Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

ISC SSCP - Systems Security Certified Practitioner

Page: 5 / 14
Total 1074 questions

Which of the following is an issue with signature-based intrusion detection systems?

A.

Only previously identified attack signatures are detected.

B.

Signature databases must be augmented with inferential elements.

C.

It runs only on the windows operating system

D.

Hackers can circumvent signature evaluations.

Which of the following statements pertaining to ethical hacking is incorrect?

A.

An organization should use ethical hackers who do not sell auditing, hardware, software, firewall, hosting, and/or networking services.

B.

Testing should be done remotely to simulate external threats.

C.

Ethical hacking should not involve writing to or modifying the target systems negatively.

D.

Ethical hackers never use tools that have the potential of affecting servers or services.

Which of the following is used to monitor network traffic or to monitor host audit logs in real time to determine violations of system security policy that have taken place?

A.

Intrusion Detection System

B.

Compliance Validation System

C.

Intrusion Management System (IMS)

D.

Compliance Monitoring System

Network-based Intrusion Detection systems:

A.

Commonly reside on a discrete network segment and monitor the traffic on that network segment.

B.

Commonly will not reside on a discrete network segment and monitor the traffic on that network segment.

C.

Commonly reside on a discrete network segment and does not monitor the traffic on that network segment.

D.

Commonly reside on a host and and monitor the traffic on that specific host.

Which of the following best describes signature-based detection?

A.

Compare source code, looking for events or sets of events that could cause damage to a system or network.

B.

Compare system activity for the behaviour patterns of new attacks.

C.

Compare system activity, looking for events or sets of events that match a predefined pattern of events that describe a known attack.

D.

Compare network nodes looking for objects or sets of objects that match a predefined pattern of objects that may describe a known attack.

Who is responsible for providing reports to the senior management on the effectiveness of the security controls?

A.

Information systems security professionals

B.

Data owners

C.

Data custodians

D.

Information systems auditors

Which protocol is NOT implemented in the Network layer of the OSI Protocol Stack?

A.

hyper text transport protocol

B.

Open Shortest Path First

C.

Internet Protocol

D.

Routing Information Protocol

A host-based IDS is resident on which of the following?

A.

On each of the critical hosts

B.

decentralized hosts

C.

central hosts

D.

bastion hosts

Which of the following is NOT a fundamental component of an alarm in an intrusion detection system?

A.

Communications

B.

Enunciator

C.

Sensor

D.

Response

Which of the following questions are least likely to help in assessing controls covering audit trails?

A.

Does the audit trail provide a trace of user actions?

B.

Are incidents monitored and tracked until resolved?

C.

Is access to online logs strictly controlled?

D.

Is there separation of duties between security personnel who administer the access control function and those who administer the audit trail?

In what way can violation clipping levels assist in violation tracking and analysis?

A.

Clipping levels set a baseline for acceptable normal user errors, and violations exceeding that threshold will be recorded for analysis of why the violations occurred.

B.

Clipping levels enable a security administrator to customize the audit trail to record only those violations which are deemed to be security relevant.

C.

Clipping levels enable the security administrator to customize the audit trail to record only actions for users with access to user accounts with a privileged status.

D.

Clipping levels enable a security administrator to view all reductions in security levels which have been made to user accounts which have incurred violations.

Knowledge-based Intrusion Detection Systems (IDS) are more common than:

A.

Network-based IDS

B.

Host-based IDS

C.

Behavior-based IDS

D.

Application-Based IDS

Crackers today are MOST often motivated by their desire to:

A.

Help the community in securing their networks.

B.

Seeing how far their skills will take them.

C.

Getting recognition for their actions.

D.

Gaining Money or Financial Gains.

Which of the following technologies is a target of XSS or CSS (Cross-Site Scripting) attacks?

A.

Web Applications

B.

Intrusion Detection Systems

C.

Firewalls

D.

DNS Servers

Which of the following virus types changes some of its characteristics as it spreads?

A.

Boot Sector

B.

Parasitic

C.

Stealth

D.

Polymorphic

What do the ILOVEYOU and Melissa virus attacks have in common?

A.

They are both denial-of-service (DOS) attacks.

B.

They have nothing in common.

C.

They are both masquerading attacks.

D.

They are both social engineering attacks.

Which of the following computer crime is MORE often associated with INSIDERS?

A.

IP spoofing

B.

Password sniffing

C.

Data diddling

D.

Denial of service (DOS)

The high availability of multiple all-inclusive, easy-to-use hacking tools that do NOT require much technical knowledge has brought a growth in the number of which type of attackers?

A.

Black hats

B.

White hats

C.

Script kiddies

D.

Phreakers

What is malware that can spread itself over open network connections?

A.

Worm

B.

Rootkit

C.

Adware

D.

Logic Bomb

What best describes a scenario when an employee has been shaving off pennies from multiple accounts and depositing the funds into his own bank account?

A.

Data fiddling

B.

Data diddling

C.

Salami techniques

D.

Trojan horses