Book Image

SSCP Systems Security Certified Practitioner Official Practice Tests

By : Mike Chapple, David Seidl
Book Image

SSCP Systems Security Certified Practitioner Official Practice Tests

By: Mike Chapple, David Seidl

Overview of this book

The SSCP certification is offered by the International Information System Security Certification Consortium (ISC)2. The SSCP is the entry-level credential in this series. With SSCP certification, you’ll meet the requirements of the Department of Defense for entry-level Information Assurance Technical (IAT I) roles, positioning you for a successful career in cybersecurity. This book's first seven chapters cover each of the seven domains on the SSCP exam with sixty or more questions per domain, so you can focus your study efforts exactly where you need more review. The book also contains two complete practice exams that you can use as time trials to assess your readiness for the SSCP and a future in the field of information assurance. By the end of the book, you would have strengthened your weak areas and reinforced your learning to ace the test and earn the certification.
Table of Contents (14 chapters)
Chapter 1 Access Controls (Domain 1)
Chapter 2 Security Operations and Administration (Domain 2)
Chapter 3 Risk Identification, Monitoring, and Analysis (Domain 3)
Chapter 4 Incident Response and Recovery (Domain 4)
Chapter 5 Cryptography (Domain 5)
Chapter 6 Network and Communications Security (Domain 6)
Chapter 7 Systems and Application Security (Domain 7)
Chapter 8 Practice Test 1
Chapter 9 Practice Test 2
End User License Agreement

Chapter 5: Cryptography (Domain 5)

  1. C. Protecting the sensitive information with either full disk encryption or file encryption would render it unreadable to anyone finding the device. Data minimization would involve the removal of sensitive information from the device. File integrity monitoring would detect any changes in information stored on the device but would not protect against data loss.

  2. B. Self-signed certificates are functionally equivalent to those purchased from a trusted certificate authority. The fundamental difference is that they don’t carry the trusted signature of a CA and, therefore, won’t be trusted by web browsers by default. They are generally only appropriate for internal use.

  3. D. Phil Zimmerman’s Pretty Good Privacy (PGP) software is an encryption technology based upon the Web of Trust (WoT). This approach extends the social trust relationship to encryption keys.

  4. A. Kevin can take a cryptographic hash of the log files when they...