ISC-SSCP

SSCP A central authority determines what subjects can have access to certain objects based on the organizational security policy is called:

SSCP What is called the act of a user professing an identity to a system, usually in the form of a log-on ID?

SSCP What is called the verification that the user's claimed identity is valid and is usually implemented through a user password at log-on time?

SSCP Which one of the following factors is NOT one on which Authentication is based?

SSCP Which type of password provides maximum security because a new password is required for each new log-on?

SSCP What is called a password that is the same for each log-on session?

SSCP Which of the following would be true about Static password tokens?

SSCP What is called an automated means of identifying or authenticating the identity of a living person based on physiological or behavioral characteristics?

SSCP In biometrics, "one-to-many" search against database of stored biometric images is done in:

SSCP In biometrics, the "one-to-one" search used to verify claim to an identity made by a person is considered:

SSCP What is called the percentage of valid subjects that are falsely rejected by a Biometric Authentication system?

SSCP Which of the following offers advantages such as the ability to use stronger passwords, easier password administration, one set of credential, and faster resource access?

SSCP Which of the following is implemented through scripts or smart agents that replays the users multiple log-ins against authentication servers to verify a user's identity which permit access to system services?

SSCP Which of the following is a trusted, third party authentication protocol that was developed under Project Athena at MIT?

SSCP Which of the following is addressed by Kerberos?

SSCP Like the Kerberos protocol, SESAME is also subject to which of the following?

SSCP Which of the following biometric devices offers the LOWEST CER?

SSCP Which of the following statements pertaining to access control is false?

SSCP Which access control model is also called Non Discretionary Access Control (NDAC)?

SSCP What can be defined as a list of subjects along with their access rights that are authorized to access a specific object?

SSCP What is the difference between Access Control Lists (ACLs) and Capability Tables?

SSCP How are memory cards and smart cards different?

SSCP What is the main focus of the Bell-LaPadula security model?

SSCP What Orange Book security rating is reserved for systems that have been evaluated but fail to meet the criteria and requirements of the higher divisions?

SSCP Smart cards are an example of which type of control?

SSCP What security model implies a central authority that define rules and sometimes global rules, dictating what subjects can have access to what objects?

SSCP Which of the following statements pertaining to biometrics is false?

SSCP Which of the following statements pertaining to Kerberos is TRUE?

SSCP Which of the following centralized access control mechanisms is the least appropriate for mobile workers accessing the corporate network over analog lines?

SSCP What refers to legitimate users accessing networked services that would normally be restricted to them?