ISC2 Exam SSCP Topic 2 Question 73 Discussion

Actual exam question for ISC2's SSCP exam

Question #: 73
Topic #: 2

[All SSCP Questions]

What can best be defined as the detailed examination and testing of the security features of an IT system or product to ensure that they work correctly and effectively and do not show any logical vulnerabilities, such as evaluation criteria?

AAcceptance testing

BEvaluation

CCertification

DAccreditation

Show Suggested Answer

Suggested Answer: A

The Simple Network Management Protocol (SNMP) is a useful tool for remotely managing network devices.

Since it can be used to reconfigure devices, SNMP traffic should be blocked at the organization's firewall.

Using a VPN with encryption or some type of Tunneling software would be highly recommended in this case.

Source: STREBE, Matthew and PERKINS, Charles, Firewalls 24seven, Sybex 2000, Chapter 4: Sockets and Services from a Security Viewpoint.

by Heike at Jul 24, 2023, 11:48 PM

Limited Time Offer

25%

Off

Get Premium SSCP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Brianne

1 months ago

A) Acceptance testing? Really? That's just the final step, not the whole process. I'm going with C) Certification.

upvoted 0 times

Cecily

16 days ago

Certification ensures that IT systems work correctly and effectively without any logical vulnerabilities.

upvoted 0 times

...

Onita

17 days ago

I think Certification is the best option for detailed examination and testing of security features.

upvoted 0 times

...

Allene

1 months ago

Acceptance testing is just the final step, not the whole process.

upvoted 0 times

...

Dean

2 months ago

D) Accreditation seems like the best answer. The question mentions 'evaluation criteria', and accreditation is the process of evaluating and verifying the quality of a system or product.

upvoted 0 times

Arminda

1 months ago

D) Accreditation is the most specific option that aligns with the description provided in the question.

upvoted 0 times

...

Sunshine

1 months ago

B) Evaluation is a broader term that can include different types of assessments.

upvoted 0 times

...

Markus

1 months ago

A) Acceptance testing is more about ensuring that the system meets the requirements set by the stakeholders.

upvoted 0 times

...

Billi

2 months ago

I'm not sure, but I think it could also be C) Certification.

upvoted 0 times

...

Flo

2 months ago

I'm going with C) Certification. The question talks about ensuring the security features work correctly, and that sounds like a certification process to me.

upvoted 0 times

Precious

17 days ago

I think you both make valid points, but I'm sticking with C) Certification as well. It seems to align closely with the description provided.

upvoted 0 times

...

Tasia

20 days ago

I see your point, but I still think C) Certification is the best fit. It's about ensuring the security features are working correctly.

upvoted 0 times

...

Maynard

23 days ago

I agree with you, but I believe it's D) Accreditation. It's about verifying the security features meet certain standards.

upvoted 0 times

...

Joanne

24 days ago

Yeah, Certification is all about making sure everything works correctly and effectively.

upvoted 0 times

...

Marjory

1 months ago

I think you're right, Certification does involve detailed examination and testing of security features.

upvoted 0 times

...

Lillian

1 months ago

I think it's B) Evaluation. It involves examining and testing the security features to ensure they work effectively.

upvoted 0 times

...

Dannie

2 months ago

I agree with Ezekiel, evaluation makes sense for this question.

upvoted 0 times

...

Jacklyn

2 months ago

Haha, acceptance testing? That's like saying my mom's cooking is the best way to evaluate a restaurant's menu. Clearly, C) Certification is the way to go.

upvoted 0 times

...

Ezekiel

2 months ago

I think the answer is B) Evaluation.

upvoted 0 times

...