SSCP (ISC)2 Systems Security Certified Practitioner Certification exam practice questions and answers for free| Page 1 -- Infibee

General Knowledge
General Aptitude
General English
Networking
Interview Questions
- .NET
- Java
- ASP.NET
- C++
- Perl
- Python
- Ruby and Rails
- Struts
- Core Java
- Hibernate
- DB2
- MS SQL Server
- MySQL
- Oracle
- SQL
- DBMS
- Data Warehousing
- Data structures and Algorithms
- CCNA
- CCNP Routing
- CCNP Switching
- Internetworking
- Border Gateway Protocol
- MCSE
- Exchange Server
- Windows Server 2008
- DNS & Active Directory
- Firewall Questions
- Unix
- Linux Server Administrator
- Linux System Administrator
- Linux File Manipulation
Database

Home
Security
SSCP

What is the definition of the principle of least privilege?

A.
Allowing all users full control over a network to keep administrative responsibilities to a minimum
B.
Keeping the number of system users with access to a minimum
C.
Granting users only the minimum privileges needed to accomplish assigned work tasks
D.
Designing applications that do not have high levels of privilege

Answer & Explanation
Report

Answer : [C]
Explanation :

The defi nition of the principle of least privilege is granting users only the minimum privileges needed to accomplish assigned work tasks.

Report

Name

What is the process of assigning groups of tasks to different users to prevent collusion and avoid conflicts of interest?

A.
Principle of least privilege
B.
Separation of duties
C.
Mandatory access control
D.
Integrity assurance

Answer & Explanation
Report

Answer : [B]
Explanation :

Separation of duties is the process of assigning groups of tasks to different users to prevent collusion and to avoid confl icts of interest. The principle of least privilege is assigning users the minimal amount of access required to accomplish their work tasks. Mandatory access control is a means to control access by using classifi cations of subjects and objects. Integrity assurance is the process that ensures the controls put in place to maintain data integrity are operating properly.

Report

Name

To prevent any one person from having too much control or power, or performing fraudulent acts, which of the following solutions should not be implemented?

A.
M of N control
B.
Job rotation
C.
Multiple key pairs
D.
Separation of duties

Answer & Explanation
Report

Answer : [B]
Explanation :

Job rotation isn’t appropriate because one person is still in charge of a particular position. M of N control, multiple key pairs, and separation of duties should be used to prevent a single person from compromising an entire system.

Report

Name

What is the primary goal of risk management?

A.
Reduce risk to an acceptable level
B.
Remove all risks from an environment
C.
Minimize security cost expenditures
D.
Assign responsibilities to job roles

Answer & Explanation
Report

Answer : [A]
Explanation :

The correct answer is to reduce or mitigate risk to an acceptable level. It’s virtually impossible to remove all risks from an environment. It may be a goal of upper management in general to minimize security cost. Assigning responsibilities to job roles might be accomplished by the department heads.

Report

Name

Which of the following best describes the use of a PIN number?

A.
Authentication
B.
Authorization
C.
Auditing
D.
Access control

Answer & Explanation
Report

Answer : [A]
Explanation :

A PIN provides authentication. It is something you know.

Report

Name

Pages
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Sitemap