SSCP Certification Cheat Sheet 2026

The 30 highest-yield SSCP Certification facts, distilled from real exam questions. Print it, save it as a PDF, or study it here — free, no sign-up.

125 questions
120 min time limit
70.00% to pass
  1. What is 'resilience' in the context of business continuity planning? The organizational capacity to absorb disruptions and rapidly return to normal operations
  2. Which of the following is an illustration of hardening physical infrastructure? Fire suppression system
  3. What is the purpose of an identity governance and administration (IGA) solution? Automate identity lifecycle, access requests, and compliance reporting
  4. Which fire class involves energized electrical equipment, and which extinguishing agent should be used? Class C — CO2 or dry chemical
  5. Recently, Jane discovered a security problem happening on her network. What should she do right now that should be her top priority? Containment
  6. Which type of fire suppression system is most appropriate for a data center to minimize equipment damage? Clean agent (e.g., FM-200) system
  7. Which authentication factor category does a hardware token that generates a one-time password belong to? Something you have
  8. Which backup type copies only the data that changed since the last backup of ANY type? Incremental backup
  9. What type of access control model grants permissions based on organizational roles rather than individual user identities? RBAC
  10. Which backup strategy typically results in the slowest individual restore time? Incremental backup restoration
  11. What one of the following is a network device that makes use of context-based access control? Stateful inspection firewall
  12. During which phase of the incident response lifecycle would an analyst perform root cause analysis to understand how an attacker gained unauthorized access? Post-Incident Activity (Lessons Learned)
  13. What term describes the practice of following an authorized person through a secured door without using your own credentials? Tailgating
  14. What is 'business resumption planning' primarily focused on? Restoring full normal business operations after a disaster has been resolved
  15. Which protocol is most commonly used for federated authentication across web applications and cloud services? SAML
  16. Which of the following best describes a federated identity system? Multiple organizations sharing identity assertions across trust boundaries
  17. Which of the following malicious code detection methods relies on a constantly updated database of known malware file hashes and patterns to identify threats? Signature-based detection
  18. Which of the following BEST describes the primary purpose of a risk register? To document and track identified risks, their analysis, and the planned responses.
  19. What is 'privilege creep' in the context of identity management? Accumulation of access rights beyond what a user currently needs
  20. Which NIST special issue examines security and privacy control evaluation? 800-53A
  21. Which of the following is an example of biometric authentication? Fingerprint scan
  22. Which badge system technology is considered most secure against cloning attacks? 13.56 MHz smart cards with mutual authentication
  23. Which type of lock provides the highest resistance to lock-picking attacks among the options listed? High-security disc-detainer lock
  24. What is a Business Impact Analysis (BIA)? A process that identifies critical business functions and the impact of their disruption
  25. What is the purpose of a 'clean desk policy' as a physical security control? Prevent unauthorized access to sensitive information left unattended
  26. What is the purpose of a visitor management system in a secure facility? Track and control the identity, access, and movement of non-employees within the facility
  27. What physical security measure involves examining trash and discarded materials to find sensitive information? Dumpster diving
  28. Which physical security control uses infrared beams to detect motion or intrusion in a protected area? Passive infrared (PIR) sensor
  29. What is the main difference between a deterrent and a preventive physical security control? Deterrents discourage attacks; preventive controls physically stop them
  30. In Kerberos authentication, what does the Ticket Granting Ticket (TGT) allow a user to do? Request service tickets without re-entering credentials