Question # 1
Notifying the appropriate parties to take action in order to determine the extent of the
severity of an incident and to remediate the incident's effects is part of: | | A. A Incident Evaluation
| | B. Incident Recognition
| | C. Incident Protection
| | D. Incident Response |
These are core functions of the incident response process.
"Incident Evaluation" is incorrect. Evaluation of the extent and cause of the incident is a
component of the incident response process.
"Incident Recognition" is incorrect. Recognition that an incident has occurred is the
precursor to the initiation of the incident response process.
"Incident Protection" is incorrect. This is an almost-right-sounding nonsense answer to
distract the unwary.
References
CBK, pp. 698 - 703
Question # 2
A proxy can control which services (FTP and so on) are used by a workstation , and also
aids in protecting the network from outsiders who may be trying to get information about
the: | | A. network's design
| | B. user base
| | C. operating system design
| | D. net BIOS' design |
To the untrusted host, all traffic seems to originate from the proxy server and
addresses on the trusted network are not revealed.
"User base" is incorrect. The proxy hides the origin of the request from the untrusted host.
"Operating system design" is incorrect. The proxy hides the origin of the request from the
untrusted host.
"Net BIOS' design" is incorrect. The proxy hides the origin of the request from the untrusted
host.
References:
CBK, p. 467
AIO3, pp. 486 - 490
Question # 3
Which of the following standards concerns digital certificates? | | A. X.400
| | B. X.25
| | C. X.509
| | D. X.75 |
X.509 is used in digital certificates. X.400 is used in e-mail as a message
handling protocol. X.25 is a standard for the network and data link levels of a
communication network and X.75 is a standard defining ways of connecting two X.25
networks.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 4: Cryptography
(page 164).
Question # 4
In an organization, an Information Technology security function should: | | A. Be a function within the information systems function of an organization.
| | B. Report directly to a specialized business unit such as legal, corporate security or
insurance.
| | C. Be lead by a Chief Security Officer and report directly to the CEO.
| | D. Be independent but report to the Information Systems function. |
C. Be lead by a Chief Security Officer and report directly to the CEO.
In order to offer more independence and get more attention from
management, an IT security function should be independent from IT and report directly to
the CEO. Having it report to a specialized business unit (e.g. legal) is not recommended as
it promotes a low technology view of the function and leads people to believe that it is
someone else's problem.
Source: HARE, Chris, Security management Practices CISSP Open Study Guide, version
1.0, april 1999.
Question # 5
In which phase of Internet Key Exchange (IKE) protocol is peer authentication performed? | | A. Pre Initialization Phase | | B. Phase1 | | C. Phase 2
| | D. No peer authentication is performed |
The Internet Key Exchange (IKE) protocol is a key management protocol
standard that is used in conjunction with the IPSec standard. IKE enhances IPSec by
providing additional features, flexibility, and ease of configuration for the IPSec standard.
IPSec can however, be configured without IKE by manually configuring the gateways
communicating with each other for example.
A security association (SA) is a relationship between two or more entities that describes
how the entities will use security services to communicate securely.
In phase 1 of this process, IKE creates an authenticated, secure channel between the two
IKE peers, called the IKE security association. The Diffie-Hellman key agreement is always
performed in this phase.
In phase 2 IKE negotiates the IPSec security associations and generates the required key
material for IPSec. The sender offers one or more transform sets that are used to specify
an allowed combination of transforms with their respective settings.
Benefits provided by IKE include:
Eliminates the need to manually specify all the IPSec security parameters in the crypto
maps at both peers.
Allows you to specify a lifetime for the IPSec security association.
Allows encryption keys to change during IPSec sessions.
Allows IPSec to provide anti-replay services.
Permits Certification Authority (CA) support for a manageable, scalable IPSec
implementation.
Allows dynamic authentication of peers.
References:
RFC 2409: The Internet Key Exchange (IKE); DORASWAMY, Naganand & HARKINS, Dan, Ipsec: The New Security Standard for the
Internet, Intranets, and Virtual Private Networks, 1999, Prentice Hall PTR;
SMITH, Richard E., Internet Cryptography, 1997, Addison-Wesley Pub Co.
Reference: http://www.ciscopress.com/articles/article.asp?p=25474
Question # 6
What is a TFTP server most useful for? | | A. Transferring configurations to and from network devices.
| | B. Transferring files to web servers.
| | C. Terminal access to network devices.
| | D. Terminal access to file servers |
A. Transferring configurations to and from network devices.
A Trivial File Transfer Protocol (TFTP) server can be used when configuring
network devices to transfer configurations to and from network devices. Many networking
devices now support TFTP.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3:
Telecommunications and Network Security (page 73).
Question # 7
Which of the following terms can be described as the process to conceal data into another
file or media in a practice known as security through obscurity? | | A. Steganography
| | B. ADS - Alternate Data Streams
| | C. Encryption
| | D. NTFS ADS |
It is the art and science of encoding hidden messages in such a way that no
one, apart from the sender and intended recipient, suspects the existence of the message
or could claim there is a message.
It is a form of security through obscurity.The word steganography is of Greek origin and means "concealed writing." It combines the
Greek words steganos (), meaning "covered or protected," and graphei () meaning
"writing."
The first recorded use of the term was in 1499 by Johannes Trithemius in his
Steganographia, a treatise on cryptography and steganography, disguised as a book on
magic. Generally, the hidden messages will appear to be (or be part of) something else:
images, articles, shopping lists, or some other cover text. For example, the hidden
message may be in invisible ink between the visible lines of a private letter.
The advantage of steganography over cryptography alone is that the intended secret
message does not attract attention to itself as an object of scrutiny. Plainly visible
encrypted messages, no matter how unbreakable, will arouse interest, and may in
themselves be incriminating in countries where encryption is illegal. Thus, whereas
cryptography is the practice of protecting the contents of a message alone, steganography
is concerned with concealing the fact that a secret message is being sent, as well as
concealing the contents of the message.It is sometimes referred to as Hiding in Plain Sight. This image of trees blow contains in itanother image of a cat using Steganography.ADS Tree with Cat inside
 C:\Users\MCS\Desktop\1.jpg
This image below is hidden in the picture of the trees above:
C:\Users\MCS\Desktop\1.jpg
Hidden Kitty
As explained here the image is hidden by removing all but the two least significant bits of
each color component and subsequent normalization.
ABOUT MSF and LSF
One of the common method to perform steganography is by hiding bits within the Least
Significant Bits of a media (LSB) or what is sometimes referred to as Slack Space. By
modifying only the least significant bit, it is not possible to tell if there is an hidden message
or not looking at the picture or the media. If you would change the Most Significant Bits
(MSB) then it would be possible to view or detect the changes just by looking at the picture.
A person can perceive only up to 6 bits of depth, bit that are changed past the first sixth bit
of the color code would be undetectable to a human eye.
If we make use of a high quality digital picture, we could hide six bits of data within each of
the pixel of the image. You have a color code for each pixel composed of a Red, Green,
and Blue value. The color code is 3 sets of 8 bits each for each of the color. You could
change the last two bit to hide your data. See below a color code for one pixel in binary
format. The bits below are not real they are just example for illustration purpose:
RED GREEN BLUE
0101 0101 1100 1011 1110 0011
MSB LSB MSB LSB MSB LSB
Let's say that I would like to hide the letter A uppercase within the pixels of the picture. If
we convert the letter "A" uppercase to a decimal value it would be number 65 within the ASCII table , in binary format the value 65 would translet to 01000001
You can break the 8 bits of character A uppercase in group of two bits as follow: 01 00 00
01
Using the pixel above we will hide those bits within the last two bits of each of the color as
follow:
RED GREEN BLUE
0101 0101 1100 1000 1110 0000
MSB LSB MSB LSB MSB LSB
As you can see above, the last two bits of RED was already set to the proper value of 01,
then we move to the GREEN value and we changed the last two bit from 11 to 00, and
finally we changed the last two bits of blue to 00. One pixel allowed us to hide 6 bits of
data. We would have to use another pixel to hide the remaining two bits.
The following answers are incorrect:
- ADS - Alternate Data Streams: This is almost correct but ADS is different from
steganography in that ADS hides data in streams of communications or files while
Steganography hides data in a single file.
- Encryption: This is almost correct but Steganography isn't exactly encryption as much as
using space in a file to store another file.
- NTFS ADS: This is also almost correct in that you're hiding data where you have space to
do so. NTFS, or New Technology File System common on Windows computers has a
feature where you can hide files where they're not viewable under normal conditions. Tools
are required to uncover the ADS-hidden files.
The following reference(s) was used to create this question:
The CCCure Security+ Holistic Tutorial at http://www.cccure.tv
and
Steganography tool
and
http://en.wikipedia.org/wiki/Steganography
ISC SSCP Exam Dumps
5 out of 5
Pass Your System Security Certified Practitioner (SSCP) Exam in First Attempt With SSCP Exam Dumps. Real SSCP Exam Questions As in Actual Exam!
— 1074 Questions With Valid Answers
— Updation Date : 15-Apr-2025
— Free SSCP Updates for 90 Days
— 98% System Security Certified Practitioner (SSCP) Exam Passing Rate
PDF Only Price 49.99$
19.99$
Buy PDF
Speciality
Additional Information
Testimonials
Related Exams
- Number 1 ISC SSCP study material online
- Regular SSCP dumps updates for free.
- System Security Certified Practitioner (SSCP) Practice exam questions with their answers and explaination.
- Our commitment to your success continues through your exam with 24/7 support.
- Free SSCP exam dumps updates for 90 days
- 97% more cost effective than traditional training
- System Security Certified Practitioner (SSCP) Practice test to boost your knowledge
- 100% correct SSCP questions answers compiled by senior IT professionals
ISC SSCP Braindumps
Realbraindumps.com is providing SSCP SSCP braindumps which are accurate and of high-quality verified by the team of experts. The ISC SSCP dumps are comprised of System Security Certified Practitioner (SSCP) questions answers available in printable PDF files and online practice test formats. Our best recommended and an economical package is SSCP PDF file + test engine discount package along with 3 months free updates of SSCP exam questions. We have compiled SSCP exam dumps question answers pdf file for you so that you can easily prepare for your exam. Our ISC braindumps will help you in exam. Obtaining valuable professional ISC SSCP certifications with SSCP exam questions answers will always be beneficial to IT professionals by enhancing their knowledge and boosting their career.
Yes, really its not as tougher as before. Websites like Realbraindumps.com are playing a significant role to make this possible in this competitive world to pass exams with help of SSCP SSCP dumps questions. We are here to encourage your ambition and helping you in all possible ways. Our excellent and incomparable ISC System Security Certified Practitioner (SSCP) exam questions answers study material will help you to get through your certification SSCP exam braindumps in the first attempt.
Pass Exam With ISC SSCP Dumps. We at Realbraindumps are committed to provide you System Security Certified Practitioner (SSCP) braindumps questions answers online. We recommend you to prepare from our study material and boost your knowledge. You can also get discount on our ISC SSCP dumps. Just talk with our support representatives and ask for special discount on SSCP exam braindumps. We have latest SSCP exam dumps having all ISC System Security Certified Practitioner (SSCP) dumps questions written to the highest standards of technical accuracy and can be instantly downloaded and accessed by the candidates when once purchased. Practicing Online SSCP SSCP braindumps will help you to get wholly prepared and familiar with the real exam condition. Free SSCP exam braindumps demos are available for your satisfaction before purchase order.
Send us mail if you want to check ISC SSCP System Security Certified Practitioner (SSCP) DEMO before your purchase and our support team will send you in email.
If you don't find your dumps here then you can request what you need and we shall provide it to you.
Bulk Packages
$50
- Get 3 Exams PDF
- Get $33 Discount
- Mention Exam Codes in Payment Description.
Buy 3 Exams PDF
$70
- Get 5 Exams PDF
- Get $65 Discount
- Mention Exam Codes in Payment Description.
Buy 5 Exams PDF
$100
- Get 5 Exams PDF + Test Engine
- Get $105 Discount
- Mention Exam Codes in Payment Description.
Buy 5 Exams PDF + Engine
 Jessica Doe
SSCP
We are providing ISC SSCP Braindumps with practice exam question answers. These will help you to prepare your System Security Certified Practitioner (SSCP) exam. Buy SSCP SSCP dumps and boost your knowledge.
|
