CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC
  5. SSCP

Free SSCP Exam Braindumps (page: 101)

Page 100 of 269
PDF with 1074 Questions

Why does compiled code pose more of a security risk than interpreted code?

  1. Because malicious code can be embedded in compiled code and be difficult to detect.
  2. If the executed compiled code fails, there is a chance it will fail insecurely.
  3. Because compilers are not reliable.
  4. There is no risk difference between interpreted code and compiled code.

Answer(s): A

Explanation:

From a security standpoint, a compiled program is less desirable than an interpreted one because malicious code can be
resident somewhere in the compiled code, and it is difficult to detect in a very large program.



Which software development model is actually a meta-model that incorporates a number of the software development models?

  1. The Waterfall model
  2. The modified Waterfall model
  3. The Spiral model
  4. The Critical Path Model (CPM)

Answer(s): C

Explanation:

The spiral model is actually a meta-model that incorporates a number of the software development models. This model depicts a spiral that incorporates the various phases of software development. The model states that each cycle of the spiral involves the same series of steps for each part of the project. CPM refers to the Critical Path Methodology.


Reference:

KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 7: Applications and Systems Development (page 246).



Which of the following is used in database information security to hide information?

  1. Inheritance
  2. Polyinstantiation
  3. Polymorphism
  4. Delegation

Answer(s): B

Explanation:

Polyinstantiation enables a relation to contain multiple tuples with the same primary keys with each instance distinguished by a security level. When this information is inserted into a database, lower-level subjects need to be restricted from this information. Instead of just restricting access, another set of data is created to fool the lower-level subjects into thinking that the information actually means something else.


Reference:

HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter 11: Application and System Development (page 727).



Which of the following computer design approaches is based on the fact that in earlier technologies, the instruction fetch was the longest part of the cycle?

  1. Pipelining
  2. Reduced Instruction Set Computers (RISC)
  3. Complex Instruction Set Computers (CISC)
  4. Scalar processors

Answer(s): C

Explanation:

Complex Instruction Set Computer (CISC) uses instructions that perform many operations per instruction. It was based on the fact that in earlier technologies, the instruction fetch was the longest part of the cycle. Therefore, by packing more operations into an instruction, the number of fetches could be reduced. Pipelining involves overlapping the steps of different instructions to increase the performance in a computer. Reduced Instruction Set Computers (RISC) involve simpler instructions that require fewer clock cycles to execute. Scalar processors are processors that execute one instruction at a time.


Reference:

KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 5: Security Architectures and Models (page 188).






Post your Comments and Discuss ISC SSCP exam with other Community members:

SSCP Exam Discussions & Posts