SSCP Flashcards

Terms Definitions
PREVENTATIVE Access Controls
Detur intrusion or attacks, Example:Seperation of duties
What are Objects?
Objects are data applications, systems, networks, and physical space.
Authentication
The process of validating a subject's identity.
TECHNICAL Access Controls
Computer mechanisms that restrict access. Example: Encryption
PHYSICAL Access Controls
Restrict or conrol physical access.
Cognitave password
Related to things people know, such as mothers maden name.
What kind of password is marryhadalittlelamb?
Cognitave
Which of the following defines the CROSSOVER RATE for evaluating biometric systems?
The point where the number of false positives matches the number of false negatives in a biometric systems.
What conditions are disirable when selecting a biomeric system?
Low crossever error rate, and a high processing rate
False negitive
When someone is denied access when they should be allowed access.
What should be done to a user account if the user goes on an extended vacation?
Lock the account
Syncronous Token Devices
Devices Synchronized to an authentication server
What is a strong password?
A strong password should not contain dictionary words or any part of the log in name. They should include upper case letters, numbrtd, snf dymbold. In addition, longer is better.
What kind of access controls should be used implement short term repairs to restore basic functionality after an attack?
Corrective
Which of the following is an example of type 1 authentication?A. Smart cardB. User nameC. PassphraseD. Retina scan
C. Pass Phrase
You have just configured and set the password policy and set the minumum password age to 10. What will be the effect of this configuration?
Users cannot change their password for 10 days.
You implemented account lockout with a clipping level of 4. What will be the effect of this setting?
The account will be locked out after 4 incorrect attempts.
What is the best action taken after noticing a user has written their password down?
Implement end-user training
What is the best way to dispose of data stored on CD-Rs?
Sred it bich
What is the star property of Bell-Padula?
no write-down?
What is the Clark-Wilson model primarily based on?
Controlled Intermediary access applications
The brewer-bash model is designed to prevent what?
Conflicts of interest
Which access control model manages rights and permissions based on job descriptions and responsibilities?
Mandatory Access Control (MAC)
What does the Mandatory Access Control (MAC) method use to control access?
Sensitivity labels mofo
Discretionary Access Control (DAC) Manages access resources using what primary element or aspect?
Identity
DAC (Discretionary Access Control)
Uses Identities to control resource access. Users can define access controls to their owned resources.
What kind of access control focuses on assigning privlages based on security clearance and data sensitivity?
MAC (Mandatory Access Control)
Which principles is implemented in a mandatory access control model to determine access to an object using classification levels?
Need to know
NEED TO KNOW is required to access what types of resources?
Compartmentalized resources
In what orm of access control enviroment is access controlled by rules rather than by identity?
Mandatory Access Control (MAC)
What form of access control is based on job descriptions?
Role Based access control (RBAC)
What are two examples of single sign-on authentication solutions?
SESAME and Keberos
Which of the following is not a characeristic of Keberos?A. End to end securityB.Symmetric key cryptographyC. Peer to peer relationshipsD. Data Encryption Standard
C. Peer to peer relationships
What is another term for the type of logon credentials provided by a token device?
One-time password motha fucka
Which of the following is the strongest form of multi-factor authentication?A. Two passwordsB. Two-factor authenticationC. A password,a biometric scan, and a token deviceD. A password and a biometric scan
C. A password, a biometric scan, and a token device
Mutual authentication
A process by which each party in an online communication verifies the identity of the other party.
Which of the following is not a form of biometric?A. Token deviceB. Face recognitionC. Retina scanD. Finger print
A. Token Device
What are two disadvantages of biometrics?
When used alone or solely, they are no more secure than a strong password. Also, they have a potential for numerous false rejections
What form of authentication solution employs a hashed form of the user's password that has an assed time stamp as a form of identity?
Keberos
What is the most important aspect of a biometric device?
Accuracy
What is the strongest biometric factor?
A two factor authentication
Which of the following is not an example of a single sign-on solution?A. Scripted accessB. KeberosC. Directory servicesD. Workgroup
D. Workgroup
Name two advantages single sign on (SSO) provide?
1. The elimination of multiple user accounts and passwords for an individual.2. Access to all authhorized resources with a single instance og authentication.
A smart card can be used to store all BUT which of the following items?A. Digital signatureB. Biometric template originalC. Cryptography keysD. Identifaction codes
B. Biometric template original
Which teo of the following are requirements to deploy keberos on a network?A. A centralized database of users and passwordsB. Time Syncronization between devicesC. Blocking of remote connectivityD. Use of token devices and one-time passwordsE. A directory
A. A centralized database of users and passwordsB. Time syncronization between devices
Which of the following is NOT an important aspect of password management?A. Enable account lockoutB. Prevent use of personal information in a passwordC.Always store passwords in a secure mediumD. Training users to create complex passwords that use that ar
A. Enable account lockout
In a variation of the brute force attack, an attacker may use a predefined list (dictionary) of commonly used usernames and passwords to gain access to existing user accounts. Which countermeasure best addresses this issue?
A strong password policy
What is an example of privlage escalation?
Creeping privlages
Which of the following is the least reliable means to clean or purge media?A. Overwritting every sector with alternating 1's and 0'sB. OS low-level formatting C.Drive controller hardware level formattingD. Degaussing
D. Degaussing
In a high society enviroment, what is the most important concern when a removable media is no longer needed?
Destruction
In a high society enviroment, what is the most important concern when a removable media is no longer needed?
Destruction
What type of cipher changes the POSITION of the characters in a plaintext message?
Transportation
The Enigma machine, a crptographic tool introduced in 1944 and used in WW2, Encrypted messages by replacing characters for plaintext. What type of cipher does the Enigma machine use?
Substitution
By definition, which security concept ensures that only authorized parties can access data?
Confidentiality
In a cryptographic system, name two properties should initialization vector have?
Large, and unpredictable
name two things that are true of triple DES (3DES)?
Is used in IPSEC, and it uses a 168-bit-key
What is the is the most frequently used symmetric key stream sipher?
Ron's Cipher v4 (RC4)
Which of the following is NOT true concerning symmetric key cryptograpghy?A.Before communications begin, both parties must exchange the shared secret keyB.Key management is easy when imlemented on a large scale.C.Each pair of communicating entities requir
B. Key management is easy when implemented on a large scale.
What form of cryptography is best implemented in hardware?
Symmetric steam
Name two Advanced Encryption Standard (AES) Symmetric block cipher?
AES uses a variable length block and key length (128-,192-, or 256-bit keys) and AES uses the Rijndael block cipher.
Which of the following symmetric block ciphers does NOT use a variable block length?A. Elliptic Curve (EC)B. International Data Encryption Algorithm (IDEA)C. Standard (AES)D. Ron's Cipher v5 (RC5)
B. International Data Encryption Algorithm (IDEA)
/ 61
Term:
Definition:
Definition:

Leave a Comment ({[ getComments().length ]})

Comments ({[ getComments().length ]})

{[comment.username]}

{[ comment.comment ]}

View All {[ getComments().length ]} Comments
Ask a homework question - tutors are online