Browse Exams Pricing

ExamsSSCPQuestions

SSCP Exam Questions

1,274 real SSCP exam questions with expert-verified answers and explanations. Page 9 of 26.

Question #407Security Operations and Administration
In addition to the Legal Department, with what company function must the collection of physical evidence be coordinated if an employee is suspected?
Employee investigationInter-departmental coordinationHuman ResourcesEvidence collection
Question #408Incident Response and Recovery
To be admissible in court, computer evidence must be which of the following?
Digital ForensicsEvidence AdmissibilityLegal RequirementsIncident Response
Question #409Security Concepts and Practices
The typical computer fraudsters are usually persons with which of the following characteristics?
Insider ThreatFraudThreat Actor Characteristics
Question #410Incident Response and Recovery
Once evidence is seized, a law enforcement officer should emphasize which of the following?
Chain of custodyEvidence handlingDigital forensicsIncident response
Question #411Incident Response and Recovery
Which of the following cannot be undertaken in conjunction or while computer incident handling is ongoing?
Incident ResponseIncident ManagementOperational PrioritizationBusiness Continuity
Question #412Security Operations and Administration
Devices that supply power when the commercial utility power system fails are called which of the following?
UPSpower backupbusiness continuityphysical security
Question #413Risk Identification, Monitoring and Analysis
Within the realm of IT security, which of the following combinations best defines risk?
Risk definitionThreatVulnerabilitySecurity concepts
Question #414Incident Response and Recovery
Which of the following backup sites is the most effective for disaster recovery?
Disaster RecoveryBusiness ContinuityRecovery SitesHot Site
Question #415Incident Response and Recovery
Which of the following is NOT a transaction redundancy implementation?
Transaction RedundancyData ProtectionDisaster RecoveryBusiness Continuity
Question #416Risk Identification, Monitoring and Analysis
Which of the following steps is NOT one of the eight detailed steps of a Business Impact Assessment (BIA):
Business Impact Assessment (BIA)Business Continuity Planning (BCP)Risk AnalysisCritical Business Functions
Question #417Incident Response and Recovery
A prolonged complete loss of electric power is a:
BlackoutPower lossDisaster recoveryBusiness continuity
Question #418Security Operations and Administration
A prolonged power supply that is below normal voltage is a:
Power issuesBrownoutPhysical securityAvailability
Question #419Network and Communications Security
Because ordinary cable introduces a toxic hazard in the event of fire, special cabling is required in a separate area provided for air circulation for heating, ventilation, and air...
PlenumCablingHVACFire Safety
Question #420Incident Response and Recovery
What is the Maximum Tolerable Downtime (MTD)?
Maximum Tolerable Downtime (MTD)Business Continuity Planning (BCP)Disaster Recovery Planning (DRP)Business Impact Analysis (BIA)
Question #421Incident Response and Recovery
Out of the steps listed below, which one is not one of the steps conducted during the Business Impact Analysis (BIA)?
Business Impact Analysis (BIA)Business Continuity Planning (BCP)Disaster Recovery Planning (DRP)Recovery Strategies
Question #422Risk Identification, Monitoring and Analysis
Which one of the following is NOT one of the outcomes of a vulnerability assessment?
Vulnerability AssessmentRisk ManagementBusiness Continuity PlanningSecurity Assessment Outcomes
Question #423Incident Response and Recovery
The scope and focus of the Business continuity plan development depends most on:
Business Continuity PlanBusiness Impact AnalysisRecovery Planning
Question #424Incident Response and Recovery
Which of the following items is NOT a benefit of cold sites?
Disaster RecoveryCold SiteRecovery StrategyBusiness Continuity
Question #425Risk Identification, Monitoring and Analysis
Qualitative loss resulting from the business interruption does NOT usually include:
Business interruptionQualitative lossQuantitative lossBusiness impact analysis
Question #426Security Concepts and Practices
When you update records in multiple locations or you make a copy of the whole database at a remote location as a way to achieve the proper level of fault-tolerance and redundancy,...
RedundancyFault ToleranceData ProtectionHigh Availability
Question #427Incident Response and Recovery
Recovery Site Strategies for the technology environment depend on how much downtime an organization can tolerate before the recovery must be completed. What would you call a strate...
Recovery SitesDisaster RecoveryHot SitesBusiness Continuity
Question #428Incident Response and Recovery
What is the most correct choice below when talking about the steps to resume normal operation at the primary site after the green light has been given by the salvage team?
Disaster RecoveryFailback ProcessRecovery StrategyBusiness Continuity
Question #429Risk Identification, Monitoring and Analysis
What would be the Annualized Rate of Occurrence (ARO) of the threat "user input error", in the case where a company employs 100 data entry clerks and every one of them makes one in...
Annualized Rate of Occurrence (ARO)Quantitative Risk AnalysisRisk CalculationThreat Occurrence
Question #430Risk Identification, Monitoring and Analysis
How is Annualized Loss Expectancy (ALE) derived from a threat?
Risk ManagementQuantitative Risk AnalysisAnnualized Loss ExpectancyALE calculation
Question #431Risk Identification, Monitoring and Analysis
What does "residual risk" mean?
Residual riskRisk managementSecurity controlsRisk mitigation
Question #432Incident Response and Recovery
Business Continuity and Disaster Recovery Planning (Primarily) addresses the:
Business Continuity PlanningDisaster Recovery PlanningCIA TriadAvailability
Question #433Security Concepts and Practices
What is called an event or activity that has the potential to cause harm to the information systems or networks?
ThreatInformation SecuritySecurity ConceptsRisk Management
Question #434Security Concepts and Practices
A weakness or lack of a safeguard, which may be exploited by a threat, causing harm to the information systems or networks is called a?
VulnerabilitySecurity definitionsInformation security concepts
Question #435Risk Identification, Monitoring and Analysis
What is called the probability that a threat to an information system will materialize?
Risk ManagementThreatsSecurity DefinitionsProbability
Question #436Risk Identification, Monitoring and Analysis
Risk mitigation and risk reduction controls for providing information security are classified within three main categories, which of the following are being used?
Security Controls ClassificationRisk MitigationPhysical ControlsTechnical Controls
Question #437Incident Response and Recovery
In the course of responding to and handling an incident, you work on determining the root cause of the incident. In which step are you in?
Incident ResponseRoot Cause AnalysisIncident HandlingIncident Response Phases
Question #438Network and Communications Security
Which of the following assertions is NOT true about pattern matching and anomaly detection in intrusion detection?
Intrusion Detection SystemsSignature-based IDSAnomaly-based IDSNetwork Security Monitoring
Question #439Network and Communications Security
The IP header contains a protocol field. If this field contains the value of 51, what type of data is contained within the ip datagram?
IP HeaderProtocol NumbersIPsecAuthentication Header (AH)
Question #440Network and Communications Security
Which of the following is NOT a correct notation for an IPv6 address?
IPv6Network AddressingIPv6 NotationNetworking Fundamentals
Question #441Incident Response and Recovery
Another example of Computer Incident Response Team (CIRT) activities is:
CIRTIncident ResponseLog ManagementSecurity Operations
Question #442Incident Response and Recovery
Which of the following backup methods makes a complete backup of every file on the server every time it is run?
backup methodsfull backupdata recovery
Question #443Incident Response and Recovery
Which of the following backup methods is primarily run when time and tape space permits, and is used for the system archive or baselined tape sets?
Backup methodsFull backupData archivingSystem recovery
Question #444Security Operations and Administration
Which backup method usually resets the archive bit on the files after they have been backed up?
Backup methodsIncremental backupArchive bit managementData protection
Question #445Incident Response and Recovery
Which backup method is used if backup time is critical and tape space is at an extreme premium?
Backup methodsData recoveryStorage efficiency
Question #446Security Concepts and Practices
Which backup method copies only files that have changed since the last full backup, but does not clear the archive bit?
Backup methodsDifferential backupArchive bitData protection
Question #447Incident Response and Recovery
Which backup method is additive because the time and tape space required for each night's backup grows during the week as it copies the day's changed files and the previous days' c...
Backup methodsDifferential backupData protectionData recovery
Question #448Incident Response and Recovery
Which of the following backup method must be made regardless of whether Differential or Incremental methods are used?
Backup methodsFull backupData recoveryBackup strategies
Question #449Security Operations and Administration
Which of the following tape formats can be used to backup data systems in addition to its original intended audio uses?
Data BackupStorage MediaTape FormatsDAT
Question #450Incident Response and Recovery
Which of the following is a large hardware/software backup system that uses the RAID technology?
Backup SystemsData ProtectionRAIDStorage Technology
Question #451Security Operations and Administration
This type of backup management provides a continuous on-line backup by using optical or tape "jukeboxes," similar to WORMs (Write Once, Read Many):
Backup managementHierarchical Storage Management (HSM)Storage tiers
Question #452Systems and Application Security
Hierarchical Storage Management (HSM) is commonly employed in:
Hierarchical Storage Management (HSM)Storage SystemsData ManagementStorage Optimization
Question #453Security Operations and Administration
Physically securing backup tapes from unauthorized access is obviously a security concern and is considered a function of the:
Physical SecurityMedia ProtectionBackup SecurityOperations Security
Question #454Incident Response and Recovery
What is the MOST critical piece to disaster recovery and continuity planning?
Disaster Recovery PlanningBusiness Continuity PlanningManagement SupportOrganizational Buy-in
Question #455Incident Response and Recovery
During the testing of the business continuity plan (BCP), which of the following methods of results analysis provides the BEST assurance that the plan is workable?
BCP testingQuantitative analysisBusiness continuityAssurance
Question #456Access Controls
Which of the following statements regarding an off-site information processing facility is TRUE?
Off-site facility securityPhysical access controlsSecurity consistencyDisaster recovery planning

PreviousPage 9 of 26Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.