARRIS ALL IN ONE 3rd EDITION
Chapter - 3: Security Management Practices , Pages : 57-59

- (Topic 5)
Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:

1. A. Not possible
2. B. Only possible with key recovery scheme of all user keys
3. C. It is possible only if X509 Version 3 certificates are used
4. D. It is possible only by "brute force" decryption

Correct Answer: A
Content security measures presumes that the content is available in cleartext on the central mail server.
Encrypted emails have to be decrypted before it can be filtered (e.g. to detect viruses), so you need the decryption key on the central "crypto mail server".
There are several ways for such key management, e.g. by message or key recovery methods. However, that would certainly require further processing in order to achieve such
goal.

- (Topic 1)
What is the main objective of proper separation of duties?

1. A. To prevent employees from disclosing sensitive information.
2. B. To ensure access controls are in place.
3. C. To ensure that no single individual can compromise a system.
4. D. To ensure that audit trails are not tampered with.

Correct Answer: C
The primary objective of proper separation of duties is to ensure that one person acting alone cannot compromise the company's security in any way. A proper separation of duties does not prevent employees from disclosing information, nor does it ensure that access controls are in place or that audit trails are not tampered with. Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw- Hill/Osborne, 2002, Chapter 12: Operations Security (Page 808).