Security Administrator Certification - SSCP Exam | Violation Record Forgiveness

Violation Record Forgiveness

Prev Question Next Question

Question

The number of violations that will be accepted or forgiven before a violation record is produced is called which of the following?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

A.

The correct answer is "clipping level"

This is the point at which a system decides to take some sort of action when an action repeats a preset number of times.

That action may be to log the activity, lock a user account, temporarily close a port, etc.

Example: The most classic example of a clipping level is failed login attempts.

If you have a system configured to lock a user's account after three failed login attemts, that is the "clipping level"

The other answers are not correct because: Acceptance level, forgiveness level, and logging level are nonsensical terms that do not exist (to my knowledge) within network security.

I cannot find it in the text either.

However, I'm quite certain that it would be considered part of the CBK, despite its exclusion from the Official Guide.

All in One Third Edition page: 136 - 137

The answer is C. forgiveness level.

In security systems, a violation occurs when a security policy is broken or when a security breach is attempted or successful. These violations are typically logged for audit and analysis purposes. However, it is not practical or useful to log every single violation that occurs, as this can generate an overwhelming amount of data that is difficult to manage and analyze.

To address this issue, security systems typically allow for a certain number of violations to be forgiven or ignored before they are logged. This is known as the forgiveness level. The forgiveness level is set to a specific value, and when the number of violations that occur is less than or equal to this value, they are not logged. However, once the number of violations exceeds the forgiveness level, a violation record is generated and logged for analysis.

For example, let's say a security system is configured with a forgiveness level of 10. This means that if 10 or fewer violations occur, they will not be logged. However, if 11 or more violations occur, a violation record will be generated and logged.

The other answer options are not correct:

A. Clipping level refers to the process of limiting or reducing the amplitude of a signal. It is not related to security violations.

B. Acceptance level is not a standard term in security systems. It could refer to a threshold for accepting a security policy, but it is not related to the number of violations.

D. Logging level refers to the amount of detail that is logged by a security system. It is not specific to the number of violations that are logged.