Browse Exams Pricing

ExamsSSCPQuestions

SSCP Exam Questions

1,274 real SSCP exam questions with expert-verified answers and explanations. Page 19 of 26.

Question #922Incident Response and Recovery
When referring to a computer crime investigation, which of the following would be the MOST important step required in order to preserve and maintain a proper chain of custody of ev...
Chain of CustodyDigital ForensicsEvidence HandlingIncident Response
Question #923Incident Response and Recovery
When should a post-mortem review meeting be held after an intrusion has been properly taken care of?
Incident responsePost-mortem reviewLessons learnedIncident closure
Question #924Security Concepts and Practices
What can be defined as an event that could cause harm to the information systems?
threatsinformation security conceptsrisk management fundamentals
Question #925Access Controls
Most access violations are:
Access ViolationsHuman ErrorSecurity Incidents Causes
Question #926Incident Response and Recovery
A business continuity plan is an example of which of the following?
Business Continuity Plan (BCP)Security ControlsCorrective Controls
Question #927Incident Response and Recovery
When preparing a business continuity plan, who of the following is responsible for identifying and prioritizing time-critical systems?
Business Continuity PlanningCriticality AssessmentRoles and ResponsibilitiesBusiness Impact Analysis
Question #928Incident Response and Recovery
Which of the following statements pertaining to disaster recovery planning is incorrect?
Disaster Recovery PlanningBusiness ContinuityRecovery strategies
Question #929Incident Response and Recovery
Which of the following statements do not apply to a hot site?
Disaster RecoveryBusiness ContinuityHot SiteRecovery Strategies
Question #930Incident Response and Recovery
What can be defined as a batch process dumping backup data through communications lines to a server at an alternate location?
Electronic VaultingBackup MethodsDisaster RecoveryData Protection
Question #931Incident Response and Recovery
Which of the following is the most complete disaster recovery plan test type, to be performed after successfully completing the Parallel test?
Disaster Recovery PlanningDRP TestingFull Interruption TestBusiness Continuity
Question #932Incident Response and Recovery
Which of the following statements pertaining to disaster recovery is incorrect?
Disaster RecoveryBusiness ContinuityRecovery PlanningFailback
Question #933Incident Response and Recovery
If an employee's computer has been used by a fraudulent employee to commit a crime, the hard disk may be seized as evidence and once the investigation is complete it would follow t...
Digital ForensicsEvidence HandlingChain of CustodyIncident Response
Question #934Incident Response and Recovery
Which of the following is a problem regarding computer investigation issues?
Digital EvidenceComputer ForensicsLegal AdmissibilityIncident Investigation
Question #935Access Controls
Which of the following are not Remote Access concerns?
Remote AccessAccess ControlSecurity AuditingAccess Reviews
Question #936Access Controls
Smart cards are an example of which type of control?
Smart cardsTechnical controlsSecurity controlsAuthentication factors
Question #937Access Controls
What security model is dependent on security labels?
Security modelsAccess controlMandatory Access ControlSecurity labels
Question #938Access Controls
What security model implies a central authority that define rules and sometimes global rules, dictating what subjects can have access to what objects?
Access control modelsNon-discretionary access controlCentralized access managementSecurity policies
Question #939Access Controls
Which type of password token involves time synchronization?
Authentication tokensMulti-factor authentication (MFA)Synchronous tokensTime synchronization
Question #940Access Controls
Which of the following statements pertaining to biometrics is false?
BiometricsAuthentication factorsError ratesType I/II errors
Question #941Network and Communications Security
Which of the following statements pertaining to Kerberos is TRUE?
KerberosAuthentication ProtocolsAvailabilitySymmetric Cryptography
Question #942Access Controls
Which of the following centralized access control mechanisms is the least appropriate for mobile workers accessing the corporate network over analog lines?
Access ControlRemote AuthenticationMobile SecurityDial-up Networking
Question #943Security Concepts and Practices
Which of the following is NOT a compensating measure for access violations?
Security controlsCompensating controlsPreventive controlsAccess violations
Question #944Risk Identification, Monitoring and Analysis
A host-based IDS is resident on which of the following?
Host-based IDSHIDSIntrusion Detection
Question #945Network and Communications Security
Which of the following usually provides reliable, real-time information without consuming network or host resources?
IDSNetwork-based IDSSecurity MonitoringNetwork Security
Question #946Network and Communications Security
The fact that a network-based IDS reviews packets payload and headers enable which of the following?
Network IDS (NIDS)Denial of Service (DoS)Packet analysisIntrusion Detection
Question #947Risk Identification, Monitoring and Analysis
Which of the following reviews system and event logs to detect attacks on the host and determine if the attack was successful?
HIDSIntrusion DetectionLog AnalysisSecurity Monitoring
Question #948Systems and Application Security
What would be considered the biggest drawback of Host-based Intrusion Detection systems (HIDS)?
HIDSIntrusion Detection SystemsHost SecuritySecurity Monitoring
Question #949Network and Communications Security
Attributes that characterize an attack are stored for reference using which of the following Intrusion Detection System (IDS) ?
Intrusion Detection SystemsSignature-based detectionNetwork security tools
Question #950Risk Identification, Monitoring and Analysis
Which of the following is an issue with signature-based intrusion detection systems?
Intrusion Detection Systems (IDS)Signature-based detectionSecurity monitoringIDS limitations
Question #951Risk Identification, Monitoring and Analysis
Which of the following is an IDS that acquires data and defines a "normal" usage profile for the network or host?
Intrusion Detection System (IDS)Anomaly DetectionStatistical AnalysisSecurity Monitoring
Question #952Security Operations and Administration
Which of the following is a disadvantage of a statistical anomaly-based intrusion detection system?
Intrusion Detection Systems (IDS)Anomaly DetectionFalse PositivesSecurity Monitoring
Question #953Incident Response and Recovery
In the process of gathering evidence from a computer attack, a system administrator took a series of actions which are listed below. Can you identify which one of these actions has...
Digital ForensicsEvidence CollectionIncident ResponseEvidence Integrity
Question #954Network and Communications Security
As a result of a risk assessment, your security manager has determined that your organization needs to implement an intrusion detection system that can detect unknown attacks and c...
Intrusion Detection SystemsAnomaly DetectionNetwork Monitoring
Question #955Security Operations and Administration
Which of the following is NOT a characteristic of a host-based intrusion detection system?
HIDSIntrusion DetectionSystem MonitoringSecurity Operations
Question #956Risk Identification, Monitoring and Analysis
Which of the following is NOT a fundamental component of an alarm in an intrusion detection system?
Intrusion Detection Systems (IDS)Alarm ComponentsSecurity Monitoring
Question #957Security Concepts and Practices
What is the goal of the Maintenance phase in a common development process of a security policy?
Security PolicyPolicy LifecyclePolicy MaintenancePolicy Review
Question #958Security Concepts and Practices
What is the difference between Advisory and Regulatory security policies?
Security PoliciesRegulatory CompliancePolicy TypesInformation Security Governance
Question #959Security Concepts and Practices
What is the main purpose of Corporate Security Policy?
Security PolicyInformation Security ManagementSecurity GovernancePolicy Purpose
Question #960Risk Identification, Monitoring and Analysis
Which of the following is not a component of a Operations Security "triples"?
Operations SecurityRisk ManagementAsset Threat VulnerabilitySecurity Concepts
Question #961Access Controls
When two or more separate entities (usually persons) operating in concert to protect sensitive functions or information must combine their knowledge to gain access to an asset, thi...
Dual ControlAccess ControlSecurity PrinciplesAdministrative Controls
Question #962Security Operations and Administration
Which of the following is NOT a proper component of Media Viability Controls?
Media ProtectionData HandlingBackup Management
Question #963Security Concepts and Practices
A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?
Overt channelCovert channelSecurity channelsInformation flow
Question #964Security Concepts and Practices
When attempting to establish Liability, which of the following would be describe as performing the ongoing maintenance necessary to keep something in proper working order, updated,...
Due careLiabilityLegal conceptsSecurity governance
Question #965Access Controls
What can best be described as a domain of trust that shares a single security policy and single management?
Security DomainTrust DomainSecurity PolicyAccess Control Concepts
Question #966Systems and Application Security
Which of the following describes a technique in which a number of processor units are employed in a single computer system to increase the performance of the system in its applicat...
MultiprocessingOperating SystemsSystem Performance
Question #967Access Controls
What can best be described as an abstract machine which must mediate all access to subjects to objects?
Reference monitorAccess controlSecurity architectureTrusted computing base
Question #968Security Operations and Administration
Who is responsible for implementing user clearances in computer-based information systems at the B3 level of the TCSEC rating ?
Roles and ResponsibilitiesAccess Control ImplementationSecurity AdministrationTCSEC
Question #969Access Controls
Which of the following questions is less likely to help in assessing physical access controls?
Physical SecurityAccess Control AssessmentLogical vs Physical ControlsOS Hardening
Question #970Security Operations and Administration
Which of the following questions is less likely to help in assessing physical and environmental protection?
Physical SecurityEnvironmental ProtectionSecurity OperationsInformation Protection
Question #971Security Concepts and Practices
How would nonrepudiation be best classified as?
NonrepudiationSecurity ControlsPreventive ControlsControl Classification

PreviousPage 19 of 26Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.