SSCP Exam Prep 2023


Apr 25, 2015
The exam preparation is broken up into 7 areas (topics) also known as domains.
There are a total of 308 exam prep questions, with the question count per area broken up below:

Security Operations and Administration45
Access Controls55
Risk Identification, Monitoring, and Analysis42
Incident Response and Recovery42
Network and Communication Security43
Systems and Application Security39

The 7 domains are weighted differently on the exam, and they have changed over time. Here is an example of the weighted criticality of each domain while sitting for the SSCP exam:

That said, because people that make these exams are more-or-less idiots that seek to deliver trivia questions for encyclopedic answers, allow me to make it easier for you on what you should focus on in order of most, to least importance:
  1. Network and Communications Security
  2. Security Operations and Administration
  3. Access Controls
  4. Risk Identification, Monitoring, and Analysis
  5. Systems and Application Security
  6. Incident Response and Recovery
  7. Cryptography

The best way I learn, and will be presenting this information is by attaching all of the questions/answers/explanations for the different sections. This is going to get you up-to-speed on what you should be focusing on, because whatever you are answering incorrectly you will want to learn about. From there, you know what flash cards to especially focus on, or what books to read - along with the relevant topics or domains to dive more deeply into.

My goal in publishing this is to save you:
less stress

All of this information can be acquired entirely for free, but is oftentimes hidden away behind 'registration walls,' that have 10+ clicks deep, filling out several text fields, and such. So, this is ultimately free study material, and I am just increasing accessibility. ;)

Keep in mind that while taking the practice exams, reading explanations for right answers is extremely useful. As you incorrectly answer, document the domain you are scoring poorly in and brush up on that specific domain in either LinkedIn videos, Pluralsight, or any books such as

PDFs coming in the next post.
Last edited:


Apr 25, 2015
Password: Noirth

The attached PDF is the Systems and Application Security. The questions within include:
  • Which attack attempts to steal information from victims by tricking them into visiting false or fake Web sites using a spoofed email communication that seems to originate from a legitimate source? Phishing
  • How can someone new to the concept of virtualization quickly get a working guest OS running within a hypervisor? Use an appliance.
  • What is the name of the software layer or component that enables the creation of virtual machines and may be installed on top of an existing OS or may be installed directly on the bare metal of the computer?
  • What is the legal process by which law enforcement officials, including attorneys, can make formal requests to obtain digital information in relation to a legal action, investigation, or court proceeding?
  • How is it possible to execute alternate platform applications or host entire operating systems in memory on top of an existing host OS?
  • How is a hybrid cloud implemented?
  • When performing system hardening, what are the two primary phases or operations to be performed?
  • What form of social engineering tricks a victim into contacting the attacker to ask for technical support?
  • Which security rule should be implemented to minimize risk of malware infection of endpoint systems?
  • When using a cloud solution as a component of a backup strategy, what is the most important concern?
  • Which malware attempts to embed itself deeply into a system in order to hide itself and other items, such as files, folders, or even executable processes?
  • Selecting a cloud provider can be a challenge. Often, it is not possible to determine whether a provider's services are sufficient for your needs until you have started using its service. If you determine that an initial cloud system is insufficient and you need to move your data and custom code to a different cloud provider, what is needed as a feature of the initial cloud provider that did not work out for you?
  • What is the primary benefit of COPE?
  • What would the most successful means of attacking an environment relying upon guest OSes that would result in the destruction or loss of use of the guest OSes be?
  • How can skilled IT workers evaluate new software without exposing their systems to infection or malware compromise?
  • What is a significant benefit of a HIDS installed on an endpoint system which is not generally possible with a NIDS?
  • Which type of cloud deployment involves several businesses working together to create a cloud system which they can each use?
  • How can a company ensure protection against eavesdropping and session hijacking for its workers connecting to a public cloud?
  • What is one of the more complicated legal concerns related to cloud computing when a legal investigation needs to obtain evidence, but the evidence may be stored on systems in a borderless cloud solution spread across multiple countries?
  • Which type of secure implementation of client devices has brought back a concept from the mainframe era where systems on a worker's desk have minimal storage and computational capacity?
  • Which security tool is used to detect known examples of malware?
  • What is a means to ensure that endpoint devices can interact with the Internet while minimizing risk of system compromise?
  • Which of the following is NOT a means to implement a Denial of Service (DoS) attack?
  • What type of attack cannot be blocked or resolved with a software fix or a hardware upgrade?
  • What is the benefit of endpoint device encryption for communications?
  • Which form of cloud services provides the benefit of reduced hardware costs for an organization, allows for selection of operating systems, enables execution of custom code, and provides network address assignments and management?
  • What is a benefit of a host-based firewall?
  • How can a user be assured that a file downloaded from a vendor's Web site is free from malicious code?
  • Performing essential business processes in a cloud solution is an attractive concept for many organizations. What needs to be crafted and reviewed carefully to ensure that a cloud service provides the necessarily level of service and security demanded by your organization and which is legally enforceable?
  • What special component on a motherboard can be used to securely store the encryption key for whole drive encryption?
  • Which malicious activity countermeasure is most effective at removing vulnerable elements from an organization's IT infrastructure?
  • What is the security technology where approved software is allowed to execute but all other forms of code are blocked by default?
  • Which of the following is the least effective means to share files between multiple guest OSes?
  • Which term refers to the virtualization of networking which grants more control and flexibility over networking than using the traditional hardware-only means of network management?
  • What virtual environment tool allows for testing and experimentation within a guest OS while providing a means to roll-back to a previous stable state in just seconds?
  • How does a Trojan horse get past security mechanisms to harm a victim?
  • Which of the following is the best security mechanism to minimize risk when browsing the Internet?
  • How can a user avoid being seriously harmed by ransomware?
  • What is the company security policy that allows workers to use their own personal equipment to interact with company resources?

You will find all answers within the PDF, and explanations. It is completely free to register here.


  • Systems and Application Security.pdf
    238.6 KB · Views: 13