SSCP Certification Cheat Sheet 2026
The 30 highest-yield SSCP Certification facts, distilled from real exam questions. Print it, save it as a PDF, or study it here — free, no sign-up.
125 questions
120 min time limit
70.00% to pass
- What is 'resilience' in the context of business continuity planning? → The organizational capacity to absorb disruptions and rapidly return to normal operations
- Which of the following is an illustration of hardening physical infrastructure? → Fire suppression system
- What is the purpose of an identity governance and administration (IGA) solution? → Automate identity lifecycle, access requests, and compliance reporting
- Which fire class involves energized electrical equipment, and which extinguishing agent should be used? → Class C — CO2 or dry chemical
- Recently, Jane discovered a security problem happening on her network. What should she do right now that should be her top priority? → Containment
- Which type of fire suppression system is most appropriate for a data center to minimize equipment damage? → Clean agent (e.g., FM-200) system
- Which authentication factor category does a hardware token that generates a one-time password belong to? → Something you have
- Which backup type copies only the data that changed since the last backup of ANY type? → Incremental backup
- What type of access control model grants permissions based on organizational roles rather than individual user identities? → RBAC
- Which backup strategy typically results in the slowest individual restore time? → Incremental backup restoration
- What one of the following is a network device that makes use of context-based access control? → Stateful inspection firewall
- During which phase of the incident response lifecycle would an analyst perform root cause analysis to understand how an attacker gained unauthorized access? → Post-Incident Activity (Lessons Learned)
- What term describes the practice of following an authorized person through a secured door without using your own credentials? → Tailgating
- What is 'business resumption planning' primarily focused on? → Restoring full normal business operations after a disaster has been resolved
- Which protocol is most commonly used for federated authentication across web applications and cloud services? → SAML
- Which of the following best describes a federated identity system? → Multiple organizations sharing identity assertions across trust boundaries
- Which of the following malicious code detection methods relies on a constantly updated database of known malware file hashes and patterns to identify threats? → Signature-based detection
- Which of the following BEST describes the primary purpose of a risk register? → To document and track identified risks, their analysis, and the planned responses.
- What is 'privilege creep' in the context of identity management? → Accumulation of access rights beyond what a user currently needs
- Which NIST special issue examines security and privacy control evaluation? → 800-53A
- Which of the following is an example of biometric authentication? → Fingerprint scan
- Which badge system technology is considered most secure against cloning attacks? → 13.56 MHz smart cards with mutual authentication
- Which type of lock provides the highest resistance to lock-picking attacks among the options listed? → High-security disc-detainer lock
- What is a Business Impact Analysis (BIA)? → A process that identifies critical business functions and the impact of their disruption
- What is the purpose of a 'clean desk policy' as a physical security control? → Prevent unauthorized access to sensitive information left unattended
- What is the purpose of a visitor management system in a secure facility? → Track and control the identity, access, and movement of non-employees within the facility
- What physical security measure involves examining trash and discarded materials to find sensitive information? → Dumpster diving
- Which physical security control uses infrared beams to detect motion or intrusion in a protected area? → Passive infrared (PIR) sensor
- What is the main difference between a deterrent and a preventive physical security control? → Deterrents discourage attacks; preventive controls physically stop them
- In Kerberos authentication, what does the Ticket Granting Ticket (TGT) allow a user to do? → Request service tickets without re-entering credentials
Turn these facts into recall: