Free Access to ISC.SSCP.v2023-01-01.q803 with Valid Practice Test (Page 129)

Request Exam Contact

Home
View All Exams
New QA's
Upload

PRACTICE EXAMS:

Oracle
Fortinet
Juniper
Microsoft
Cisco
Citrix
CompTIA
VMware
ISC
SAP
EMC
PMI
HP
Salesforce
Other

Oracle
Fortinet
Juniper
Microsoft
Cisco
Citrix
CompTIA
VMware
ISC
SAP
EMC
PMI
HP
Salesforce

Home
ISC Certification
SSCP Exam
ISC.SSCP.v2023-01-01.q803 Dumps

««
«
…
124
125
126
127
128
129
130
131
132
133
…
»
»»

Question 636

Which of the following is not a security goal for remote access?

A.Reliable authentication of users and systems
B.Protection of confidential data
C.Easy to manage access control to systems and network resources
D.Automated login for remote users

Correct Answer: D

Explanation/Reference:
An automated login function for remote users would imply a weak authentication, thus certainly not a security goal.
Source: TIPTON, Harold F. & KRAUSE, Micki, Information Security Management Handbook, 4th edition, volume 2, 2001, CRC Press, Chapter 5: An Introduction to Secure Remote Access (page 100).

Comment: *

Name: *

Email: *

Verification: *

insert code

Question 637

Why is Network File System (NFS) used?

A.It enables two different types of file systems to interoperate.
B.It enables two different types of file systems to share Sun applications.
C.It enables two different types of file systems to use IP/IPX.
D.It enables two different types of file systems to emulate each other.

Correct Answer: A

Explanation/Reference:
Network File System (NFS) is a TCP/IP client/server application developed by Sun that enables different types of file systems to interoperate regardless of operating system or network architecture.
Source: KRUTZ, Ronald L & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 88.

Comment: *

Name: *

Email: *

Verification: *

insert code

Question 638

Insiders have a clear advantage in committing computer crime. Which two of the following do they possess? (Choose two)

A.Advantage
B.Motive
C.Outside connections
D.Means
E.Opportunity
F.Tools

Correct Answer: D,E

Insiders possess the means and opportunity to commit a computer crime. All that is lacking is a motive.

Comment: *

Name: *

Email: *

Verification: *

insert code

Question 639

Which of the following is NOT a common integrity goal?

A.Prevent unauthorized users from making modifications.
B.Maintain internal and external consistency.
C.Prevent authorized users from making improper modifications.
D.Prevent paths that could lead to inappropriate disclosure.

Correct Answer: D

Explanation/Reference:
Inappropriate disclosure is a confidentiality, not an integrity goal.
All of the other choices above are integrity goals addressed by the Clark-Wilson integrity model.
The Clark-Wilson model is an integrity model that addresses all three integrity goals:
1. prevent unauthorized users from making modifications,
2. prevent authorized users from making improper modifications, and
3. maintain internal and external consistency through auditing.
NOTE: Biba address only the first goal of integrity above
Reference(s) used for this question:
Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 1384). McGraw-Hill. Kindle Edition.

Comment: *

Name: *

Email: *

Verification: *

insert code

Question 640

What setup should an administrator use for regularly testing the strength of user passwords?

A.A networked workstation so that the live password database can easily be accessed by the cracking program.
B.A networked workstation so the password database can easily be copied locally and processed by the cracking program.
C.A standalone workstation on which the password database is copied and processed by the cracking program.
D.A password-cracking program is unethical; therefore it should not be used.

Correct Answer: C

Explanation/Reference:
Poor password selection is frequently a major security problem for any system's security. Administrators should obtain and use password-guessing programs frequently to identify those users having easily guessed passwords.
Because password-cracking programs are very CPU intensive and can slow the system on which it is running, it is a good idea to transfer the encrypted passwords to a standalone (not networked) workstation.
Also, by doing the work on a non-networked machine, any results found will not be accessible by anyone unless they have physical access to that system.
Out of the four choice presented above this is the best choice.
However, in real life you would have strong password policies that enforce complexity requirements and does not let the user choose a simple or short password that can be easily cracked or guessed. That would be the best choice if it was one of the choice presented.
Another issue with password cracking is one of privacy. Many password cracking tools can avoid this by only showing the password was cracked and not showing what the password actually is. It is masking the password being used from the person doing the cracking.
Source: National Security Agency, Systems and Network Attack Center (SNAC), The 60 Minute Network Security Guide, February 2002, page 8.

Comment: *

Name: *

Email: *

Verification: *

insert code

««
«
…
124
125
126
127
128
129
130
131
132
133
…
»
»»

[×]

Download PDF File

Enter your email address to download ISC.SSCP.v2023-01-01.q803 Dumps

Email:

Our website provides the Largest and the most Latest vendors Certification Exam materials around the world.

Using dumps we provide to Pass the Exam, we has the Valid Dumps with passing guranteed just which you need.

DMCA
About
Contact Us
Privacy Policy
Terms & Conditions

©2026 FreeQAs

www.freeqas.com materials do not contain actual questions and answers from Cisco's certification exams.

Web Analytics Made Easy - Statcounter