[Nov 17, 2021] Ultimate SSCP Guide to Prepare Free Latest ISC Practice Tests Dumps [Q453-Q477] | TestBraindump

  • Home
  • Articles
  • [Nov 17, 2021] Ultimate SSCP Guide to Prepare Free Latest ISC Practice Tests Dumps [Q453-Q477]

[Nov 17, 2021] Ultimate SSCP Guide to Prepare Free Latest ISC Practice Tests Dumps [Q453-Q477]

Share

[Nov 17, 2021] Ultimate SSCP Guide to Prepare Free Latest ISC Practice Tests Dumps

Get Top-Rated ISC SSCP Exam Dumps Now


Network & Communication Security (16%):

  • Managing Network Access Controls – It contains the details regarding network access control & monitoring, network access control protocols & standards, and remote access operations & configuration;
  • Understanding Network Attacks & Countermeasures;
  • Managing Network Security – This subject area covers one’s knowledge of segmentation, logical & physical network device placement, and secure device management;
  • Configuring & Operating Network-Based Security Devices – It evaluates your skills in performing various actions, including the network intrusion detection & prevention systems, traffic-shaping devices, firewalls & proxies, and routers & switches;
  • Configuring & Operating Wireless Technologies – This objective covers transmission security and wireless security devices.
  • Understanding & Applying the Basic Concepts of Networking – This subsection includes the information about the transmission media types, OSI & TCP/IP models, network relationships, network topographies, as well as commonly used protocols and ports;

This qualifying exam covers seven domains with varying weights. The details of these subject areas are highlighted below:

Access Controls (16%):

  • Implementing & Maintaining Authentication Techniques – This area covers federated access, single sign-on, single/multi-factor authentication, and device authentication;
  • Implementing Access Control – Here, you are required to understand mandatory, discretionary, subject-based, attribute-based, object-based, and non-discretionary.
  • Participating in the Lifecycle of Identity Management – The potential candidates should understand the concepts, such as authorization, maintenance, proofing, entitlement, provisioning/de-provisioning, as well as Identity & Access Management systems;
  • Supporting the Internetwork Trust Architecture – This one is about extranet, trust relationships, and third-party connections;

 

NEW QUESTION 453
The Information Technology Security Evaluation Criteria (ITSEC) was written to address which of the following that the Orange Book did not address?

  • A. integrity and confidentiality.
  • B. none of the above.
  • C. confidentiality and availability.
  • D. integrity and availability.

Answer: D

Explanation:
Section: Security Operation Adimnistration
Explanation/Reference:
TCSEC focused on confidentiality while ITSEC added integrity and availability as security goals.
The following answers are incorrect:
integrity and confidentiality. Is incorrect because TCSEC addressed confidentiality.
confidentiality and availability. Is incorrect because TCSEC addressed confidentiality.
none of the above. Is incorrect because ITSEC added integrity and availability as security goals.

 

NEW QUESTION 454
Which of the following security controls might force an operator into collusion with personnel assigned organizationally within a different function in order to gain access to unauthorized data?

  • A. Enforcing regular password changes
  • B. Job rotation of operations personnel
  • C. Management monitoring of audit logs
  • D. Limiting the local access of operations personnel

Answer: D

Explanation:
Explanation/Reference:
The questions specifically said: "within a different function" which eliminate Job Rotation as a choice.
Management monitoring of audit logs is a detective control and it would not prevent collusion.
Changing passwords regularly would not prevent such attack.
This question validates if you understand the concept of separation of duties and least privilege. By having operators that have only the minimum access level they need and only what they need to do their duties within a company, the operations personnel would be force to use collusion to defeat those security mechanism.
Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.

 

NEW QUESTION 455
What term describes the amount of risk that remains after the countermeasures have been deployed and the vulnerabilities classified?

  • A. Imminent risk
  • B. Residual risk
  • C. Infinite risk
  • D. Terminal risk

Answer: B

 

NEW QUESTION 456
What IDS approach relies on a database of known attacks?

  • A. Statistical anomaly-based intrusion detection
  • B. Behavior-based intrusion detection
  • C. Network-based intrusion detection
  • D. Signature-based intrusion detection

Answer: D

Explanation:
Section: Analysis and Monitoring
Explanation/Reference:
A weakness of the signature-based (or knowledge-based) intrusion detection approach is that only attack signatures that are stored in a database are detected. Network-based intrusion detection can either be signature-based or statistical anomaly-based (also called behavior-based).
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 2: Access control systems (page 49).

 

NEW QUESTION 457
Which of the following is NOT a proper component of Media Viability Controls?

  • A. Writing
  • B. Storage
  • C. Handling
  • D. Marking

Answer: A

Explanation:
Section: Security Operation Adimnistration
Explanation/Reference:
Media Viability Controls include marking, handling and storage.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 231.

 

NEW QUESTION 458
Examples of types of physical access controls include all EXCEPT which of the following?

  • A. guards
  • B. badges
  • C. passwords
  • D. locks

Answer: C

Explanation:
Explanation/Reference:
Passwords are considered a Preventive/Technical (logical) control.
The following answers are incorrect:
badges Badges are a physical control used to identify an individual. A badge can include a smart device which can be used for authentication and thus a Technical control, but the actual badge itself is primarily a physical control.
locks Locks are a Preventative Physical control and has no Technical association.
guards Guards are a Preventative Physical control and has no Technical association.
The following reference(s) were/was used to create this question:
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 2: Access control systems (page 35).

 

NEW QUESTION 459
Which of the following teams should NOT be included in an organization's contingency plan?

  • A. Tiger team
  • B. Damage assessment team
  • C. Legal affairs team
  • D. Hardware salvage team

Answer: A

Explanation:
Section: Risk, Response and Recovery
Explanation/Reference:
According to NIST's Special publication 800-34, a capable recovery strategy will require some or all of the following functional groups: Senior management official, management team, damage assessment team, operating system administration team, systems software team, server recovery team, LAN/WAN recovery team, database recovery team, network operations recovery team, telecommunications team, hardware salvage team, alternate site recovery coordination team, original site restoration/salvage coordination team, test team, administrative support team, transportation and relocation team, media relations team, legal affairs team, physical/personal security team, procurements team. Ideally, these teams would be staffed with the personnel responsible for the same or similar operation under normal conditions. A tiger team, originally a U.S.
military jargon term, defines a team (of sneakers) whose purpose is to penetrate security, and thus test security measures. Used today for teams performing ethical hacking.
Source: SWANSON, Marianne, & al., National Institute of Standards and Technology (NIST), NIST Special Publication 800-34, Contingency Planning Guide for Information Technology Systems, December 2001 (page
23).

 

NEW QUESTION 460
A network-based vulnerability assessment is a type of test also referred to as:

  • A. A passive vulnerability assessment.
  • B. A host-based vulnerability assessment.
  • C. A routing vulnerability assessment.
  • D. An active vulnerability assessment.

Answer: D

Explanation:
Explanation/Reference:
A network-based vulnerability assessment tool/system either re-enacts system attacks, noting and recording responses to the attacks, or probes different targets to infer weaknesses from their responses.
Since the assessment is actively attacking or scanning targeted systems, network-based vulnerability assessment systems are also called active vulnerability systems.
There are mostly two main types of test:
PASSIVE: You don't send any packet or interact with the remote target. You make use of public database and other techniques to gather information about your target.
ACTIVE: You do send packets to your target, you attempt to stimulate response which will help you in gathering information about hosts that are alive, services runnings, port state, and more.
See example below of both types of attacks:
Eavesdropping and sniffing data as it passes over a network are considered passive attacks because the attacker is not affecting the protocol, algorithm, key, message, or any parts of the encryption system.
Passive attacks are hard to detect, so in most cases methods are put in place to try to prevent them rather than to detect and stop them.
Altering messages , modifying system files, and masquerading as another individual are acts that are considered active attacks because the attacker is actually doing something instead of sitting back and gathering data. Passive attacks are usually used to gain information prior to carrying out an active attack.
IMPORTANT NOTE:
On the commercial vendors will sometimes use different names for different types of scans. However, the exam is product agnostic. They do not use vendor terms but general terms. Experience could trick you into selecting the wrong choice sometimes. See feedback from Jason below:
"I am a system security analyst. It is my daily duty to perform system vulnerability analysis. We use Nessus and Retina (among other tools) to perform our network based vulnerability scanning. Both commercially available tools refer to a network based vulnerability scan as a "credentialed" scan. Without credentials, the scan tool cannot login to the system being scanned, and as such will only receive a port scan to see what ports are open and exploitable"
Reference(s) used for this question:
Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 865). McGraw-Hill. Kindle Edition.
and
DUPUIS, Clement, Access Control Systems and Methodology CISSP Open Study Guide, version 1.0, march 2002 (page 97).

 

NEW QUESTION 461
Which of the following is used to find the Media Access Control address (MAC) that matches with a known Internet Protocol (IP) address?

  • A. User Datagram Protocol (UDP).
  • B. Internet Control Message protocol (ICMP).
  • C. Address Resolution Protocol (ARP).
  • D. Reverse Address Resolution Protocol (RARP).

Answer: C

Explanation:
Explanation/Reference:
ARP is used to find the Media Access Control address (MAC) that matches with a known Internet Protocol (IP) address.
The Address Resolution Protocol (ARP) is a computer networking protocol for determining a network host's link layer or hardware address when only its Internet Layer (IP) or Network Layer address is known Reverse Address Resolution Protocol (RARP) is used to find the IP address that matches an Ethernet address.
ICMP is a management protocol and messaging service provider for IP (e.g. PING).
UDP runs over IP. It is a best effort protocol that offers no reliability. UDS is used for application such as streaming media, voice over IP, the DNS protocol, as well as the Simple Network Management Protocol (SNMP).
Source: KRUTZ, Ronald L & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 87.
also see:
http://en.wikipedia.org/wiki/Address_resolution_protocol

 

NEW QUESTION 462
Wiretapping is an example of a passive network attack?

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 463
Which of the following choice is NOT normally part of the questions that would be asked in regards to an organization's information security policy?

  • A. Who is responsible for monitoring compliance to the organization's security policy?
  • B. Who is involved in establishing the security policy?
  • C. Where is the organization's security policy defined?
  • D. What are the actions that need to be performed in case of a disaster?

Answer: D

Explanation:
Actions to be performed in case of a disaster are not normally part of an
information security policy but part of a Disaster Recovery Plan (DRP).
Only personnel implicated in the plan should have a copy of the Disaster Recovery Plan
whereas everyone should be aware of the contents of the organization's information
security policy.
Source: ALLEN, Julia H., The CERT Guide to System and Network Security Practices,
Addison-Wesley, 2001, Appendix B, Practice-Level Policy Considerations (page 398).

 

NEW QUESTION 464
What is called the percentage at which the False Rejection Rate equals the False Acceptance Rate?

  • A. Failure to enroll rate (FTE or FER)
  • B. False Rejection Rate (FRR) or Type I Error
  • C. Crossover Error Rate (CER)
  • D. False Acceptance Rate (FAR) or Type II Error

Answer: C

Explanation:
Explanation/Reference:
The percentage at which the False Rejection Rate equals the False Acceptance Rate is called the Crossover Error Rate (CER). Another name for the CER is the Equal Error Rate (EER), any of the two terms could be used.
Equal error rate or crossover error rate (EER or CER)
It is the rate at which both accept and reject errors are equal. The EER is a quick way to compare the accuracy of devices with different ROC curves. In general, the device with the lowest EER is most accurate.
The other choices were all wrong answers:
The following are used as performance metrics for biometric systems:
false accept rate or false match rate (FAR or FMR): the probability that the system incorrectly matches the input pattern to a non-matching template in the database. It measures the percent of invalid inputs which are incorrectly accepted. This is when an impostor would be accepted by the system.
False reject rate or false non-match rate (FRR or FNMR): the probability that the system fails to detect a match between the input pattern and a matching template in the database. It measures the percent of valid inputs which are incorrectly rejected. This is when a valid company employee would be rejected by the system.
Failure to enroll rate (FTE or FER): the rate at which attempts to create a template from an input is unsuccessful. This is most commonly caused by low quality inputs.
Reference(s) used for this question:
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 38.
and
https://en.wikipedia.org/wiki/Biometrics

 

NEW QUESTION 465
When a security violation occurs, what important information should be logged? (Choose all that apply)

  • A. User's first and last name
  • B. Timestamp
  • C. User ID
  • D. All of the items listed
  • E. Computer / Terminal ID

Answer: B,C,E

 

NEW QUESTION 466
Which of the following is NOT a property of the Rijndael block cipher algorithm?

  • A. The key size does not have to match the block size
  • B. The key sizes must be a multiple of 32 bits
  • C. Maximum key size is 512 bits
  • D. Maximum block size is 256 bits

Answer: C

Explanation:
Explanation/Reference:
The above statement is NOT true and thus the correct answer. The maximum key size on Rijndael is 256 bits.
There are some differences between Rijndael and the official FIPS-197 specification for AES.
Rijndael specification per se is specified with block and key sizes that must be a multiple of 32 bits, both with a minimum of 128 and a maximum of 256 bits. Namely, Rijndael allows for both key and block sizes to be chosen independently from the set of { 128, 160, 192, 224, 256 } bits. (And the key size does not in fact have to match the block size).
However, FIPS-197 specifies that the block size must always be 128 bits in AES, and that the key size may be either 128, 192, or 256 bits. Therefore AES-128, AES-192, and AES-256 are actually:
Key Size (bits) Block Size (bits)
AES-128 128 128
AES-192 192 128
AES-256 256 128
So in short:
Rijndael and AES differ only in the range of supported values for the block length and cipher key length.
For Rijndael, the block length and the key length can be independently specified to any multiple of 32 bits, with a minimum of 128 bits, and a maximum of 256 bits.
AES fixes the block length to 128 bits, and supports key lengths of 128, 192 or 256 bits only.
References used for this question:
http://blogs.msdn.com/b/shawnfa/archive/2006/10/09/the-differences-between-rijndael-and-aes.aspx and
http://csrc.nist.gov/CryptoToolkit/aes/rijndael/Rijndael.pdf

 

NEW QUESTION 467
Which of the following media is MOST resistant to tapping?

  • A. twisted pair.
  • B. coaxial cable.
  • C. microwave.
  • D. fiber optic.

Answer: D

Explanation:
Explanation/Reference:
Fiber Optic is the most resistant to tapping because Fiber Optic uses a light to transmit the signal. While there are some technologies that will allow to monitor the line passively, it is very difficult to tap into without detection sot this technology would be the MOST resistent to tapping.
The following answers are in correct:
microwave. Is incorrect because microwave transmissions can be intercepted if in the path of the broadcast without detection.
twisted pair. Is incorrect because it is easy to tap into a twisted pair line.
coaxial cable. Is incorrect because it is easy to tap into a coaxial cable line.

 

NEW QUESTION 468
The NT Event Viewer holds which of the following types of logs?

  • A. Security
  • B. System
  • C. Application
  • D. All three of the types listed

Answer: D

 

NEW QUESTION 469
What IDS approach relies on a database of known attacks?

  • A. Statistical anomaly-based intrusion detection
  • B. Behavior-based intrusion detection
  • C. Network-based intrusion detection
  • D. Signature-based intrusion detection

Answer: D

Explanation:
Explanation/Reference:
A weakness of the signature-based (or knowledge-based) intrusion detection approach is that only attack signatures that are stored in a database are detected. Network-based intrusion detection can either be signature-based or statistical anomaly-based (also called behavior-based).
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 2: Access control systems (page 49).

 

NEW QUESTION 470
Which of the following rules pertaining to a Business Continuity Plan/Disaster Recovery Plan is incorrect?

  • A. In its procedures and tasks, the plan should refer to functions, not specific individuals.
  • B. In order to facilitate recovery, a single plan should cover all locations.
  • C. Critical vendors should be contacted ahead of time to validate equipment can be obtained in a timely manner.
  • D. There should be requirements to form a committee to decide a course of action. These decisions should be made ahead of time and incorporated into the plan.

Answer: B

Explanation:
The first documentation rule when it comes to a BCP/DRP is "one plan, one building". Much of the plan revolves around reconstructing a facility and replenishing it with production contents. If more than one facility is involved, then the reader of the plan will find it difficult to identify quantities and specifications of replacement resource items. It is possible to have multiple plans for a single building, but those plans must be linked so that the identification and ordering of resource items is centralized. All other statements are correct.
Source: BARNES, James C. & ROTHSTEIN, Philip J., A Guide to Business Continuity Planning, John Wiley & Sons, 2001 (page 162).

 

NEW QUESTION 471
Which of the following statements pertaining to Kerberos is TRUE?

  • A. Kerberos does not address integrity
  • B. Kerberos does not address availability
  • C. Kerberos does not make use of Symmetric Keys
  • D. Kerberos cannot address confidentiality of information

Answer: B

Explanation:
Section: Access Control
Explanation/Reference:
The question was asking for a TRUE statement and the only correct statement is "Kerberos does not address availability".
Kerberos addresses the confidentiality and integrity of information. It does not directly address availability.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 2: Access control systems (page 42).

 

NEW QUESTION 472
The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system is referred to as?

  • A. Confidentiality
  • B. Availability
  • C. Integrity
  • D. Reliability

Answer: B

Explanation:
Explanation/Reference:
An company security program must:
1) assure that systems and applications operate effectively and provide appropriate confidentiality, integrity, and availability;
2) protect informationcommensurate with the level of risk and magnitude ofharmresulting fromloss, misuse, unauthorized access, or modification.
The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system; i.e., a system is available if it provides services according to the system design whenever users request them.
The following are incorrect answers:
Confidentiality - The information requires protection from unauthorized disclosure and only the INTENDED recipient should have access to the meaning of the data either in storage or in transit.
Integrity - The information must be protected from unauthorized, unanticipated, or unintentional modification. This includes, but is not limited to:
Authenticity -A third party must be able to verify that the content of a message has not been changed in transit.
Non-repudiation - The origin or the receipt of a specific message must be verifiable by a third party.
Accountability - A security goal that generates the requirement for actions of an entity to be traced uniquely to that entity.
Reference used for this question:
RFC 2828
and
SWANSON, Marianne, NIST Special Publication 800-26, Security Self-Assessment Guide for Information Technology Systems, November 2001 (page 5).

 

NEW QUESTION 473
A deviation from an organization-wide security policy requires which of the following?

  • A. Risk Containment
  • B. Risk Assignment
  • C. Risk Acceptance
  • D. Risk Reduction

Answer: C

Explanation:
A deviation from an organization-wide security policy requires you to manage the risk. If you deviate from the security policy then you are required to accept the risks that might occur.
In some cases, it may be prudent for an organization to simply accept the risk that is presented in certain scenarios. Risk acceptance is the practice of accepting certain risk(s), typically based on a business decision that may also weigh the cost versus the benefit of dealing with the risk in another way.
The OIG defines Risk Management as: This term characterizes the overall process.
The first phase of risk assessment includes identifying risks, risk-reducing measures, and the budgetary impact of implementing decisions related to the acceptance, avoidance, or transfer of risk.
The second phase of risk management includes the process of assigning priority to, budgeting, implementing, and maintaining appropriate risk-reducing measures.
Risk management is a continuous process of ever-increasing complexity. It is how we evaluate the impact of exposures and respond to them. Risk management minimizes loss to information assets due to undesirable events through identification, measurement, and control. It encompasses the overall security review, risk analysis, selection and evaluation of safeguards, cost-benefit analysis, management decision, and safeguard identification and implementation, along with ongoing effectiveness review.
Risk management provides a mechanism to the organization to ensure that executive management knows current risks, and informed decisions can be made to use one of the risk management principles: risk avoidance, risk transfer, risk mitigation, or risk acceptance.
The 4 ways of dealing with risks are: Avoidance, Transfer, Mitigation, Acceptance
The following answers are incorrect:
Risk assignment. Is incorrect because it is a distractor, assignment is not one of the ways to manage risk.
Risk reduction. Is incorrect because there was a deviation of the security policy. You could have some additional exposure by the fact that you deviated from the policy.
Risk containment. Is incorrect because it is a distractor, containment is not one of the ways to manage risk.
Reference(s) used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 8882-8886). Auerbach Publications. Kindle Edition. and Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 10206-10208). Auerbach Publications. Kindle Edition.

 

NEW QUESTION 474
In biometric identification systems, at the beginning, it was soon apparent that truly positive identification could only be based on :

  • A. age of a person
  • B. physical attributes of a person
  • C. sex of a person
  • D. voice of a person

Answer: B

Explanation:
Explanation/Reference:
Today implementation of fast, accurate reliable and user-acceptable biometric identification systems is already under way.
From: TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 1, Page 7.

 

NEW QUESTION 475
One of the following assertions is NOT a characteristic of Internet Protocol Security (IPsec)

  • A. Data is delivered in the exact order in which it is sent
  • B. Data cannot be read by unauthorized parties
  • C. The number of packets being exchanged can be counted.
  • D. The identity of all IPsec endpoints are confirmed by other endpoints

Answer: A

Explanation:
IPSec provide replay protection that ensures data is not delivered multiple times, however IPsec does not ensure that data is delivered in the exact order in which it is sent. IPSEC uses TCP and packets may be delivered out of order to the receiving side depending which route was taken by the packet.
Internet Protocol Security (IPsec) has emerged as the most commonly used network layer security control for protecting communications. IPsec is a framework of open standards for ensuring private communications over IP networks. Depending on how IPsec is implemented and configured, it can provide any combination of the following types of protection:
Confidentiality. IPsec can ensure that data cannot be read by unauthorized parties. This is accomplished by encrypting data using a cryptographic algorithm and a secret key a value known only to the two parties exchanging data. The data can only be decrypted by someone who has the secret key.
Integrity. IPsec can determine if data has been changed (intentionally or unintentionally) during transit. The integrity of data can be assured by generating a message authentication code (MAC) value, which is a cryptographic checksum of the data. If the data is altered and the MAC is recalculated, the old and new MACs will differ.
Peer Authentication. Each IPsec endpoint confirms the identity of the other IPsec endpoint with which it wishes to communicate, ensuring that the network traffic and data is being sent from the expected host.
Replay Protection. The same data is not delivered multiple times, and data is not delivered grossly out of order. However, IPsec does not ensure that data is delivered in the exact order in which it is sent.
Traffic Analysis Protection. A person monitoring network traffic does not know which parties are communicating, how often communications are occurring, or how much data is being exchanged. However, the number of packets being exchanged can be counted.
Access Control. IPsec endpoints can perform filtering to ensure that only authorized IPsec users can access particular network resources. IPsec endpoints can also allow or block certain types of network traffic, such as allowing Web server access but denying file sharing.
The following are incorrect answers because they are all features provided by IPSEC:
"Data cannot be read by unauthorized parties" is wrong because IPsec provides confidentiality through the usage of the Encapsulating Security Protocol (ESP), once encrypted the data cannot be read by unauthorized parties because they have access only to the ciphertext. This is accomplished by encrypting data using a cryptographic algorithm and a session key, a value known only to the two parties exchanging data. The data can only be decrypted by someone who has a copy of the session key.
"The identity of all IPsec endpoints are confirmed by other endpoints" is wrong because IPsec provides peer authentication: Each IPsec endpoint confirms the identity of the other IPsec endpoint with which it wishes to communicate, ensuring that the network traffic and data is being sent from the expected host.
"The number of packets being exchanged can be counted" is wrong because although
IPsec provides traffic protection where a person monitoring network traffic does not know
which parties are communicating, how often communications are occurring, or how much
data is being exchanged, the number of packets being exchanged still can be counted.
Reference(s) used for this question:
NIST 800-77 Guide to IPsec VPNs . Pages 2-3 to 2-4

 

NEW QUESTION 476
Which of the following is NOT a defined ISO basic task related to network management?

  • A. Fault management
  • B. Accounting resources
  • C. Communications management
  • D. Security management

Answer: C

Explanation:
Section: Network and Telecommunications
Explanation/Reference:
ISO has defined five basic tasks related to network management :
Fault management: Detects the devices that present some kind of fault.
Configuration management: Allows users to know, define and change remotely the configuration of any device.
Accounting resources: Holds the records of the resource usage in the WAN.
Performance management: Monitors usage levels and sets alarms when a threshold has been surpassed.
Security management: Detects suspicious traffic or users and generates alarms accordingly.
Source: Information Systems Audit and Control Association, Certified Information Systems Auditor 2002 review manual, Chapter 3: Technical Infrastructure and Operational Practices (page 137).

 

NEW QUESTION 477
......

Passing Key To Getting SSCP Certified Exam Engine PDF: https://www.testbraindump.com/SSCP-exam-prep.html

SSCP Exam Dumps Pass with Updated Tests Dumps: https://drive.google.com/open?id=1kaWCKz-lQw_NzdZKas9QZuXnszhBh_V7 

Related Articles

more
ISC SSCP Certification Practice Exam

TestBraindump will help you pass the professional IT test with the latest test braindump and test study materials.

Latest Test Braindump

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 TestBraindump NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy