ISC SSCP System Security Certified Practitioner (SSCP) SSCP Dumps in PDF

Free ISC SSCP Real Questions (page: 14)

Technical controls such as encryption and access control can be built into the operating system, be software applications, or can be supplemental hardware/software units. Such controls, also known as logical controls, represent which pairing?

  1. Preventive/Administrative Pairing
  2. Preventive/Technical Pairing
  3. Preventive/Physical Pairing
  4. Detective/Technical Pairing

Answer(s): B

Explanation:

Preventive/Technical controls are also known as logical controls and can be built into the operating system, be software applications, or can be supplemental hardware/software units.


Reference:

KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 34.



What is called the use of technologies such as fingerprint, retina, and iris scans to authenticate the individuals requesting access to resources?

  1. Micrometrics
  2. Macrometrics
  3. Biometrics
  4. MicroBiometrics

Answer(s): C


Reference:

KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 35.



What are called user interfaces that limit the functions that can be selected by a user?

  1. Constrained user interfaces
  2. Limited user interfaces
  3. Mini user interfaces
  4. Unlimited user interfaces

Answer(s): A

Explanation:

Constrained user interfaces limit the functions that can be selected by a user.
Another method for controlling access is by restricting users to specific functions based on their role in the system. This is typically implemented by limiting available menus, data views, encryption, or by physically constraining the user interfaces.
This is common on devices such as an automated teller machine (ATM). The advantage of a constrained user interface is that it limits potential avenues of attack and system failure by restricting the processing options that are available to the user.
On an ATM machine, if a user does not have a checking account with the bank he or she will not be shown the "Withdraw money from checking" option. Likewise, an information system might have an "Add/Remove Users" menu option for administrators, but if a normal, non-administrative user logs in he or she will not even see that menu option. By not even identifying potential options for non-qualifying users, the system limits the potentially harmful execution of unauthorized system or application commands.
Many database management systems have the concept of "views." A database view is an extract of the data stored in the database that is filtered based on predefined user or system criteria. This permits multiple users to access the same database while only having the ability to access data they need (or are allowed to have) and not data for another user. The use of database views is another example of a constrained user interface.
The following were incorrect answers:
All of the other choices presented were bogus answers.
The following reference(s) were used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 1989-2002). Auerbach Publications. Kindle Edition.



What would be the name of a Logical or Virtual Table dynamically generated to restrict the information a user can access in a database?

  1. Database Management system
  2. Database views
  3. Database security
  4. Database shadowing

Answer(s): B

Explanation:

Database views; Database views are mechanisms that restrict access to the information that a user can access in a database.


Reference:

KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 35.
Wikipedia has a detailed explantion as well:
In database theory, a view is a virtual or logical table composed of the result set of a query. Unlike ordinary tables (base tables) in a relational database, a view is not part of the physical schema: it is a dynamic, virtual table computed or collated from data in the database. Changing the data in a table alters the data shown in the view.
Views can provide advantages over tables;
They can subset the data contained in a table
They can join and simplify multiple tables into a single virtual table Views can act as aggregated tables, where aggregated data (sum, average etc.) are calculated and presented as part of the data
Views can hide the complexity of data, for example a view could appear as Sales2000 or Sales2001, transparently partitioning the actual underlying table Views do not incur any extra storage overhead
Depending on the SQL engine used, views can provide extra security.
Limit the exposure to which a table or tables are exposed to outer world
Just like functions (in programming) provide abstraction, views can be used to create abstraction. Also, just like functions, views can be nested, thus one view can aggregate data from other views. Without the use of views it would be much harder to normalise databases above second normal form. Views can make it easier to create lossless join decomposition.



The control measures that are intended to reveal the violations of security policy using software and hardware are associated with:

  1. Preventive/physical
  2. Detective/technical
  3. Detective/physical
  4. Detective/administrative

Answer(s): B

Explanation:

The detective/technical control measures are intended to reveal the violations of security policy using technical means.


Reference:

KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 35.



Share your comments for ISC SSCP exam with other users:

R
Robe
9/27/2023 8:15:00 PM

i need this exam 1z0-1107-2. please.

C
Chiranthaka
9/20/2023 11:22:00 AM

very useful!

N
Not Miguel
11/26/2023 9:43:00 PM

for this question - "which three type of basic patient or member information is displayed on the patient info component? (choose three.)", list of conditions is not displayed (it is displayed in patient card, not patient info). so should be thumbnail of chatter photo

A
Andrus
12/17/2023 12:09:00 PM

q52 should be d. vm storage controller bandwidth represents the amount of data (in terms of bandwidth) that a vms storage controller is using to read and write data to the storage fabric.

R
Raj
5/25/2023 8:43:00 AM

nice questions

M
max
12/22/2023 3:45:00 PM

very useful

M
Muhammad Rawish Siddiqui
12/8/2023 6:12:00 PM

question # 208: failure logs is not an example of operational metadata.

S
Sachin Bedi
1/5/2024 4:47:00 AM

good questions

K
Kenneth
12/8/2023 7:34:00 AM

thank you for the test materials!

H
Harjinder Singh
8/9/2023 4:16:00 AM

its very helpful

S
SD
7/13/2023 12:56:00 AM

good questions

K
kanjoe
7/2/2023 11:40:00 AM

good questons

M
Mahmoud
7/6/2023 4:24:00 AM

i need the dumb of the hcip security v4.0 exam

W
Wei
8/3/2023 4:18:00 AM

upload the dump please

S
Stephen
10/3/2023 6:24:00 PM

yes, iam looking this

S
Stephen
8/4/2023 9:08:00 PM

please upload cima e2 managing performance dumps

H
hp
6/16/2023 12:44:00 AM

wonderful questions

P
Priyo
11/14/2023 2:23:00 AM

i used this site since 2000, still great to support my career

J
Jude
8/29/2023 1:56:00 PM

why is the answer to "which of the following is required by scrum?" all of the following stated below since most of them are not mandatory? sprint retrospective. members must be stand up at the daily scrum. sprint burndown chart. release planning.

M
Marc blue
9/15/2023 4:11:00 AM

great job. hope this helps out.

A
Anne
9/13/2023 2:33:00 AM

upload please. many thanks!

P
pepe el toro
9/12/2023 7:55:00 PM

this is so interesting

A
Antony
11/28/2023 12:13:00 AM

great material thanks

T
Thembelani
5/30/2023 2:22:00 AM

anyone who wrote this exam recently

P
P
9/16/2023 1:27:00 AM

ok they re good

J
Jorn
7/13/2023 5:05:00 AM

relevant questions

A
AM
6/20/2023 7:54:00 PM

please post

N
Nagendra Pedipina
7/13/2023 2:22:00 AM

q:42 there has to be a image in the question to choose what does it mean from the options

B
BrainDumpee
11/18/2023 1:36:00 PM

looking for cphq dumps, where can i find these for free? please and thank you.

S
sheik
10/14/2023 11:37:00 AM

@aarun , thanks for the information. it would be great help if you share your email

R
Random user
12/11/2023 1:34:00 AM

1z0-1078-23 need this dumps

L
labuschanka
11/16/2023 6:06:00 PM

i gave the microsoft azure az-500 tests and prepared from this site as it has latest mock tests available which helped me evaluate my performance and score 919/1000

M
Marianne
10/22/2023 11:57:00 PM

i cannot see the button to go to the questions

S
sushant
6/28/2023 4:52:00 AM

good questions

AI Tutor 👋 I’m here to help!