CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC
  5. SSCP

Free SSCP Exam Braindumps (page: 44)

Page 44 of 269
PDF with 1074 Questions

Which of the following Operation Security controls is intended to prevent unauthorized intruders from internally or externally accessing the system, and to lower the amount and impact of unintentional errors that are entering the system?

  1. Detective Controls
  2. Preventative Controls
  3. Corrective Controls
  4. Directive Controls

Answer(s): B

Explanation:

In the Operations Security domain, Preventative Controls are designed to prevent unauthorized intruders from internally or externally accessing the system, and to lower the amount and impact of unintentional errors that are entering the system.


Reference:

KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, 2001, John Wiley & Sons, Page 217.



This baseline sets certain thresholds for specific errors or mistakes allowed and the amount of these occurrences that can take place before it is considered suspicious?

  1. Checkpoint level
  2. Ceiling level
  3. Clipping level
  4. Threshold level

Answer(s): C

Explanation:

Organizations usually forgive a particular type, number, or pattern of violations, thus permitting a predetermined number of user errors before gathering this data for analysis. An organization attempting to track all violations, without sophisticated statistical computing ability, would be unable to manage the sheer quantity of such data. To make a violation listing effective, a clipping level must be established.
The clipping level establishes a baseline for violation activities that may be normal user errors. Only after this baseline is exceeded is a violation record produced. This solution is particularly effective for small- to medium-sized installations. Organizations with large-scale computing facilities often track all violations and use statistical routines to cull out the minor infractions (e.g., forgetting a password or mistyping it several times).
If the number of violations being tracked becomes unmanageable, the first step in correcting the problems should be to analyze why the condition has occurred. Do users understand how they are to interact with the computer resource? Are the rules too difficult to follow? Violation tracking and analysis can be valuable tools in assisting an organization to develop thorough but useable controls. Once these are in place and records are produced that accurately reflect serious violations, tracking and analysis become the first line of defense. With this procedure, intrusions are discovered before major damage occurs and sometimes early enough to catch the perpetrator. In addition, business protection and preservation are strengthened.
The following answers are incorrect:
All of the other choices presented were simply detractors.
The following reference(s) were used for this question:
Handbook of Information Security Management



Which type of control is concerned with avoiding occurrences of risks?

  1. Deterrent controls
  2. Detective controls
  3. Preventive controls
  4. Compensating controls

Answer(s): C

Explanation:

Preventive controls are concerned with avoiding occurrences of risks while deterrent controls are concerned with discouraging violations. Detecting controls identify occurrences and compensating controls are alternative controls, used to compensate weaknesses in other controls.
Supervision is an example of compensating control.


Reference:

TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.



Which type of control is concerned with restoring controls?

  1. Compensating controls
  2. Corrective controls
  3. Detective controls
  4. Preventive controls

Answer(s): B

Explanation:

Corrective controls are concerned with remedying circumstances and restoring controls.
Detective controls are concerned with investigating what happen after the fact such as logs and video surveillance tapes for example.
Compensating controls are alternative controls, used to compensate weaknesses in other controls.
Preventive controls are concerned with avoiding occurrences of risks.


Reference:

TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.



Page 44 of 269



Post your Comments and Discuss ISC SSCP exam with other Community members:

Jack commented on October 03, 2024
are these still legit?
Anonymous
upvote

Anil commented on February 13, 2024
To everyone interested in this exam. I can tell you that questions are 90% accurate. Good enough to pass the exam with a good mark. But you need to study all these questions as you get randomized questions from this question bank. I pass my exam and that is what I could share as part of my study experience. Good luck to you all.
CANADA
upvote

S.H. commented on February 13, 2024
A happy returning customer. Passed one exam now preparing for my second. I hope this one is a accurate as the first exam. My score was 87% in first exam.
France
upvote

Marcus commented on February 04, 2024
Hello @Theguy, I actually used the full version of this exam (they provide the full version in PDF and it comes with an interactive test engine software which is actually pretty good). I managed to study for a month and then booked my exam. I managed to pass my exam. Make sure to practice withe test engine they provide and make sure you get more than 90% passing mark with their test engine. After that you will be ready to book your exam. Best of luck with you studies.
Anonymous
upvote

theguy commented on February 03, 2024
anyone actually used only this recently and can verify that the majority of these questions were on their exam
UNITED STATES
upvote

Niko76 commented on December 05, 2023
I hope it help me on exam
POLAND
upvote

christopher commented on March 14, 2023
The practice questions are Clear and concise, this study guide saved me and helped me pass my exam.
UNITED STATES
upvote

Bie commented on June 14, 2022
I pass today
THAILAND
upvote

Paratik-2000 commented on June 13, 2022
I encurage you to study and understand every single question in this exam dumps. Exam is very ticky but this dump helps a lot. I got to pass mine.
INDIA
upvote

Vicktor commented on October 19, 2021
These exam dumps saved me so much time. With a full-time job, studying those large books is not possible.
UNITED STATES
upvote

Delawar commented on October 20, 2020
Locked down at home due to COVID-19. Best use of my time to get some certifications. I just purchased and downloaded this braindumps PDF package. So far looks good.
CANADA
upvote

BanglaBoi commented on January 11, 2015
1074 Questions, should be fine for mock test, will report back once I take the actual exam.
UNITED KINGDOM
upvote