Secure Checkout


Buy your braindumps confidently with our secure SSL certification and safe payment methods.

Read More
Download Demo


Download the demo of your desired dumps free on just one click before purchase. 100% singup free demo.

Read More


Get your certification in 1st attempt or get your 100% payment back according to our refund policy.

Read More
Customer Support


Resolve your issues and queries quickly with our dedicated 24/7 live customer support team.

Read More


We at Dumpssure certify you that our platform is one of the most authentic website for ISC2 SSCP exam questions and their correct answers. Pass your ISC2 SSCP exam with flying marks, and that too with little effort. With the purchase of this pack, you wil also get free demo questions dumps. We ensure your 100% success in SSCP Exam with the help of our provided material.

DumpsSure offers a unique Online Test Engine where you can fully practice your SSCP exam questions. This is one-of-a-kind feature which our competitors won't provide you. Candidates can practice the way they would want to attempt question at the real examination time.

Dumpssure also offers an exclusive 'Exam Mode' where you can attempt 50 random questions related to your SSCP exam. This mode is exactly the same as of real SSCP certification exam. Attempt all the questions within a limited time and test your knowledge on the spot. This mode will definitely give you an edge in real exam.

Our success rate from past 6 years is above 96% which is quite impressive and we're proud of it. Our customers are able to build their career in any field the wish. Let's dive right in and make the best decision of your life right now. Choose the plan you want, download the SSCP exam dumps and start your preparation for a successful professional.

Why Dumpssure is ever best for the preparation for ISC2 SSCP exam?

Dumpssure is providing free ISC2 SSCP question answers for your practice, to avail this facility you just need to sign up for a free account on Dumpssure. Thousands of customers from entire world are using our SSCP dumps. You can get high grades by using these dumps with money back guarantee on SSCP dumps PDF.

A vital device for your assistance to pass your ISC2 SSCP Exam

Our production experts have been preparing such material which can succeed you in ISC2 SSCP exam in a one day. They are so logical and notorious about the questions and their answers that you can get good marks in ISC2 SSCP exam. So DUMPSSURE is offering you to get excellent marks.

Easy access on your mobile for the users

The basic mean of Dumpssure is to provide the most important and most accurate material for our users. You just need to remain connected to internet for getting updates even on your mobile. After purchasing, you can download the ISC2 SSCP study material in PDF format and can read it easily, where you have desire to study.

ISC2 SSCP Questions and Answers can get instantly

Our provided material is regularly updated step by step for new questions and answers for ISC2 Exam Dumps, so that you can easily check the behaviour of the question and their answers and you can succeed in your first attempt.

ISC2 SSCP Dumps are demonstrated by diligence Experts

We are so keen to provide our users with that questions which are verified by the ISC2 Professionals, who are extremely skilled and have spent many years in this field.

Money Back Guarantee

Dumpssure is so devoted to our customers that we provide to most important and latest questions to pass you in the ISC2 SSCP exam. If you have purchased the complete SSCP dumps PDF file and not availed the promised facilities for the ISC2 exams you can either replace your exam or claim for money back policy which is so simple for more detail visit Guarantee Page.

ISC2 SSCP Sample Questions

Question # 1

Which of the following statements is most accurate regarding a digital signature?

A. It is a method used to encrypt confidential data.
B. It is the art of transferring handwritten signature to electronic media.
C. It allows the recipient of data to prove the source and integrity of data.
D. It can be used as a signature system and a cryptosystem.

Question # 2

Which of the following standards concerns digital certificates?

A. X.400
B. X.25
C. X.509
D. X.75

Question # 3

Which of the following offers confidentiality to an e-mail message?

A. The sender encrypting it with its private key.
B. The sender encrypting it with its public key.
C. The sender encrypting it with the receiver's public key.
D. The sender encrypting it with the receiver's private key.

Question # 4

Which of the following protects Kerberos against replay attacks?

A. Tokens
B. Passwords
C. Cryptography
D. Time stamps

Question # 5

Which of the following is not a DES mode of operation?

A. Cipher block chaining
B. Electronic code book
C. Input feedback
D. Cipher feedback

Question # 6

Which of the following algorithms is used today for encryption in PGP?

C. Blowfish
D. RC5

Question # 7

What size is an MD5 message digest (hash)?

A. 128 bits
B. 160 bits
C. 256 bits
D. 128 bytes

Question # 8

What is the maximum allowable key size of the Rijndael encryption algorithm?

A. 128 bits
B. 192 bits
C. 256 bits
D. 512 bits

Question # 9

Which of the following service is not provided by a public key infrastructure (PKI)?

A. Access control
B. Integrity
C. Authentication
D. Reliability

Question # 10

In a Public Key Infrastructure, how are public keys published?

A. They are sent via e-mail.
B. Through digital certificates.
C. They are sent by owners.
D. They are not published.

Question # 11

Which of the following is NOT a property of the Rijndael block cipher algorithm?

A. The key sizes must be a multiple of 32 bits
B. Maximum block size is 256 bits
C. Maximum key size is 512 bits
D. The key size does not have to match the block size

Question # 12

What principle focuses on the uniqueness of separate objects that must be joined together toperform a task? It is sometimes referred to as “what each must bring” and joined together whengetting access or decrypting a file. Each of which does not reveal the other?

A. Dual control
B. Separation of duties
C. Split knowledge
D. Need to know

Question # 13

Which of the following is a symmetric encryption algorithm?

B. Elliptic Curve
C. RC5
D. El Gamal

Question # 14

What level of assurance for a digital certificate verifies a user's name, address, social securitynumber, and other information against a credit bureau database?

A. Level 1/Class 1
B. Level 2/Class 2
C. Level 3/Class 3
D. Level 4/Class 4

Question # 15

What algorithm has been selected as the AES algorithm, replacing the DES algorithm?

A. RC6
B. Twofish
C. Rijndael
D. Blowfish

Question # 16

Which of the following statements pertaining to block ciphers is incorrect?

A. It operates on fixed-size blocks of plaintext.
B. It is more suitable for software than hardware implementations.
C. Plain text is encrypted with a public key and decrypted with a private key.
D. Some Block ciphers can operate internally as a stream.

Question # 17

What can be defined as secret communications where the very existence of the message is hidden?

A. Clustering
B. Steganography
C. Cryptology
D. Vernam cipher

Question # 18

Which of the following BEST describes a function relying on a shared secret key that is used alongwith a hashing algorithm to verify the integrity of the communication content as well as the sender?

A. Message Authentication Code - MAC
B. PAM - Pluggable Authentication Module
C. NAM - Negative Acknowledgement Message
D. Digital Signature Certificate

Question # 19

What uses a key of the same length as the message where each bit or character from the plaintext is encrypted by a modular addition?

A. Running key cipher
B. One-time pad
C. Steganography
D. Cipher block chaining

Question # 20

Which of the following is true about link encryption?

A. Each entity has a common key with the destination node.
B. Encrypted messages are only decrypted by the final node.
C. This mode does not provide protection if anyone of the nodes along the transmission path is compromised.
D. Only secure nodes are used in this type of transmission.

Question # 21

What can be defined as an instance of two different keys generating the same ciphertext from the same plaintext?

A. Key collision
B. Key clustering
C. Hashing
D. Ciphertext collision

Question # 22

Which of the following services is NOT provided by the digital signature standard (DSS)?

A. Encryption
B. Integrity
C. Digital signature
D. Authentication

Question # 23

Which of the following type of cryptography is used when both parties use the same key tocommunicate securely with each other?

A. Symmetric Key Cryptography
B. PKI - Public Key Infrastructure
C. Diffie-Hellman
D. DSS - Digital Signature Standard

Question # 24

Secure Sockets Layer (SSL) uses a Message Authentication Code (MAC) for what purpose?

A. message non-repudiation.
B. message confidentiality.
C. message interleave checking.
D. message integrity.

Question # 25

What is the RESULT of a hash algorithm being applied to a message ?

A. A digital signature
B. A ciphertext
C. A message digest
D. A plaintext

Question # 26

Which of the following keys has the SHORTEST lifespan?

A. Secret key
B. Public key
C. Session key
D. Private key

Question # 27

Which encryption algorithm is BEST suited for communication with handheld wireless devices?

A. ECC (Elliptic Curve Cryptosystem)
D. RC4

Question # 28

In what type of attack does an attacker try, from several encrypted messages, to figure out the key used in the encryption process?

A. Known-plaintext attack
B. Ciphertext-only attack
C. Chosen-Ciphertext attack
D. Plaintext-only attack

Question # 29

Which of the following answers is described as a random value used in cryptographic algorithmsto ensure that patterns are not created during the encryption process?

A. IV - Initialization Vector
B. Stream Cipher
C. OTP - One Time Pad
D. Ciphertext

Question # 30

Which of the following algorithms does NOT provide hashing?

A. SHA-1
B. MD2
C. RC4
D. MD5

Question # 31

Which type of encryption is considered to be unbreakable if the stream is truly random and is aslarge as the plaintext and never reused in whole or part?

A. One Time Pad (OTP)
B. One time Cryptopad (OTC)
C. Cryptanalysis
D. Pretty Good Privacy (PGP)

Question # 32

Which protocol makes USE of an electronic wallet on a customer's PC and sends encrypted credi card information to merchant's Web server, which digitally signs it and sends it on to its processing bank?

A. SSH ( Secure Shell)
B. S/MIME (Secure MIME)
C. SET (Secure Electronic Transaction)
D. SSL (Secure Sockets Layer)

Question # 33

When we encrypt or decrypt data there is a basic operation involving ones and zeros where theyare compared in a process that looks something like this:0101 0001 Plain text0111 0011 Key stream0010 0010 OutputWhat is this cryptographic operation called?

A. Exclusive-OR
B. Bit Swapping
C. Logical-NOR
D. Decryption

Question # 34

The Diffie-Hellman algorithm is primarily used to provide which of the following?

A. Confidentiality
B. Key Agreement
C. Integrity
D. Non-repudiation

Question # 35

You work in a police department forensics lab where you examine computers for evidence ofcrimes. Your work is vital to the success of the prosecution of criminals.One day you receive a laptop and are part of a two man team responsible for examining ittogether. However, it is lunch time and after receiving the laptop you leave it on your desk and youboth head out to lunch.What critical step in forensic evidence have you forgotten?

A. Chain of custody
B. Locking the laptop in your desk
C. Making a disk image for examination
D. Cracking the admin password with chntpw

Question # 36

Which of the following ASYMMETRIC encryption algorithms is based on the difficulty of FACTORING LARGE NUMBERS?

A. El Gamal
B. Elliptic Curve Cryptosystems (ECCs)
D. International Data Encryption Algorithm (IDEA)

Question # 37

What is NOT true about a one-way hashing function?

A. It provides authentication of the message
B. A hash cannot be reverse to get the message used to create the hash
C. The results of a one-way hash is a message digest
D. It provides integrity of the message

Question # 38

Which of the following is NOT a symmetric key algorithm?

A. Blowfish
B. Digital Signature Standard (DSS)
C. Triple DES (3DES)
D. RC5

Question # 39

This type of attack is generally most applicable to public-key cryptosystems, what type of attackam I ?

A. Chosen-Ciphertext attack
B. Ciphertext-only attack
C. Plaintext Only Attack
D. Adaptive-Chosen-Plaintext attack

Question # 40

Which of the following concerning the Rijndael block cipher algorithm is false?

A. The design of Rijndael was strongly influenced by the design of the block cipher Square.
B. A total of 25 combinations of key length and block length are possible
C. Both block size and key length can be extended to multiples of 64 bits.
D. The cipher has a variable block length and key length.

Question # 41

What is the name of a one way transformation of a string of characters into a usually shorter fixedlength value or key that represents the original string? Such a transformation cannot be reversed?

A. One-way hash
C. Transposition
D. Substitution

Question # 42

What kind of Encryption technology does SSL utilize?

A. Secret or Symmetric key
B. Hybrid (both Symmetric and Asymmetric)
C. Public Key
D. Private key

Question # 43

The computations involved in selecting keys and in enciphering data are complex, and are notpractical for manual use. However, using mathematical properties of modular arithmetic and amethod known as "_________________," RSA is quite feasible for computer use.

A. computing in Galois fields
B. computing in Gladden fields
C. computing in Gallipoli fields
D. computing in Galbraith fields

Question # 44

Which of the following is true about digital certificate?

A. It is the same as digital signature proving Integrity and Authenticity of the data
B. Electronic credential proving that the person the certificate was issued to is who they claim to be
C. You can only get digital certificate from Verisign, RSA if you wish to prove the key belong to a specific user.
D. Can't contain geography data such as country for example.

Question # 45

Which of the following statements is most accurate regarding a digital signature?

A. It is a method used to encrypt confidential data.
B. It is the art of transferring handwritten signature to electronic media.
C. It allows the recipient of data to prove the source and integrity of data.
D. It can be used as a signature system and a cryptosystem.

Question # 46

The Data Encryption Algorithm performs how many rounds of substitution and permutation?

A. 4
B. 16
C. 54
D. 64

Question # 47

Which of the following is NOT a property of a one-way hash function?

A. It converts a message of a fixed length into a message digest of arbitrary length.
B. It is computationally infeasible to construct two different messages with the same digest.
C. It converts a message of arbitrary length into a message digest of a fixed length.
D. Given a digest value, it is computationally infeasible to find the corresponding message.

Question # 48

Which of the following can best be defined as a cryptanalysis technique in which the analyst triesto determine the key from knowledge of some plaintext-ciphertext pairs?

A. A known-plaintext attack
B. A known-algorithm attack
C. A chosen-ciphertext attack
D. A chosen-plaintext attack

Question # 49

Which is NOT a suitable method for distributing certificate revocation information?

A. CA revocation mailing list
B. Delta CRL
C. OCSP (online certificate status protocol)
D. Distribution point CRL

Question # 50

Which of the following can best be defined as a key distribution protocol that uses hybridencryption to convey session keys. This protocol establishes a long-term key once, and thenrequires no prior communication in order to establish or exchange keys on a session-by-sessionbasis?

A. Internet Security Association and Key Management Protocol (ISAKMP)
B. Simple Key-management for Internet Protocols (SKIP)
C. Diffie-Hellman Key Distribution Protocol
D. IPsec Key exchange (IKE)

Question # 51

Which of the following can best define the "revocation request grace period"?

A. The period of time allotted within which the user must make a revocation request upon a revocation reason
B. Minimum response time for performing a revocation by the CA
C. Maximum response time for performing a revocation by the CA
D. Time period between the arrival of a revocation request and the publication of the revocation information

Question # 52

Which of the following is defined as an Internet, IPsec, key-establishment protocol, partly based onOAKLEY, that is intended for putting in place authenticated keying material for use with ISAKMPand for other security associations?

A. Internet Key exchange (IKE)
B. Security Association Authentication Protocol (SAAP)
C. Simple Key-management for Internet Protocols (SKIP)
D. Key Exchange Algorithm (KEA)

Question # 53

Which of the following is defined as a key establishment protocol based on the Diffie-Hellmanalgorithm proposed for IPsec but superseded by IKE?

A. Diffie-Hellman Key Exchange Protocol
B. Internet Security Association and Key Management Protocol (ISAKMP)
C. Simple Key-management for Internet Protocols (SKIP)

Question # 54

Which of the following is an Internet IPsec protocol to negotiate, establish, modify, and deletesecurity associations, and to exchange key generation and authentication data, independent of thedetails of any specific key generation technique, key establishment protocol, encryption algorithm,or authentication mechanism?

B. Internet Security Association and Key Management Protocol (ISAKMP)
C. Simple Key-management for Internet Protocols (SKIP)
D. IPsec Key exchange (IKE)

Question # 55

Which of the following can be best defined as computing techniques for inseparably embeddingunobtrusive marks or labels as bits in digital data and for detecting or extracting the marks later?

A. Steganography
B. Digital watermarking
C. Digital enveloping
D. Digital signature

Question # 56

What can be defined as a value computed with a cryptographic algorithm and appended to a dataobject in such a way that any recipient of the data can use the signature to verify the data's originand integrity?

A. A digital envelope
B. A cryptographic hash
C. A Message Authentication Code
D. A digital signature

Question # 57

Which of the following would best define a digital envelope?

A. A message that is encrypted and signed with a digital certificate.
B. A message that is signed with a secret key and encrypted with the sender's private key.
C. A message encrypted with a secret key attached with the message. The secret key is encryptedwith the public key of the receiver.
D. A message that is encrypted with the recipient's public key and signed with the sender's privatekey.

Question # 58

A X.509 public key certificate with the key usage attribute "non repudiation" can be used for which of the following?

A. encrypting messages
B. signing messages
C. verifying signed messages
D. decrypt encrypted messages

Question # 59

What enables users to validate each other's certificate when they are certified under differentcertification hierarchies?

A. Cross-certification
B. Multiple certificates
C. Redundant certification authorities
D. Root certification authorities

Question # 60

What does the directive of the European Union on Electronic Signatures deal with?

A. Encryption of classified data
B. Encryption of secret data
C. Non repudiation
D. Authentication of web servers

Question # 61

What is the name of the third party authority that vouches for the binding between the data itemsin a digital certificate?

A. Registration authority
B. Certification authority
C. Issuing authority
D. Vouching authority

Question # 62

What kind of certificate is used to validate a user identity?

A. Public key certificate
B. Attribute certificate
C. Root certificate
D. Code signing certificate

Question # 63

What can be defined as a data structure that enumerates digital certificates that were issued toCAs but have been invalidated by their issuer prior to when they were scheduled to expire?

A. Certificate revocation list
B. Certificate revocation tree
C. Authority revocation list
D. Untrusted certificate list

Question # 64

What is the primary role of smartcards in a PKI?

A. Transparent renewal of user keys
B. Easy distribution of the certificates between the users
C. Fast hardware encryption of the raw data
D. Tamper resistant, mobile storage and application of private keys of the users.

Question # 65

What can be defined as a digital certificate that binds a set of descriptive data items, other than apublic key, either directly to a subject name or to the identifier of another certificate that is a publickey certificate?

A. A public-key certificate
B. An attribute certificate
C. A digital certificate
D. A descriptive certificate

Question # 66

Which of the following binds a subject name to a public key value?

A. A public-key certificate
B. A public key infrastructure
C. A secret key infrastructure
D. A private key certificate

Question # 67

What attribute is included in a X.509-certificate?

A. Distinguished name of the subject
B. Telephone number of the department
C. secret key of the issuing CA
D. the key pair of the certificate holder

Question # 68

What is the name of the protocol use to set up and manage Security Associations (SA) for IPSecurity (IPSec)?

A. Internet Key Exchange (IKE)
B. Secure Key Exchange Mechanism
C. Oakley
D. Internet Security Association and Key Management Protocol

Question # 69

Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:

A. Not possible
B. Only possible with key recovery scheme of all user keys
C. It is possible only if X509 Version 3 certificates are used
D. It is possible only by "brute force" decryption

Question # 70

What is the main problem of the renewal of a root CA certificate?

A. It requires key recovery of all end user keys
B. It requires the authentic distribution of the new root CA certificate to all PKI participants
C. It requires the collection of the old root CA certificates from all the users
D. It requires issuance of the new root CA certificate

Question # 71

Which of the following statements pertaining to Secure Sockets Layer (SSL) is false?

A. The SSL protocol was developed by Netscape to secure Internet client-server transactions.
B. The SSL protocol's primary use is to authenticate the client to the server using public keycryptography and digital certificates.
C. Web pages using the SSL protocol start with HTTPS
D. SSL can be used with applications such as Telnet, FTP and email protocols.

Question # 72

What kind of encryption is realized in the S/MIME-standard?

A. Asymmetric encryption scheme
B. Password based encryption scheme
C. Public key based, hybrid encryption scheme
D. Elliptic curve based encryption

Question # 73

Which of the following was developed in order to protect against fraud in electronic fund transfers(EFT) by ensuring the message comes from its claimed originator and that it has not been alteredin transmission?

A. Secure Electronic Transaction (SET)
B. Message Authentication Code (MAC)
C. Cyclic Redundancy Check (CRC)
D. Secure Hash Standard (SHS)

Question # 74

What is the primary role of cross certification?

A. Creating trust between different PKIs
B. Build an overall PKI hierarchy
C. set up direct trust to a second root CA
D. Prevent the nullification of user certificates by CA certificate revocation

Question # 75

Which of the following elements is NOT included in a Public Key Infrastructure (PKI)?

A. Timestamping
B. Repository
C. Certificate revocation
D. Internet Key Exchange (IKE)

What Our Client Says