Welcome to TestSimulate

Pass Your Next Certification Exam Fast!

Everything you need to prepare, learn & pass your certification exam easily.

365 days free updates. First attempt guaranteed success.

  • Home
  • Blogs
  • [Jan 04, 2022] Ultimate SSCP Guide to Prepare Free Latest ISC Practice Tests Dumps [Q637-Q661]

[Jan 04, 2022] Ultimate SSCP Guide to Prepare Free Latest ISC Practice Tests Dumps [Q637-Q661]

Share

[Jan 04, 2022] Ultimate SSCP Guide to Prepare Free Latest ISC Practice Tests Dumps

Get Top-Rated ISC SSCP Exam Dumps Now


How much SSCP Exam Cost

The price of the exam is 250 USD.

 

NEW QUESTION 637
Which of the following are additional terms used to describe knowledge-based IDS and behavior-based IDS?

  • A. signature-based IDS and dynamic anomaly-based IDS, respectively
  • B. signature-based IDS and motion anomaly-based IDS, respectively.
  • C. signature-based IDS and statistical anomaly-based IDS, respectively
  • D. anomaly-based IDS and statistical-based IDS, respectively

Answer: C

Explanation:
Section: Analysis and Monitoring
Explanation/Reference:
The two current conceptual approaches to Intrusion Detection methodology are knowledge-based ID systems and behavior-based ID systems, sometimes referred to as signature-based ID and statistical anomaly-based ID, respectively.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 63.

 

NEW QUESTION 638
In SSL/TLS protocol, what kind of authentication is supported when you establish a secure session between a client and a server?

  • A. Role based authentication scheme
  • B. Only server authentication (optional)
  • C. Server authentication (mandatory) and client authentication (optional)
  • D. Peer-to-peer authentication

Answer: C

Explanation:
RESCORLA, Eric, SSL and TLS: Designing and Building Secure Systems, 2000, Addison Wesley Professional; SMITH, Richard E., Internet Cryptography, 1997, Addison-Wesley Pub Co.

 

NEW QUESTION 639
Secure Shell (SSH) is a strong method of performing:

  • A. client authentication
  • B. host authentication
  • C. guest authentication
  • D. server authentication

Answer: A

Explanation:
Section: Network and Telecommunications
Explanation/Reference:
Secure shell (SSH) was designed as an alternative to some of the insecure protocols and allows users to securely access resources on remote computers over an encrypted tunnel. The Secure Shell Protocol (SSH) is a protocol for secure remote login and other secure network services over an insecure network. The SSH authentication protocol runs on top of the SSH transport layer protocol and provides a single authenticated tunnel for the SSH connection protocol.
SSH's services include remote log-on, file transfer, and command execution. It also supports port forwarding, which redirects other protocols through an encrypted SSH tunnel. Many users protect less secure traffic of protocols, such as X Windows and VNC (virtual network computing), by forwarding them through a SSH tunnel.
The SSH tunnel protects the integrity of communication, preventing session hijacking and other man-in-the- middle attacks. Another advantage of SSH over its predecessors is that it supports strong authentication.
There are several alternatives for SSH clients to authenticate to a SSH server, including passwords and digital certificates.
Keep in mind that authenticating with a password is still a significant improvement over the other protocols because the password is transmitted encrypted.
There are two incompatible versions of the protocol, SSH-1 and SSH-2, though many servers support both.
SSH-2 has improved integrity checks (SSH-1 is vulnerable to an insertion attack due to weak CRC-32 integrity checking) and supports local extensions and additional types of digital certificates such as Open PGP. SSH was originally designed for UNIX, but there are now implementations for other operating systems, including Windows, Macintosh, and OpenVMS.
Is SSH 3.0 the same as SSH3?
The short answer is: NO SSH 3.0 refers to version 3 of SSH Communications SSH2 protocol implementation and it could also refer to OpenSSH Version 3.0 of its SSH2 software. The "3" refers to the software release version not the protocol version. As of this writing (July 2013), there is no SSH3 protocol.
"Server authentication" is incorrect. Though many SSH clients allow pre-caching of server/host keys, this is a minimal form of server/host authentication.
"Host authentication" is incorrect. Though many SSH clients allow pre-caching of server/host keys, this is a minimal form of server/host authentication.
"Guest authentication" is incorrect. The general idea of "guest" is that it is unauthenticated access.
Reference(s) used for this question:
http://www.ietf.org/rfc/rfc4252.txt
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 7080-7088). Auerbach Publications. Kindle Edition.

 

NEW QUESTION 640
Which of the following would best describe a Concealment cipher?

  • A. Hiding data in another message so that the very existence of the data is concealed.
  • B. Every X number of words within a text, is a part of the real message.
  • C. Replaces bits, characters, or blocks of characters with different bits, characters or blocks.
  • D. Permutation is used, meaning that letters are scrambled.

Answer: B

Explanation:
Explanation/Reference:
When a concealment cipher is used, every X number of words within a text, is a part of the real message.
The message is within another message.
A concealment cipher is a message within a message. If my other super-secret spy buddy and I decide our key value is every third word, then when I get a message from him, I will pick out every third word and write it down. Suppose he sends me a message that reads, "The saying, 'The time is right' is not cow language, so is now a dead subject." Because my key is every third word, I come up with "The right cow is dead." This again means nothing to me, and I am now turning in my decoder ring.
Concealment ciphers include the plaintext within the ciphertext. It is up to the recipient to know which letters or symbols to exclude from the ciphertext in order to yield the plaintext. Here is an example of a concealment cipher:
i2l32i5321k34e1245ch456oc12ol234at567e
Remove all the numbers, and you'll have i like chocolate. How about this one?
Larry even appears very excited. No one worries.
The first letter from each word reveals the message leave now. Both are easy, indeed, but many people have crafted more ingenious ways of concealing the messages. By the way, this type of cipher doesn't even need ciphertext, such as that in the above examples.
Consider the invisible drying ink that kids use to send secret messages. In a more extreme example, a man named Histiaeus, during 5th century B.C., shaved the head of a trusted slave, then tattooed the message onto his bald head. When the slave's hair grew back, Histiaeus sent the slave to the message's intended recipient, Aristagoros, who shaved the slave's head and read the message instructing him to revolt.
The following answers are incorrect:
A transposition cipher uses permutations.
A substitution cipher replaces bits, characters, or blocks of characters with different bits, characters or blocks.
Steganography refers to hiding the very existence of the message.
Source: WALLHOFF, John, CBK#5 Cryptography (CISSP Study Guide), April 2002 (page 1).
and also see:
http://www.go4expert.com/forums/showthread.php?t=415

 

NEW QUESTION 641
Which of the following is the most complete disaster recovery plan test type, to be performed after successfully completing the Parallel test?

  • A. Simulation test
  • B. Full Interruption test
  • C. Checklist test
  • D. Structured walk-through test

Answer: B

Explanation:
The difference between this and the full-interruption test is that the primary production processing of the business does not stop; the test processing runs in parallel to the real processing. This is the most common type of disaster recovery plan testing.
A checklist test is only considered a preliminary step to a real test.
In a structured walk-through test, business unit management representatives meet to walk through the plan, ensuring it accurately reflects the organization's ability to recover successfully, at least on paper.
A simulation test is aimed at testing the ability of the personnel to respond to a simulated disaster, but not recovery process is actually performed.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 8: Business Continuity Planning and Disaster Recovery Planning (page 289).

 

NEW QUESTION 642
Within the legal domain what rule is concerned with the legality of how the evidence was gathered ?

  • A. Investigation rule
  • B. Exclusionary rule
  • C. Best evidence rule
  • D. Hearsay rule

Answer: B

Explanation:
Explanation/Reference:
The exclusionary rule mentions that evidence must be gathered legally or it can't be used.
The principle based on federal Constitutional Law that evidence illegally seized by law enforcement officers in violation of a suspect's right to be free from unreasonable searches and seizures cannot be used against the suspect in a criminal prosecution.
The exclusionary rule is designed to exclude evidence obtained in violation of a criminal defendant's Fourth Amendment rights. The Fourth Amendment protects against unreasonable searches and seizures by law enforcement personnel. If the search of a criminal suspect is unreasonable, the evidence obtained in the search will be excluded from trial.
The exclusionary rule is a court-made rule. This means that it was created not in statutes passed by legislative bodies but rather by the U.S. Supreme Court. The exclusionary rule applies in federal courts by virtue of the Fourth Amendment. The Court has ruled that it applies in state courts although the due process clause of the Fourteenth Amendment.(The Bill of Rights-the first ten amendments- applies to actions by the federal government. The Fourteenth Amendment, the Court has held, makes most of the protections in the Bill of Rights applicable to actions by the states.) The exclusionary rule has been in existence since the early 1900s. Before the rule was fashioned, any evidence was admissible in a criminal trial if the judge found the evidence to be relevant. The manner in which the evidence had been seized was not an issue. This began to change in 1914, when the U.S.
Supreme Court devised a way to enforce the Fourth Amendment. In Weeks v. United States, 232 U.S.
383, 34 S. Ct. 341, 58 L. Ed. 652 (1914), a federal agent had conducted a warrantless search for evidence of gambling at the home of Fremont Weeks. The evidence seized in the search was used at trial, and Weeks was convicted. On appeal, the Court held that the Fourth Amendment barred the use of evidence secured through a warrantless search. Weeks's conviction was reversed, and thus was born the exclusionary rule.
The best evidence rule concerns limiting potential for alteration. The best evidence rule is a common law rule of evidence which can be traced back at least as far as the 18th century. In Omychund v Barker (1745) 1 Atk, 21, 49; 26 ER 15, 33, Lord Harwicke stated that no evidence was admissible unless it was
"the best that the nature of the case will allow". The general rule is that secondary evidence, such as a copy or facsimile, will be not admissible if an original document exists, and is not unavailable due to destruction or other circumstances indicating unavailability.
The rationale for the best evidence rule can be understood from the context in which it arose: in the eighteenth century a copy was usually made by hand by a clerk (or even a litigant). The best evidence rule was predicated on the assumption that, if the original was not produced, there was a significant chance of error or fraud in relying on such a copy.
The hearsay rule concerns computer-generated evidence, which is considered second-hand evidence.
Hearsay is information gathered by one person from another concerning some event, condition, or thing of which the first person had no direct experience. When submitted as evidence, such statements are called hearsay evidence. As a legal term, "hearsay" can also have the narrower meaning of the use of such information as evidence to prove the truth of what is asserted. Such use of "hearsay evidence" in court is generally not allowed. This prohibition is called the hearsay rule.
For example, a witness says "Susan told me Tom was in town". Since the witness did not see Tom in town, the statement would be hearsay evidence to the fact that Tom was in town, and not admissible. However, it would be admissible as evidence that Susan said Tom was in town, and on the issue of her knowledge of whether he was in town.
Hearsay evidence has many exception rules. For the purpose of the exam you must be familiar with the business records exception rule to the Hearsay Evidence. The business records created during the ordinary course of business are considered reliable and can usually be brought in under this exception if the proper foundation is laid when the records are introduced into evidence. Depending on which jurisdiction the case is in, either the records custodian or someone with knowledge of the records must lay a foundation for the records. Logs that are collected as part of a document business process being carried at regular interval would fall under this exception. They could be presented in court and not be considered Hearsay.
Investigation rule is a detractor.
Source: ROTHKE, Ben, CISSP CBK Review presentation on domain 9.
and
The FREE Online Law Dictionary at: http://legal-dictionary.thefreedictionary.com/Exclusionary+Rule and
Wikipedia has a nice article on this subject at: http://en.wikipedia.org/wiki/Exclusionary_rule and
http://en.wikipedia.org/wiki/Hearsay_in_United_States_law#Hearsay_exceptions

 

NEW QUESTION 643
Which of the following reviews system and event logs to detect attacks on the host and determine if the attack was successful?

  • A. bastion-based IDS
  • B. server-based IDS
  • C. host-based IDS
  • D. firewall-based IDS

Answer: C

Explanation:
Explanation/Reference:
A host-based IDS can review the system and event logs in order to detect an attack on the host and to determine if the attack was successful.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 48.

 

NEW QUESTION 644
Which of the following virus types changes some of its characteristics as it spreads?

  • A. Polymorphic
  • B. Boot Sector
  • C. Parasitic
  • D. Stealth

Answer: A

Explanation:
Explanation/Reference:
A Polymorphic virus produces varied but operational copies of itself in hopes of evading anti-virus software.
The following answers are incorrect:
boot sector. Is incorrect because it is not the best answer. A boot sector virus attacks the boot sector of a drive. It describes the type of attack of the virus and not the characteristics of its composition.
parasitic. Is incorrect because it is not the best answer. A parasitic virus attaches itself to other files but does not change its characteristics.
stealth. Is incorrect because it is not the best answer. A stealth virus attempts to hide changes of the affected files but not itself.

 

NEW QUESTION 645
What is the greatest danger from DHCP?

  • A. Having the organization's mail server unreachable.
  • B. Having multiple clients on the same LAN having the same IP address.
  • C. An intruder on the network impersonating a DHCP server and thereby misconfiguring the DHCP clients.
  • D. Having the wrong router used as the default gateway.

Answer: C

Explanation:
Explanation/Reference:
The greatest danger from BootP or DHCP (Dynamic Host Control Protocol) is from an intruder on the network impersonating a DHCP server and thereby misconfiguring the DHCP clients. Other choices are possible consequences of DHCP impersonation.
Source: STREBE, Matthew and PERKINS, Charles, Firewalls 24seven, Sybex 2000, Chapter 4: Sockets and Services from a Security Viewpoint.

 

NEW QUESTION 646
What algorithm was DES derived from?

  • A. Brooks-Aldeman.
  • B. Twofish.
  • C. Skipjack.
  • D. Lucifer.

Answer: D

Explanation:
Explanation/Reference:
NSA took the 128-bit algorithm Lucifer that IBM developed, reduced the key size to 64 bits and with that developed DES.
The following answers are incorrect:
Twofish. This is incorrect because Twofish is related to Blowfish as a possible replacement for DES.
Skipjack. This is incorrect, Skipjack was developed after DES by the NSA .
Brooks-Aldeman. This is incorrect because this is a distractor, no algorithm exists with this name.

 

NEW QUESTION 647
Which of the following can prevent hijacking of a web session?

  • A. SSL
  • B. PPP
  • C. SET
  • D. RSA

Answer: A

Explanation:
Explanation/Reference:
The Secure Socket Layer (SSL) protocol is used between a web server and client and provides entire session encryption, thus preventing from session hijacking. RSA is asymmetric encryption algorithm that can be used in setting up a SSL session. SET is the Secure Electronic Transaction protocol that was introduced by Visa and Mastercard to allow for more credit card transaction possibilities. PPP is a point-to- point protocol.
Source: KRUTZ, Ronald L & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page
89).

 

NEW QUESTION 648
Which of the following is NOT a proper component of Media Viability Controls?

  • A. Writing
  • B. Storage
  • C. Handling
  • D. Marking

Answer: A

Explanation:
Explanation/Reference:
Media Viability Controls include marking, handling and storage.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 231.

 

NEW QUESTION 649
Which of the following security-focused protocols has confidentiality services operating at a
layer different from the others?

  • A. Secure socket layer (SSL)
  • B. Sequenced Packet Exchange (SPX)
  • C. Secure HTTP (S-HTTP)
  • D. FTP Secure (FTPS)

Answer: C

Explanation:
All the previous protocols operate at the transport layer except for Secure
HTTP (S-HTTP), which operates at the application layer. S-HTTP has been replaced by
SSL and TLS.
As it is very well explained in the Shon Harris book:
The transport layer receives data from many different applications and assembles the data
into a stream to be properly transmitted over the network. The main protocols that work at
this layer are TCP, UDP, Secure Sockets Layer (SSL), and Sequenced Packet Exchange
(SPX).
NOTE:
Different references can place specific protocols at different layers. For example, many
references place the SSL protocol in the session layer, while other references place it in
the transport layer. It is not that one is right or wrong. The OSI model tries to draw boxes
around reality, but some protocols straddle the different layers. SSL is made up of two
protocols- one works in the lower portion of the session layer and the other works in the
transport layer.
For purposes of the CISSP exam, SSL resides in the transport layer.
Reference(s) used for this question:
Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 526). McGraw-
Hill. Kindle Edition.

 

NEW QUESTION 650
The IP header contains a protocol field. If this field contains the value of 6, what type of data is contained within the ip datagram?

  • A. IGMP.
  • B. UDP.
  • C. TCP.
  • D. ICMP.

Answer: C

Explanation:
If the protocol field has a value of 6 then it would indicate it was TCP. The protocol field of the IP packet dictates what protocol the IP packet is using.
TCP=6, ICMP=1, UDP=17, IGMP=2
The following answers are incorrect:
ICMP. Is incorrect because the value for an ICMP protocol would be 1.
UDP. Is incorrect because the value for an UDP protocol would be 17.
IGMP. Is incorrect because the value for an IGMP protocol would be 2.
References:
SANS http://www.sans.org/resources/tcpip.pdf?ref=3871

 

NEW QUESTION 651
Which of the following steps is NOT one of the eight detailed steps of a Business Impact Assessment (BIA):

  • A. Creating data gathering techniques.
  • B. Calculating the risk for each different business function.
  • C. Identifying critical business functions.
  • D. Notifying senior management of the start of the assessment.

Answer: D

Explanation:
Explanation/Reference:
Source: HARRIS, S., CISSP All- In-One Exam Guide, 3rd. Edition, 2005, Chapter 9, Page 701.
There have been much discussion about the steps of the BIA and I struggled with this before deciding to scrape the question about "the four steps," and re-write the question using the AIO for a reference. This question should be easy.... if you know all eight steps.
The eight detailed and granular steps of the BIA are:
1. Select Individuals to interview for the data gathering.
2. Create data gathering techniques (surveys, questionnaires, qualitative and quantitative approaches).
3. Identify the company's critical business functions.
4. Identify the resources that these functions depend upon.
5. Calculate how long these functions can survive without these resources.
6. Identify vulnerabilities and the threats to these functions.
7. Calculate risk for each of the different business functions.
8. Document findings and report them to management.
Shon goes on to cover each step in Chapter 9.

 

NEW QUESTION 652
When a station communicates on the network for the first time, which of the following protocol would search for and find the Internet Protocol (IP) address that matches with a known Ethernet address?

  • A. Address Resolution Protocol (ARP).
  • B. Reverse Address Resolution Protocol (RARP).
  • C. Internet Control Message protocol (ICMP).
  • D. User Datagram Protocol (UDP).

Answer: B

Explanation:
The RARP protocol sends out a packet, which includes its MAC address and a request to be informed of the IP address that should be assigned to that MAC address.
ARP does the opposite by broadcasting a request to find the Ethernet address that matches a known IP address.
ICMP supports packets containing error, control, and informational messages (e.g. PING). UDP runs over IP and is used primarily for broadcasting messages over a network.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 87.

 

NEW QUESTION 653
Information Security policies should be __________________? (Choose all that apply)

  • A. Audited and revised periodically
  • B. ClearlyCommunicated to all system users
  • C. Written down
  • D. None of the choices listed are correct

Answer: A,B,C

 

NEW QUESTION 654
Why would a memory dump be admissible as evidence in court?

  • A. Because of the exclusionary rule.
  • B. Because it is used to demonstrate the truth of the contents.
  • C. Because the state of the memory cannot be used as evidence.
  • D. Because it is used to identify the state of the system.

Answer: D

Explanation:
A memory dump can be admitted as evidence if it acts merely as a statement of fact. A system dump is not considered hearsay because it is used to identify the state of the system, not the truth of the contents. The exclusionary rule mentions that evidence must be gathered legally or it can't be used. This choice is a distracter.
Source: ANDRESS, Mandy, Exam Cram CISSP, Coriolis, 2001, Chapter 10: Law, Investigation, and Ethics (page 187).

 

NEW QUESTION 655
How long are IPv4 addresses?

  • A. 64 bits long.
  • B. 32 bits long.
  • C. 16 bits long.
  • D. 128 bits long.

Answer: B

Explanation:
Section: Network and Telecommunications
Explanation/Reference:
IPv4 addresses are currently 32 bits long. IPv6 addresses are 128 bits long.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 87.

 

NEW QUESTION 656
Which of the following is a method of multiplexing data where a communication channel is divided into an arbitrary number of variable bit-rate digital channels or data streams. This method allocates bandwidth dynamically to physical channels having information to transmit?

  • A. Time-division multiplexing
  • B. Asynchronous time-division multiplexing
  • C. Statistical multiplexing
  • D. Frequency division multiplexing

Answer: C

Explanation:
Section: Network and Telecommunications
Explanation/Reference:
Statistical multiplexing is a type of communication link sharing, very similar to dynamic bandwidth allocation (DBA). In statistical multiplexing, a communication channel is divided into an arbitrary number of variable bit- rate digital channels or data streams. The link sharing is adapted to the instantaneous traffic demands of the data streams that are transferred over each channel. This is an alternative to creating a fixed sharing of a link, such as in general time division multiplexing (TDM) and frequency division multiplexing (FDM). When performed correctly, statistical multiplexing can provide a link utilization improvement, called the statistical multiplexing gain.
Generally, the methods for multiplexing data include the following :
Time-division multiplexing (TDM): information from each data channel is allocated bandwidth based on pre- assigned time slots, regardless of whether there is data to transmit. Time-division multiplexing is used primarily for digital signals, but may be applied in analog multiplexing in which two or more signals or bit streams are transferred appearing simultaneously as sub-channels in one communication channel, but are physically taking turns on the channel. The time domain is divided into several recurrent time slots of fixed length, one for each sub-channel. A sample byte or data block of sub-channel 1 is transmitted during time slot
1, sub-channel 2 during time slot 2, etc. One TDM frame consists of one time slot per sub-channel plus a synchronization channel and sometimes error correction channel before the synchronization. After the last sub- channel, error correction, and synchronization, the cycle starts all over again with a new frame, starting with the second sample, byte or data block from sub-channel 1, etc.
Asynchronous time-division multiplexing (ATDM): information from data channels is allocated bandwidth as needed, via dynamically assigned time slots. ATM provides functionality that is similar to both circuit switching and packet switching networks: ATM uses asynchronous time-division multiplexing, and encodes data into small, fixed-sized packets (ISO-OSI frames) called cells. This differs from approaches such as the Internet Protocol or Ethernet that use variable sized packets and frames. ATM uses a connection-oriented model in which a virtual circuit must be established between two endpoints before the actual data exchange begins.
These virtual circuits may be "permanent", i.e. dedicated connections that are usually preconfigured by the service provider, or "switched", i.e. set up on a per-call basis using signalling and disconnected when the call is terminated.
Frequency division multiplexing (FDM): information from each data channel is allocated bandwidth based on the signal frequency of the traffic. In telecommunications, frequency-division multiplexing (FDM) is a technique by which the total bandwidth available in a communication medium is divided into a series of non-overlapping frequency sub-bands, each of which is used to carry a separate signal. This allows a single transmission medium such as the radio spectrum, a cable or optical fiber to be shared by many signals.
Reference used for this question:
http://en.wikipedia.org/wiki/Statistical_multiplexing
and
http://en.wikipedia.org/wiki/Frequency_division_multiplexing
and
Information Systems Audit and Control Association, Certified Information Systems Auditor 2002 review manual, Chapter 3: Technical Infrastructure and Operational Practices (page 114).

 

NEW QUESTION 657
Which of the following type of cryptography is used when both parties use the same key to communicate securely with each other?

  • A. Symmetric Key Cryptography
  • B. DSS - Digital Signature Standard
  • C. PKI - Public Key Infrastructure
  • D. Diffie-Hellman

Answer: A

Explanation:
Symmetric-key algorithms are a class of algorithms for cryptography that use the same cryptographic keys for both encryption of plaintext (sender) and decryption of ciphertext (receiver). The keys may be identical, in practice, they represent a shared secret between two or more parties that can be used to maintain a private information link.
This requirement that both parties have access to the secret key is one of the main drawbacks of symmetric key encryption, in comparison to public-key encryption. This is also known as secret key encryption. In symmetric key cryptography, each end of the conversation must have the same key or they cannot decrypt the message sent to them by the other party.
Symmetric key crypto is very fast but more difficult to manage due to the need to distribute the key in a secure means to all parts needing to decrypt the data. There is no key management built within Symmetric crypto.
PKI provides CIA - Confidentiality (Through encryption) Integrity (By guaranteeing that the message hasn't change in transit) and Authentication (Non-repudiation). Symmetric key crypto provides mostly Confidentiality.
The following answers are incorrect:
-PKI - Public Key Infrastructure: This is the opposite of symmetric key crypto. Each side in PKI has their own private key and public key. What one key encrypt the other one can decrypt. You make use of the receiver public key to communicate securely with a remote user. The receiver will use their matching private key to decrypt the data.
-Diffie-Hellman: Sorry, this is an asymmetric key technique. It is used for key agreement over an insecure network such as the Internet. It allows two parties who has never met to negotiate a secret key over an insecure network while preventing Man-In-The-Middle (MITM) attacks.
-DSS - Digital Signature Standard: Sorry, this is an asymmetric key technique.
The following reference(s) was used to create this question: To learn more about this questions and 100% of the Security+ CBK, subscribe to our Holistic Computer Based Tutorial (CBT) on our Learning Management System at: http://www.cccure.tv and http://en.wikipedia.org/wiki/Symmetric-key_algorithm

 

NEW QUESTION 658
At which OSI/ISO layer is an encrypted authentication between a client software package and a firewall performed?

  • A. Data link layer
  • B. Session layer
  • C. Transport layer
  • D. Network layer

Answer: C

Explanation:
Explanation/Reference:
Encrypted authentication is a firewall feature that allows users on an external network to authenticate themselves to prove that they are authorized to access resources on the internal network. Encrypted authentication is convenient because it happens at the transport layer between a client software and a firewall, allowing all normal application software to run without hindrance.
Source: STREBE, Matthew and PERKINS, Charles, Firewalls 24seven, Sybex 2000, Chapter 1:
Understanding Firewalls.

 

NEW QUESTION 659
CORRECT TEXT
NIPC stands for _____ _____ _____ ______ and is a government organization designed to help protect our nation's vital information resources.

Answer:

Explanation:
Infrastructure Protection Center

 

NEW QUESTION 660
The IP header contains a protocol field. If this field contains the value of 1, what type of data is contained within the IP datagram?

  • A. IGMP.
  • B. UDP.
  • C. TCP.
  • D. ICMP.

Answer: D

Explanation:
If the protocol field has a value of 1 then it would indicate it was ICMP.
The following answers are incorrect:
TCP. Is incorrect because the value for a TCP protocol would be 6. UDP. Is incorrect because the value for an UDP protocol would be 17. IGMP. Is incorrect because the value for an IGMP protocol would be 2.

 

NEW QUESTION 661
......

Passing Key To Getting SSCP Certified Exam Engine PDF: https://www.testsimulate.com/SSCP-study-materials.html

Related Blogs

more
Go To SSCP Questions

Copyright © 2026 TESTSIMULATE.COM. All rights reserved. All trademarks are the property of their respective owners and we don't provide actual questions from any vendor.