Browse Exams Pricing

ExamsSSCPQuestions

SSCP Exam Questions

1,274 real SSCP exam questions with expert-verified answers and explanations. Page 10 of 26.

Question #457Incident Response and Recovery
What is the PRIMARY goal of incident handling?
Incident ResponseIncident HandlingContainmentRecovery
Question #458Security Concepts and Practices
Which of the following outlined how senior management are responsible for the computer and information security decisions that they make and what actually took place within their o...
Legal complianceRegulatory frameworksManagement responsibilityDue diligence
Question #459Incident Response and Recovery
What is the PRIMARY reason to maintain the chain of custody on evidence that has been collected?
Chain of CustodyEvidence HandlingDigital ForensicsLegal Admissibility
Question #460Security Concepts and Practices
Which of the following would BEST be defined as an absence or weakness of safeguard that could be exploited?
VulnerabilityInformation Security ConceptsRisk Management Basics
Question #461Risk Identification, Monitoring and Analysis
Which of the following could be BEST defined as the likelihood of a threat agent taking advantage of a vulnerability?
RiskThreatVulnerabilityLikelihood
Question #462Security Concepts and Practices
Which approach to a security program ensures people responsible for protecting the company's assets are DRIVING the program?
Security Program ManagementOrganizational SecurityTop-down approach
Question #463Risk Identification, Monitoring and Analysis
Which of the following is NOT a part of a risk analysis?
Risk AnalysisRisk Management ProcessRisk TreatmentCountermeasures
Question #464Risk Identification, Monitoring and Analysis
How should a risk be HANDLED when the cost of the countermeasure OUTWEIGHS the cost of the risk?
Risk ManagementRisk ResponseRisk AcceptanceCost-Benefit Analysis
Question #465Risk Identification, Monitoring and Analysis
What would BEST define risk management?
Risk ManagementRisk TreatmentAcceptable Risk
Question #466Risk Identification, Monitoring and Analysis
What is the highest amount a company should spend annually on countermeasures for protecting an asset valued at $1,000,000 from a threat that has an annualized rate of occurrence (...
Risk AnalysisQuantitative RiskALE CalculationCost-Benefit
Question #467Risk Identification, Monitoring and Analysis
Which of the following statements pertaining to quantitative risk analysis is false?
Quantitative risk analysisRisk managementRisk assessmentRisk analysis methods
Question #468Incident Response and Recovery
Notifying the appropriate parties to take action in order to determine the extent of the severity of an incident and to remediate the incident's effects is part of:
Incident ResponseIncident ManagementIncident RemediationIncident Triage
Question #469Security Concepts and Practices
An Intrusion Detection System (IDS) is what type of control?
Security ControlsIntrusion Detection System (IDS)Detective ControlsSecurity Operations
Question #470Incident Response and Recovery
To protect and/or restore lost, corrupted, or deleted information, thereby preserving the data integrity and availability is the purpose of:
Data protectionData recoveryBackupsAvailability
Question #471Incident Response and Recovery
Which of the following is NOT a task normally performed by a Computer Incident Response Team (CIRT)?
Incident ResponseCIRTSecurity Roles and ResponsibilitiesSecurity Policy
Question #472Incident Response and Recovery
Which of the following is NOT a common backup method?
Backup methodsData backupRecovery strategiesBusiness continuity
Question #473Security Operations and Administration
Which backup method only copies files that have been recently added or changed and also leaves the archive bit unchanged?
Backup methodsDifferential backupArchive bitData availability
Question #474Incident Response and Recovery
Which backup method does not reset the archive bit on files that are backed up?
Backup methodsDifferential backupArchive bitData recovery
Question #475Security Operations and Administration
Which common backup method is the fastest on a daily basis?
Backup methodsIncremental backupData protectionData recovery
Question #476Security Operations and Administration
Which of the following backup methods is most appropriate for off-site archiving?
Backup methodsData archivingFull backupData protection
Question #477Incident Response and Recovery
Which of the following tasks is NOT usually part of a Business Impact Analysis (BIA)?
Business Impact AnalysisBIABusiness Continuity PlanningDisaster Recovery
Question #478Security Concepts and Practices
Which of the following is an example of an active attack?
Active attacksPassive attacksNetwork scanningAttack types
Question #479Security Operations and Administration
What can be defined as a momentary low voltage?
Power qualityVoltage sagEnvironmental controlsPhysical security
Question #480Security Concepts and Practices
The absence of a safeguard, or a weakness in a system that may possibly be exploited is called a(n)?
Security ConceptsVulnerabilityRisk Management FundamentalsWeakness
Question #481Security Operations and Administration
Which of the following statements pertaining to disk mirroring is incorrect?
Disk MirroringRAIDStorage RedundancyFault Tolerance
Question #482Risk Identification, Monitoring and Analysis
Which of the following is NOT a common category/classification of threat to an IT system?
Threat classificationThreat categoriesIT threats
Question #483Risk Identification, Monitoring and Analysis
Which of the following enables the person responsible for contingency planning to focus risk management efforts and resources in a prioritized manner only on the identified risks?
Risk ManagementRisk AssessmentContingency PlanningPrioritization
Question #484Incident Response and Recovery
A contingency plan should address:
Contingency PlanningRisk ManagementBusiness ContinuityRisk Types
Question #485Incident Response and Recovery
Which of the following focuses on sustaining an organization's business functions during and after a disruption?
Business continuityDisaster recoveryOrganizational resilienceContingency planning
Question #486Incident Response and Recovery
Which of the following specifically addresses cyber attacks against an organization's IT systems?
Incident ResponseCybersecurity PlanningSecurity Incidents
Question #487Incident Response and Recovery
In which of the following phases of system development life cycle (SDLC) is contingency planning most important?
SDLCContingency PlanningBusiness ContinuityDisaster Recovery
Question #488Incident Response and Recovery
Which of the following teams should NOT be included in an organization's contingency plan?
Contingency PlanningIncident Response TeamsSecurity Team RolesDisaster Recovery
Question #489Incident Response and Recovery
Which of the following statements pertaining to the maintenance of an IT contingency plan is incorrect?
Contingency PlanningDisaster Recovery Plan (DRP)Plan MaintenanceSecurity Operations
Question #490Incident Response and Recovery
Which of the following is less likely to accompany a contingency plan, either within the plan itself or in the form of an appendix?
Contingency PlanningDisaster RecoveryBusiness ContinuityPlan Content
Question #491Systems and Application Security
Which of the following server contingency solutions offers the highest availability?
High availabilityServer redundancyLoad balancingData replication
Question #492Risk Identification, Monitoring and Analysis
What assesses potential loss that could be caused by a disaster?
Business Impact AnalysisDisaster Recovery PlanningBusiness Continuity PlanningImpact Assessment
Question #493Risk Identification, Monitoring and Analysis
Which of the following item would best help an organization to gain a common understanding of functions that are critical to its survival?
Business Impact Analysis (BIA)Critical Business FunctionsBusiness ContinuityRisk Analysis
Question #494Incident Response and Recovery
What can be defined as the maximum acceptable length of time that elapses before the unavailability of the system severely affects the organization?
Recovery Time Objective (RTO)Business Continuity Planning (BCP)Disaster Recovery Planning (DRP)System Availability
Question #495Risk Identification, Monitoring and Analysis
Which of the following steps should be one of the first step performed in a Business Impact Analysis (BIA)?
Business Impact Analysis (BIA)Business Continuity Planning (BCP)Critical FunctionsRisk Management
Question #496Incident Response and Recovery
A business continuity plan should list and prioritize the services that need to be brought back after a disaster strikes. Which of the following services is more likely to be of pr...
Disaster Recovery Plan (DRP)Business Continuity Plan (BCP)Critical servicesIT infrastructure recovery
Question #497Incident Response and Recovery
During the salvage of the Local Area Network and Servers, which of the following steps would normally be performed first?
Salvage operationsDamage assessmentDisaster recoveryIncident recovery planning
Question #498Incident Response and Recovery
Which of the following rules pertaining to a Business Continuity Plan/Disaster Recovery Plan is incorrect?
Business Continuity PlanningDisaster Recovery PlanningBCP/DRP structureOrganizational resilience
Question #499Incident Response and Recovery
A Business Continuity Plan should be tested:
Business ContinuityBCP TestingContinuity Planning
Question #500Incident Response and Recovery
Which of the following statements pertaining to a Criticality Survey is incorrect?
Criticality SurveyBusiness Impact AnalysisBusiness Continuity PlanningDisaster Recovery Planning
Question #501Incident Response and Recovery
Which disaster recovery plan test involves functional representatives meeting to review the plan in detail?
Disaster Recovery Planning (DRP)DRP TestingStructured Walk-through TestBusiness Continuity
Question #502Risk Identification, Monitoring and Analysis
The criteria for evaluating the legal requirements for implementing safeguards is to evaluate the cost (C) of instituting the protection versus the estimated loss (L) resulting fro...
Legal liabilityDue careRisk managementCost-benefit analysis
Question #503Incident Response and Recovery
What is called an exception to the search warrant requirement that allows an officer to conduct a search without having the warrant in-hand if probable cause is present and destruc...
Exigent CircumstancesSearch WarrantsLegal ExceptionsEvidence Preservation
Question #504Incident Response and Recovery
A copy of evidence or oral description of its contents; which is not as reliable as best evidence is what type of evidence?
Evidence typesSecondary evidenceBest evidence ruleDigital forensics
Question #505Incident Response and Recovery
Which of the following proves or disproves a specific act through oral testimony based on information gathered through the witness's five senses?
Direct evidenceEvidence typesForensic investigationsLegal concepts
Question #506Incident Response and Recovery
This type of supporting evidence is used to help prove an idea or a point, however It cannot stand on its own, it is used as a supplementary tool to help prove a primary piece of e...
Evidence typesCorroborationDigital forensicsIncident investigation

PreviousPage 10 of 26Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.