SSCP ISC2 Systems Security Certified Practitioner Free Demo Questions – Try Before You Buy

Question 1

In Mandatory Access Control, sensitivity labels attached to object contain what information?

A

The item's classification

B

The item's classification and category set

C

The item's category

D

The items's need to know

Correct Answer: B

Explanation:

A Sensitivity label must contain at least one classification and one category set.

Category set and Compartment set are synonyms, they mean the same thing. The sensitivity label
must contain at least one Classification and at least one Category. It is common in some
environments for a single item to belong to multiple categories. The list of all the categories to which
an itembelongs is called a compartment set or category set. The following answers are incorrect: the item's classification. Is incorrect because you need a category set as well. the item's category. Is incorrect because category set and classification would be both be required. The item's need to know. Is incorrect because there is no such thing. The need to know is indicated by the catergories the object belongs to.

Question 2

Which of the following is needed for System Accountability?

A

Audit mechanisms

B

Documented design as laid out in the Common Criteria

C

Authorization.

D

Formal verification ofsystem design.

Correct Answer: A

Explanation:

Is a means of being able to track user actions. Through the use of audit logs and other tools the user actions are recorded and can be used at a later date to verify what actions were performed. Accountability is the ability to identify users and to be able to track user actions. The following answers are incorrect: Documented design as laid out in the Common Criteria. Is incorrect because the Common Criteria is an international standard to evaluate trust and would not be a factor in System Accountability. Authorization. Is incorrect because Authorization is granting access to subjects, just because you have authorization does not hold the subject accountable for their actions. Formal verification of system design. Is incorrect because all you have done is to verify the system design and have not taken any steps toward system accountability.

Question 3

What is Kerberos?

A

A three-headed dog from the egyptian mythology.

B

A trusted third-party authentication protocol.

C

A security model.

D

A remote authentication dial in user server.

Correct Answer: B

Explanation:

B Is correct because that is exactly what Kerberos is. The following answers are incorrect: A three-headed dog from Egyptian mythology. Is incorrect because we are dealing with Information Security and not the Egyptian mythology but the Greek Mythology. A security model. Is incorrect because Kerberos is an authentication protocol and not just a security model. A remote authentication dial in user server. Is incorrect because Kerberos is not a remote authentication dial in user server that would be called RADIUS.

Demo ISC2 SSCP Exam Questions

In Mandatory Access Control, sensitivity labels attached to object contain what information?

The item's classification

The item's classification and category set

The item's category

The items's need to know

Correct Answer: B

A Sensitivity label must contain at least one classification and one category set.

Which of the following is needed for System Accountability?

Audit mechanisms

Documented design as laid out in the Common Criteria

Authorization.

Formal verification ofsystem design.

Correct Answer: A

What is Kerberos?

A three-headed dog from the egyptian mythology.

A trusted third-party authentication protocol.

A security model.

A remote authentication dial in user server.

Correct Answer: B

Demo Practice Mode