Browse Exams Pricing

ExamsSSCPQuestions

SSCP Exam Questions

1,274 real SSCP exam questions with expert-verified answers and explanations. Page 20 of 26.

Question #972Systems and Application Security
Why should batch files and scripts be stored in a protected area?
Scripting securityCredential managementSecure storageSensitive data protection
Question #973Access Controls
Which of the following Kerberos components holds all users' and services' cryptographic keys?
KerberosAuthenticationCryptographic KeysAccess Control
Question #974Systems and Application Security
Sensitivity labels are an example of what application control type?
Sensitivity labelsData classificationPreventive controlsApplication security
Question #975Security Concepts and Practices
Which integrity model defines a constrained data item, an integrity verification procedure and a transformation procedure?
Integrity ModelsClark-Wilson ModelData IntegritySecurity Models
Question #976Access Controls
How should a doorway of a manned facility with automatic locks be configured?
Physical SecurityAccess ControlFail-safeEmergency Egress
Question #977Access Controls
Which of following is not a service provided by AAA servers (Radius, TACACS and DIAMETER)?
AAAAuthenticationAuthorizationAccounting
Question #978Risk Identification, Monitoring and Analysis
Which of the following results in the most devastating business interruptions?
Data Loss ImpactBusiness InterruptionBusiness ContinuityRisk Impact
Question #979Incident Response and Recovery
Which of the following is the most critical item from a disaster recovery point of view?
Disaster RecoveryBusiness ContinuityCritical AssetsData Protection
Question #980Incident Response and Recovery
Which of the following is defined as the most recent point in time to which data must be synchronized without adversely affecting the organization (financial or operational impacts...
Recovery Point ObjectiveRPODisaster RecoveryBusiness Continuity
Question #981Risk Identification, Monitoring and Analysis
Valuable paper insurance coverage does not cover damage to which of the following?
InsuranceRisk ManagementAsset ProtectionValuable Papers
Question #982Risk Identification, Monitoring and Analysis
Which of the following is covered under Crime Insurance Policy Coverage?
Crime insuranceInsurance coverageRisk managementFinancial protection
Question #983Risk Identification, Monitoring and Analysis
If your property Insurance has Actual Cash Valuation (ACV) clause, your damaged property will be compensated based on:
Actual Cash Valuation (ACV)InsuranceAsset Valuation
Question #984Risk Identification, Monitoring and Analysis
If your property Insurance has Replacement Cost Valuation (RCV) clause your damaged property will be compensated:
InsuranceReplacement Cost Valuation (RCV)Asset ValuationRisk Transfer
Question #985Security Operations and Administration
A momentary power outage is a:
Power qualityElectrical faultsPhysical securitySystem availability
Question #986Security Operations and Administration
A momentary high voltage is a:
Power qualityVoltage anomalySpikeElectrical safety
Question #987Security Operations and Administration
A momentary low voltage, from 1 cycle to a few seconds, is a:
Power qualityVoltage sagEnvironmental controlsPhysical security
Question #988Security Operations and Administration
A prolonged high voltage is a:
Power anomaliesElectrical disturbancesSurgePhysical security
Question #989Access Controls
Which of the following is BEST defined as a physical control?
Physical securitySecurity controlsPhysical controlsAccess controls
Question #990Security Concepts and Practices
Which of the following is given the responsibility of the maintenance and protection of the data?
Data rolesData custodianInformation security responsibilitiesData protection
Question #991Security Concepts and Practices
Who should DECIDE how a company should approach security and what security measures should be implemented?
Security GovernanceRoles and ResponsibilitiesSecurity ManagementOrganizational Security
Question #992Security Concepts and Practices
Which of the following is responsible for MOST of the security issues?
Personnel securityHuman factorSecurity awarenessRisk causes
Question #993Security Concepts and Practices
What are the three FUNDAMENTAL principles of security?
CIA triadSecurity principlesConfidentialityIntegrityAvailability
Question #994Security Concepts and Practices
Within the context of the CBK, which of the following provides a MINIMUM level of security ACCEPTABLE for an environment ?
Security baselinesMinimum security requirementsSecurity governancePolicy management
Question #995Security Concepts and Practices
According to private sector data classification levels, how would salary levels and medical information be classified?
data classificationsensitive dataPIIinformation security policies
Question #996Risk Identification, Monitoring and Analysis
Which of the following would be the best criterion to consider in determining the classification of an information asset?
Information asset classificationData classificationAsset managementAsset valuation
Question #997Security Concepts and Practices
Which of the following is not a responsibility of an information (data) owner?
Data owner responsibilitiesData custodianRoles and responsibilitiesData classification
Question #998Security Concepts and Practices
Which of the following embodies all the detailed actions that personnel are required to follow?
Security ProceduresAdministrative ControlsSecurity DocumentationSecurity Policies
Question #999Systems and Application Security
Which of the following choices describe a condition when RAM and Secondary storage are used together?
Virtual MemoryMemory ManagementOperating SystemsSystem Architecture
Question #1000Network and Communications Security
Which of the following protocols does not operate at the data link layer (layer 2)?
OSI ModelNetwork ProtocolsData Link LayerICMP
Question #1001Network and Communications Security
Encapsulating Security Payload (ESP) provides some of the services of Authentication Headers (AH), but it is primarily designed to provide:
IPsecESPConfidentialityNetwork Security
Question #1002Network and Communications Security
Which of the following is NOT true about IPSec Tunnel mode?
IPSecTunnel ModeOSI ModelNetwork Protocols
Question #1003Network and Communications Security
What is the greatest danger from DHCP?
DHCP SecurityRogue DHCP ServerNetwork AttacksMan-in-the-Middle
Question #1004Network and Communications Security
Which of the following should NOT normally be allowed through a firewall?
Firewall rulesNetwork protocolsSNMP securitySecurity best practices
Question #1005Network and Communications Security
What can best be defined as a strongly protected computer that is in a network protected by a firewall (or is part of a firewall) and is the only host (or one of only a few hosts)...
Bastion hostNetwork architectureFirewallDMZ
Question #1006Network and Communications Security
Which of the following can be defined as an Internet protocol by which a client workstation can dynamically access a mailbox on a server host to manipulate and retrieve mail messag...
Email ProtocolsIMAP4Network Protocols
Question #1007Network and Communications Security
Which of the following NAT firewall translation modes offers no protection from hacking attacks to an internal host using this functionality?
NAT (Network Address Translation)FirewallNetwork SecurityStatic NAT
Question #1008Network and Communications Security
Which of the following is the primary security feature of a proxy server?
Proxy ServersContent FilteringNetwork SecuritySecurity Appliances
Question #1009Network and Communications Security
In the context of network enumeration by an outside attacker and possible Distributed Denial of Service (DDoS) attacks, which of the following firewall rules is not appropriate to...
Firewall RulesICMPNetwork EnumerationDDoS Protection
Question #1010Network and Communications Security
Which of the following packets should NOT be dropped at a firewall protecting an organization's internal network?
Firewall RulesPacket FilteringNetwork Security Best PracticesIP Spoofing
Question #1011Network and Communications Security
Why does fiber optic communication technology have significant security advantage over other transmission technology?
Fiber opticsPhysical securityData interceptionTransmission security
Question #1012Network and Communications Security
Layer 4 of the OSI stack is known as:
OSI ModelTransport LayerNetworking Concepts
Question #1013Network and Communications Security
Another name for a VPN is a:
VPNTunnelingNetwork Security
Question #1014Network and Communications Security
Why is traffic across a packet switched network difficult to monitor?
Packet switchingNetwork monitoringNetwork architectureTraffic analysis
Question #1015Network and Communications Security
Which one of the following is used to provide authentication and confidentiality for e-mail messages?
Email securityPGPConfidentialityAuthentication
Question #1016Network and Communications Security
What is a packet sniffer?
Packet snifferNetwork traffic analysisNetwork monitoringSecurity tools
Question #1017Network and Communications Security
Which of the following media is MOST resistant to EMI interference?
Network mediaFiber opticsEMITransmission media
Question #1018Network and Communications Security
At which layer of ISO/OSI does the fiber optics work?
OSI ModelPhysical LayerFiber OpticsNetworking Fundamentals
Question #1019Network and Communications Security
While using IPsec, the ESP and AH protocols both provides integrity services. However when using AH, some special attention needs to be paid if one of the peers uses NAT for addres...
IPsecAuthentication Header (AH)NATPacket Integrity
Question #1020Network and Communications Security
Which of the following service is a distributed database that translate host name to IP address to IP address to host name?
DNSNetwork ServicesName Resolution
Question #1021Security Concepts and Practices
In computing what is the name of a non-self-replicating type of malware program containing malicious code that appears to have some useful purpose but also contains code that has a...
malwareTrojan horsesecurity threats

PreviousPage 20 of 26Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.