Question # 1
When it comes to magnetic media sanitization, what difference can be made between
clearing and purging information? | | A. Clearing completely erases the media whereas purging only removes file headers,
allowing the recovery of files.
| | B. Clearing renders information unrecoverable by a keyboard attack and purging renders
information unrecoverable against laboratory attack.
| | C. They both involve rewriting the media.
| | D. Clearing renders information unrecoverable against a laboratory attack and purging
renders information unrecoverable to a keyboard attack. |
B. Clearing renders information unrecoverable by a keyboard attack and purging renders
information unrecoverable against laboratory attack.
The removal of information from a storage medium is called sanitization.
Different kinds of sanitization provide different levels of protection. A distinction can be
made between clearing information (rendering it unrecoverable by a keyboard attack) and
purging (rendering it unrecoverable against laboratory attack).
There are three general methods of purging media: overwriting, degaussing, and
destruction.
There should be continuous assurance that sensitive information is protected and not
allowed to be placed in a circumstance wherein a possible compromise can occur. There are two primary levels of threat that the protector of information must guard against:
keyboard attack (information scavenging through system software capabilities) and
laboratory attack (information scavenging through laboratory means). Procedures should
be implemented to address these threats before the Automated Information System (AIS)
is procured, and the procedures should be continued throughout the life cycle of the AIS.
Reference(s) use for this question:
SWANSON, Marianne & GUTTMAN, Barbara, National Institute of Standards and
Technology (NIST), NIST Special Publication 800-14, Generally Accepted Principles and
Practices for Securing Information Technology Systems, September 1996 (page 26).
and
A guide to understanding Data Remanence in Automated Information Systems
Question # 2
What type of cable is used with 100Base-TX Fast Ethernet? | | A. Fiber-optic cable
| | B. Category 3 or 4 unshielded twisted-pair (UTP).
| | C. Category 5 unshielded twisted-pair (UTP).
| | D. RG-58 cable. |
C. Category 5 unshielded twisted-pair (UTP).
This is the type of cabling recommended for 100Base-TX networks.
Fiber-optic cable is incorrect. Incorrect media type for 100Base-TX - 100Base-FX would
denote fiber optic cabling.
"Category 3 or 4 unshielded twisted-pair (UTP)" is incorrect. These types are not
recommended for 100Mbps operation.
RG-58 cable is incorrect. Incorrect media type for 100Base-TX.
References
CBK, p. 428
AIO3, p. 455
Question # 3
What is called a password that is the same for each log-on session? | | A. one-time password"
| | B. two-time password" | | C. static password | | D. dynamic password |
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide:
Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 36.
Question # 4
Which of the following statements pertaining to key management is incorrect? | | A. The more a key is used, the shorter its lifetime should be.
| | B. When not using the full keyspace, the key should be extremely random.
| | C. Keys should be backed up or escrowed in case of emergencies.
| | D. A key's lifetime should correspond with the sensitivity of the data it is protecting. |
B. When not using the full keyspace, the key should be extremely random.
A key should always be using the full spectrum of the keyspace and be
extremely random. Other statements are correct.
Source: WALLHOFF, John, CBK#5 Cryptography (CISSP Study Guide), April 2002 (page
6).
Question # 5
What is called the access protection system that limits connections by calling back the
number of a previously authorized location? | | A. Sendback systems
| | B. Callback forward systems
| | C. Callback systems
| | D. Sendback forward systems |
The Answer: Call back Systems; Callback systems provide access protection
by calling back the number of a previously authorized location, but this control can be
compromised by call forwarding.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 35.
Question # 6
What is the Biba security model concerned with? | | A. Confidentiality
| | B. Reliability | | C. Availability | | D. Integrity |
The Biba security model addresses the integrity of data being threatened
when subjects at lower security levels are able to write to objects at higher security levels
and when subjects can read data at lower levels.
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-
Hill/Osborne, 2002, Chapter 5: Security Models and Architecture (Page 244).
Question # 7
How often should a Business Continuity Plan be reviewed? | | A. At least once a month
| | B. At least every six months
| | C. At least once a year
| | D. At least Quarterly |
As stated in SP 800-34 Rev. 1:
To be effective, the plan must be maintained in a ready state that accurately reflects
system requirements, procedures, organizational structure, and policies. During the
Operation/Maintenance phase of the SDLC, information systems undergo frequent
changes because of shifting business needs, technology upgrades, or new internal or
external policies.
As a general rule, the plan should be reviewed for accuracy and completeness at an
organization-defined frequency (at least once a year for the purpose of the exam) or
whenever significant changes occur to any element of the plan. Certain elements, such as
contact lists, will require more frequent reviews.
Remember, there could be two good answers as specified above. Either once a year or
whenever significant changes occur to the plan. You will of course get only one of the two
presented within you exam.
Reference(s) used for this question:
NIST SP 800-34 Revision 1
ISC SSCP Exam Dumps
5 out of 5
Pass Your System Security Certified Practitioner (SSCP) Exam in First Attempt With SSCP Exam Dumps. Real SSCP Exam Questions As in Actual Exam!
— 1074 Questions With Valid Answers
— Updation Date : 22-Nov-2024
— Free SSCP Updates for 90 Days
— 98% System Security Certified Practitioner (SSCP) Exam Passing Rate
PDF Only Price 99.99$
19.99$
Buy PDF
Speciality
Additional Information
Testimonials
Related Exams
- Number 1 ISC SSCP study material online
- Regular SSCP dumps updates for free.
- System Security Certified Practitioner (SSCP) Practice exam questions with their answers and explaination.
- Our commitment to your success continues through your exam with 24/7 support.
- Free SSCP exam dumps updates for 90 days
- 97% more cost effective than traditional training
- System Security Certified Practitioner (SSCP) Practice test to boost your knowledge
- 100% correct SSCP questions answers compiled by senior IT professionals
ISC SSCP Braindumps
Realbraindumps.com is providing SSCP SSCP braindumps which are accurate and of high-quality verified by the team of experts. The ISC SSCP dumps are comprised of System Security Certified Practitioner (SSCP) questions answers available in printable PDF files and online practice test formats. Our best recommended and an economical package is SSCP PDF file + test engine discount package along with 3 months free updates of SSCP exam questions. We have compiled SSCP exam dumps question answers pdf file for you so that you can easily prepare for your exam. Our ISC braindumps will help you in exam. Obtaining valuable professional ISC SSCP certifications with SSCP exam questions answers will always be beneficial to IT professionals by enhancing their knowledge and boosting their career.
Yes, really its not as tougher as before. Websites like Realbraindumps.com are playing a significant role to make this possible in this competitive world to pass exams with help of SSCP SSCP dumps questions. We are here to encourage your ambition and helping you in all possible ways. Our excellent and incomparable ISC System Security Certified Practitioner (SSCP) exam questions answers study material will help you to get through your certification SSCP exam braindumps in the first attempt.
Pass Exam With ISC SSCP Dumps. We at Realbraindumps are committed to provide you System Security Certified Practitioner (SSCP) braindumps questions answers online. We recommend you to prepare from our study material and boost your knowledge. You can also get discount on our ISC SSCP dumps. Just talk with our support representatives and ask for special discount on SSCP exam braindumps. We have latest SSCP exam dumps having all ISC System Security Certified Practitioner (SSCP) dumps questions written to the highest standards of technical accuracy and can be instantly downloaded and accessed by the candidates when once purchased. Practicing Online SSCP SSCP braindumps will help you to get wholly prepared and familiar with the real exam condition. Free SSCP exam braindumps demos are available for your satisfaction before purchase order.
Send us mail if you want to check ISC SSCP System Security Certified Practitioner (SSCP) DEMO before your purchase and our support team will send you in email.
If you don't find your dumps here then you can request what you need and we shall provide it to you.
Bulk Packages
$60
- Get 3 Exams PDF
- Get $33 Discount
- Mention Exam Codes in Payment Description.
Buy 3 Exams PDF
$90
- Get 5 Exams PDF
- Get $65 Discount
- Mention Exam Codes in Payment Description.
Buy 5 Exams PDF
$110
- Get 5 Exams PDF + Test Engine
- Get $105 Discount
- Mention Exam Codes in Payment Description.
Buy 5 Exams PDF + Engine
 Jessica Doe
SSCP
We are providing ISC SSCP Braindumps with practice exam question answers. These will help you to prepare your System Security Certified Practitioner (SSCP) exam. Buy SSCP SSCP dumps and boost your knowledge.
|
