CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC
  5. SSCP

Free SSCP Exam Braindumps (page: 13)

Page 12 of 269
PDF with 1074 Questions

Which of the following was developed by the National Computer Security Center (NCSC) for the US Department of Defense ?

  1. TCSEC
  2. ITSEC
  3. DIACAP
  4. NIACAP

Answer(s): A

Explanation:

TCSEC; The TCSEC, frequently referred to as the Orange Book, is the centerpiece of the DoD Rainbow Series publications.
Initially issued by the National Computer Security Center (NCSC) an arm of the National Security Agency in 1983 and then updated in 1985, TCSEC was replaced with the development of the Common Criteria international standard originally published in 2005.


Reference:

KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, pages 197-199.
Wikepedia
http://en.wikipedia.org/wiki/TCSEC



Which of the following was developed to address some of the weaknesses in Kerberos and uses public key cryptography for the distribution of secret keys and provides additional access control support?

  1. SESAME
  2. RADIUS
  3. KryptoKnight
  4. TACACS+

Answer(s): A

Explanation:

Secure European System for Applications in a Multi-vendor Environment (SESAME)
was developed to address some of the weaknesses in Kerberos and uses public key cryptography for the distribution of secret keys and provides additional access control support.


Reference:

TIPTON, Harold, Official (ISC)2 Guide to the CISSP CBK (2007), page 184.
ISC OIG Second Edition, Access Controls, Page 111



Single Sign-on (SSO) is characterized by which of the following advantages?

  1. Convenience
  2. Convenience and centralized administration
  3. Convenience and centralized data administration
  4. Convenience and centralized network administration

Answer(s): B

Explanation:

Convenience -Using single sign-on users have to type their passwords only once when they first log in to access all the network resources; and Centralized Administration as some single sign-on systems are built around a unified server administration system. This allows a single administrator to add and delete accounts across the entire network from one user interface.
The following answers are incorrect:
Convenience - alone this is not the correct answer.
Centralized Data or Network Administration - these are thrown in to mislead the student. Neither are a benefit to SSO, as these specifically should not be allowed with just an SSO.


Reference:

TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 1, page 35.
TIPTON, Harold F. & HENRY, Kevin, Official (ISC)2 Guide to the CISSP CBK, 2007, page 180.



The "vulnerability of a facility" to damage or attack may be assessed by all of the following except:

  1. Inspection
  2. History of losses
  3. Security controls
  4. security budget

Answer(s): D


Reference:

The CISSP Examination Textbook- Volume 2: Practice by S Rao Vallabhaneni.






Post your Comments and Discuss ISC SSCP exam with other Community members:

SSCP Discussions & Posts