Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. ISC
  3. SSCP

ISC SSCP Exam (page: 7)
ISC SSCP System Security Certified Practitioner (SSCP)
Updated on: 25-Dec-2025

Viewing Page 7 of 216
SSCP PDF 1074 Questions

Which of the following is the most reliable authentication method for remote access?

  1. Variable callback system
  2. Synchronous token
  3. Fixed callback system
  4. Combination of callback and caller ID

Answer(s): B

Explanation:

A Synchronous token generates a one-time password that is only valid for a short period of time. Once the password is used it is no longer valid, and it expires if not entered in the acceptable time frame.
The following answers are incorrect:
Variable callback system. Although variable callback systems are more flexible than fixed callback systems, the system assumes the identity of the individual unless two-factor authentication is also implemented. By itself, this method might allow an attacker access as a trusted user.
Fixed callback system. Authentication provides assurance that someone or something is who or what he/it is supposed to be. Callback systems authenticate a person, but anyone can pretend to be that person. They are tied to a specific place and phone number, which can be spoofed by implementing call-forwarding.
Combination of callback and Caller ID. The caller ID and callback functionality provides greater confidence and auditability of the caller's identity. By disconnecting and calling back only authorized phone numbers, the system has a greater confidence in the location of the call. However, unless combined with strong authentication, any individual at the location could obtain access.
The following reference(s) were/was used to create this question:
Shon Harris AIO v3 p. 140, 548
ISC2 OIG 2007 p. 152-153, 126-127



Which of the following is the most reliable, secure means of removing data from magnetic storage media such as a magnetic tape, or a cassette?

  1. Degaussing
  2. Parity Bit Manipulation
  3. Zeroization
  4. Buffer overflow

Answer(s): A

Explanation:

A "Degausser (Otherwise known as a Bulk Eraser) has the main function of reducing to near zero the magnetic flux stored in the magnetized medium. Flux density is measured in Gauss or Tesla. The operation is speedier than overwriting and done in one short operation. This is achieved by subjecting the subject in bulk to a series of fields of alternating polarity and gradually decreasing strength.
The following answers are incorrect:Parity Bit Manipulation. Parity has to do with disk lerror detection, not data removal. A bit or series of bits appended to a character or block of characters to ensure that the information received is the same as the infromation that was sent.
Zeroization. Zeroization involves overwrting data to sanitize it. It is time-consuming and not foolproof. The potential of restoration of data does exist with this method. Buffer overflow. This is a detractor. Although many Operating Systems use a disk buffer to temporarily hold data read from disk, its primary purpose has no connection to data removal. An overflow goes outside the constraints defined for the buffer and is a method used by an attacker to attempt access to a system.
The following reference(s) were/was used to create this question:
Shon Harris AIO v3. pg 908


Reference:

What is degaussing.



The Orange Book is founded upon which security policy model?

  1. The Biba Model
  2. The Bell LaPadula Model
  3. Clark-Wilson Model
  4. TEMPEST

Answer(s): B

Explanation:

From the glossary of Computer Security Basics:
The Bell-LaPadula model is the security policy model on which the Orange Book requirements are based. From the Orange Book definition, "A formal state transition model of computer security policy that describes a set of access control rules. In this formal model, the entities in a computer system are divided into abstract sets of subjects and objects. The notion of secure state is defined and it is proven that each state transition preserves security by moving from secure state to secure state; thus, inductively proving the system is secure. A system state is defined to be 'secure' if the only permitted access modes of subjects to objects are in accordance with a specific security policy. In order to determine whether or not a specific access mode is allowed, the clearance of a subject is compared to the classification of the object and a determination is made as to whether the subject is authorized for the specific access mode." The Biba Model is an integrity model of computer security policy that describes a set of rules. In this model, a subject may not depend on any object or other subject that is less trusted than itself. The Clark Wilson Model is an integrity model for computer security policy designed for a commercial environment. It addresses such concepts as nondiscretionary access control, privilege separation, and least privilege. TEMPEST is a government program that prevents the compromising electrical and electromagnetic signals that emanate from computers and related equipment from being intercepted and deciphered.


Reference:

RUSSEL, Deborah & GANGEMI, G.T. Sr., Computer Security Basics, O'Reilly, 1991. Also: U.S. Department of Defense, Trusted Computer System Evaluation Criteria (Orange Book), DOD 5200.28-STD. December 1985 (also available here).



Which of the following is true of two-factor authentication?

  1. It uses the RSA public-key signature based on integers with large prime factors.
  2. It requires two measurements of hand geometry.
  3. It does not use single sign-on technology.
  4. It relies on two independent proofs of identity.

Answer(s): D

Explanation:

It relies on two independent proofs of identity. Two-factor authentication refers to using two independent proofs of identity, such as something the user has (e.g. a token card) and something the user knows (a password). Two-factor authentication may be used with single sign-on.
The following answers are incorrect: It requires two measurements of hand geometry. Measuring
hand geometry twice does not yield two independent proofs.
It uses the RSA public-key signature based on integers with large prime factors. RSA encryption uses integers with exactly two prime factors, but the term "two-factor authentication" is not used in that context.
It does not use single sign-on technology. This is a detractor.
The following reference(s) were/was used to create this question:
Shon Harris AIO v.3 p.129
ISC2 OIG, 2007 p. 126



The primary service provided by Kerberos is which of the following?

  1. non-repudiation
  2. confidentiality
  3. authentication
  4. authorization

Answer(s): C

Explanation:

authentication. Kerberos is an authentication service. It can use single- factor or multi-factor authentication methods.
The following answers are incorrect:
non-repudiation. Since Kerberos deals primarily with symmetric cryptography, it does not help with non-repudiation.
confidentiality. Once the client is authenticated by Kerberos and obtains its session key and ticket, it may use them to assure confidentiality of its communication with a server; however, that is not a Kerberos service as such.
authorization. Although Kerberos tickets may include some authorization information, the meaning of the authorization fields is not standardized in the Kerberos specifications, and authorization is not a primary Kerberos service.
The following reference(s) were/was used to create this question:
ISC2 OIG,2007 p. 179-184
Shon Harris AIO v.3 152-155



Viewing Page 7 of 216



Share your comments for ISC SSCP exam with other users:

CW 7/11/2023 3:19:00 PM

thank you for providing such assistance.
UNITED STATES


Mn8300 11/9/2023 8:53:00 AM

nice questions
Anonymous


Nico 4/23/2023 11:41:00 PM

my 3rd purcahse from this site. these exam dumps are helpful. very helpful.
ITALY


Chere 9/15/2023 4:21:00 AM

found it good
Anonymous


Thembelani 5/30/2023 2:47:00 AM

excellent material
Anonymous


vinesh phale 9/11/2023 2:51:00 AM

very helpfull
UNITED STATES


Bhagiii 11/4/2023 7:04:00 AM

well explained.
Anonymous


Rahul 8/8/2023 9:40:00 PM

i need the pdf, please.
CANADA


CW 7/11/2023 2:51:00 PM

a good source for exam preparation
UNITED STATES


Anchal 10/23/2023 4:01:00 PM

nice questions
INDIA


J Nunes 9/29/2023 8:19:00 AM

i need ielts general training audio guide questions
BRAZIL


Ananya 9/14/2023 5:16:00 AM

please make this content available
UNITED STATES


Swathi 6/4/2023 2:18:00 PM

content is good
Anonymous


Leo 7/29/2023 8:45:00 AM

latest dumps please
INDIA


Laolu 2/15/2023 11:04:00 PM

aside from pdf the test engine software is helpful. the interface is user-friendly and intuitive, making it easy to navigate and find the questions.
UNITED STATES


Zaynik 9/17/2023 5:36:00 AM

questions and options are correct, but the answers are wrong sometimes. so please check twice or refer some other platform for the right answer
Anonymous


Massam 6/11/2022 5:55:00 PM

90% of questions was there but i failed the exam, i marked the answers as per the guide but looks like they are not accurate , if not i would have passed the exam given that i saw about 45 of 50 questions from dump
Anonymous


Anonymous 12/27/2023 12:47:00 AM

answer to this question "what administrative safeguards should be implemented to protect the collected data while in use by manasa and her product management team? " it should be (c) for the following reasons: this administrative safeguard involves controlling access to collected data by ensuring that only individuals who need the data for their job responsibilities have access to it. this helps minimize the risk of unauthorized access and potential misuse of sensitive information. while other options such as (a) documenting data flows and (b) conducting a privacy impact assessment (pia) are important steps in data protection, implementing a "need to know" access policy directly addresses the issue of protecting data while in use by limiting access to those who require it for legitimate purposes. (d) is not directly related to safeguarding data during use; it focuses on data transfers and location.
INDIA


Japles 5/23/2023 9:46:00 PM

password lockout being the correct answer for question 37 does not make sense. it should be geofencing.
Anonymous


Faritha 8/10/2023 6:00:00 PM

for question 4, the righr answer is :recover automatically from failures
UNITED STATES


Anonymous 9/14/2023 4:27:00 AM

question number 4s answer is 3, option c. i
UNITED STATES


p das 12/7/2023 11:41:00 PM

very good questions
UNITED STATES


Anna 1/5/2024 1:12:00 AM

i am confused about the answers to the questions. are the answers correct?
KOREA REPUBLIC OF


Bhavya 9/13/2023 10:15:00 AM

very usefull
Anonymous


Rahul Kumar 8/31/2023 12:30:00 PM

need certification.
CANADA


Diran Ole 9/17/2023 5:15:00 PM

great exam prep
CANADA


Venkata Subbarao Bandaru 6/24/2023 8:45:00 AM

i require dump
Anonymous


D 7/15/2023 1:38:00 AM

good morning, could you please upload this exam again,
Anonymous


Ann 9/15/2023 5:39:00 PM

hi can you please upload the dumps for sap contingent module. thanks
AUSTRALIA


Sridhar 1/16/2024 9:19:00 PM

good questions
Anonymous


Summer 10/4/2023 9:57:00 PM

looking forward to the real exam
Anonymous


vv 12/2/2023 2:45:00 PM

good ones for exam preparation
UNITED STATES


Danny Zas 9/15/2023 4:45:00 AM

this is a good experience
UNITED STATES


SM 1211 10/12/2023 10:06:00 PM

hi everyone
UNITED STATES