Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Free Resources

Difficulty IndexLearn — Free ChaptersIT GlossaryFree Tools & LabsStudy GuidesCareer RoadmapsBrowse by VendorCisco Command ReferenceCCNA Scenarios

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsSSCPDomainsNetwork and Communications Security
SSCPFree — No Signup

Network and Communications Security

Practice SSCP Network and Communications Security questions with full explanations on every answer.

79questions

Start practicing

Network and Communications Security — choose a session length

10 questions~10 min20 questions~20 min30 questions~30 min50 questions~50 min

Free · No account required

SSCP Domains

Access ControlsRisk Identification, Monitoring, and AnalysisIncident Response and RecoverySecurity Operations and AdministrationCryptographyNetwork and Communications SecuritySystems and Application SecurityRisk Identification, Monitoring and Analysis

Practice Network and Communications Security questions

10Q20Q30Q50Q

All SSCP Network and Communications Security questions (79)

Start session

Click any question to see the full explanation and answer options, or start a focused practice session above.

1

Which protocol and port combination is commonly used for secure remote administration of a server?

2

A security analyst notices an unusual number of ARP replies on the network where one MAC address is claiming to be multiple IP addresses. Which type of attack is most likely occurring?

3

A company wants to deploy a firewall that can track the state of active connections and make decisions based on the context of traffic flows. Which firewall type should they choose?

4

During a wireless penetration test, an attacker captures the four-way handshake of a WPA2-PSK network and attempts to crack the passphrase offline. Which attack is the attacker likely using?

5

Which protocol is used for secure web browsing and operates on TCP port 443?

6

An organization wants to ensure that only authorized devices can connect to the corporate wired network. Which technology should they implement to enforce this?

7

A network administrator wants to block all inbound traffic except for web and email services. Which firewall rule configuration would achieve this?

8

Which of the following is a characteristic of TLS 1.3 that improves security over previous versions?

9

Which attack sends a flood of forged ICMP echo requests to a network's broadcast address to overwhelm a target?

10

A company is deploying a VPN for remote employees. They require strong encryption and authentication, and the solution must be compatible with native OS clients without additional software. Which VPN protocol is most appropriate?

11

During a security audit, a penetration tester successfully extracts the PMKID from a wireless beacon. What information can be derived from this attack?

12

Which UDP port is used by the Simple Network Management Protocol (SNMP) for receiving traps?

13

A security engineer is designing a network segmentation strategy to isolate a DMZ containing public-facing web servers from the internal corporate network. Which TWO controls should be implemented? (Select two)

14

A company is migrating from WPA2 to WPA3 for wireless security. Which THREE features does WPA3 introduce? (Select three)

15

A network administrator is troubleshooting a DNS poisoning attack. Which TWO countermeasures can help prevent such attacks? (Select two)

16

Which of the following network protocols operates on TCP port 22 and provides secure remote administration of network devices?

17

An attacker sends a flood of DHCP request packets with spoofed MAC addresses to exhaust the DHCP server's IP address pool, preventing legitimate clients from obtaining IP addresses. This attack is known as:

18

During a penetration test, a security analyst captures a packet containing a gratuitous ARP reply that associates the attacker's MAC address with the default gateway's IP address. This is a classic indicator of which attack?

19

Which of the following wireless security protocols uses AES-CCMP and is based on the 802.11i standard?

20

A security administrator is configuring a VPN between two branch offices. The requirement is to encrypt the entire original IP packet and add a new IP header for routing over the internet. Which IPsec mode should be used?

21

An organization wants to deploy a firewall that can inspect the payload of application-layer protocols such as HTTP and FTP, and make access decisions based on application data. Which type of firewall best meets this requirement?

22

Which attack exploits the lack of IV (Initialization Vector) randomness in the RC4 algorithm to recover the Wi-Fi password, and is considered completely broken?

23

Which of the following is a connectionless transport layer protocol primarily used for services like DNS and DHCP?

24

A security team is implementing Network Access Control (NAC) to enforce endpoint compliance before granting network access. Which technology allows port-based authentication on wired networks?

25

Which of the following best describes the function of SYN cookies in mitigating SYN flood attacks?

26

An organization is planning to deploy a remote access VPN for employees. The solution must support strong encryption, mutual authentication, and work through firewalls without requiring additional ports. Which technology is most suitable?

27

Which of the following is a common defense against ARP spoofing attacks on a local area network?

28

A security analyst is investigating a network incident. Which TWO of the following are indicators of a man-in-the-middle attack using ARP spoofing? (Select TWO)

29

Which THREE of the following are security features of WPA3 compared to WPA2? (Select THREE)

30

A company is designing a network with multiple security zones. Which TWO of the following are best practices for network segmentation? (Select TWO)

31

Which protocol is used to securely transfer files over a network and operates on TCP port 22?

32

Which UDP port is used by the Dynamic Host Configuration Protocol (DHCP) for server communication?

33

An attacker sends a forged ARP reply associating the attacker's MAC address with the IP address of the default gateway. What type of attack is this?

34

A network administrator notices that legitimate clients are unable to obtain IP addresses from the DHCP server. The network logs show a high volume of DHCP Discover messages from different MAC addresses. Which attack is most likely occurring?

35

Which security control can prevent a rogue DHCP server from assigning incorrect gateway addresses to clients?

36

An organization deploys a firewall that examines the entire packet, including application-layer data, and can block specific commands or content. Which type of firewall is this?

37

Which wireless security standard introduced the Simultaneous Authentication of Equals (SAE) handshake to replace the pre-shared key (PSK) method?

38

A security analyst discovers that an attacker has set up a fake wireless access point with the same SSID as the corporate network. Users are unknowingly connecting to it. What is this attack called?

39

In IPsec VPNs, which protocol provides authentication and encryption of the entire IP packet, including the IP header, in tunnel mode?

40

Which of the following is a primary advantage of using TLS 1.3 over earlier versions?

41

What is the default port for Microsoft SQL Server?

42

Which network security control can enforce that only authorized devices with current antivirus and patches can connect to the network?

43

Which TWO of the following are methods to defend against SYN flood attacks? (Select TWO)

44

Which TWO of the following are characteristics of a Smurf attack? (Select TWO)

45

Which THREE of the following are valid considerations when deploying a remote access VPN using SSL/TLS? (Select THREE)

46

Which transport layer protocol is used by DNS for its queries and responses, and why is it appropriate?

47

An attacker sends a gratuitous ARP reply associating the attacker's MAC address with the default gateway's IP address. Which attack is being performed, and what is the primary risk?

48

A security administrator is configuring a firewall to allow outbound web traffic from internal users. The firewall must inspect the application layer data to block malicious URLs. Which type of firewall should be used?

49

Which wireless security standard replaces WPA2 and mandates Protected Management Frames (PMF) to prevent certain types of attacks?

50

During a security assessment, a penetration tester discovers that the network uses WPA2-PSK. Which attack could be used to recover the pre-shared key without interacting with the access point after capturing a single handshake?

51

A security engineer is configuring a site-to-site VPN between two branch offices using IPsec in tunnel mode. Which protocol provides both authentication and encryption of the entire original IP packet?

52

An organization wants to ensure that only corporate-managed devices can connect to the internal network. Non-compliant devices should be placed in a restricted VLAN with limited access. Which technology should be deployed?

53

Which TCP port is commonly used for secure web traffic (HTTPS) and is often allowed through firewalls for web browsing?

54

A system administrator notices a high number of half-open TCP connections to the company's web server. The server is becoming unresponsive. Which attack is likely occurring, and which mitigation is effective?

55

A security analyst discovers that an internal DNS server is returning incorrect IP addresses for legitimate domains. The analyst suspects that an attacker has compromised the DNS resolver's cache. Which type of attack has likely occurred?

56

Which protocol is used to securely transfer files between a client and server, typically over TCP port 22?

57

A network administrator is tasked with segmenting the network to isolate a DMZ containing public-facing web servers from the internal corporate network. Which device should be placed between the DMZ and internal network, and what type of traffic should it allow?

58

A security auditor is reviewing the configuration of a remote access VPN. Which TWO features are considered best practices for securing the VPN connection?

59

An organization is deploying a network-based intrusion detection system (NIDS). The security team must decide on placement and configuration. Which THREE considerations are critical for effective NIDS deployment?

60

During a wireless site survey, a security engineer identifies several security weaknesses. Which TWO measures should be implemented to improve wireless security for a corporate network using WPA2-Enterprise?

61

Which of the following protocols operates on TCP port 443 and provides encrypted communication between a web browser and a web server?

62

An attacker sends a large number of DHCP request messages with spoofed MAC addresses to a network's DHCP server, causing the server to exhaust its IP address pool and deny service to legitimate clients. This attack is known as:

63

A security analyst is investigating a network where an attacker successfully redirected traffic from a legitimate web server to a malicious server by corrupting the target domain's DNS records in a local resolver cache. Which attack technique was used?

64

A company wants to implement a firewall that can track the state of network connections and make decisions based on the context of traffic (e.g., allowing return packets for an established connection). Which type of firewall should they choose?

65

Which wireless security protocol uses the Simultaneous Authentication of Equals (SAE) handshake to replace the Pre-Shared Key (PSK) method and provides stronger protection against offline dictionary attacks?

66

An organization is setting up a site-to-site VPN between two branch offices. They require encryption of the entire IP packet, including the original IP header, and plan to use IPsec. Which mode should they configure?

67

A network administrator wants to prevent unauthorized devices from connecting to the wired network. Which technology can be used to enforce authentication at the switch port level before granting network access?

68

Which UDP port is used by the Domain Name System (DNS) for name resolution queries?

69

An attacker is performing a man-in-the-middle attack at Layer 2 by sending forged ARP messages to associate their MAC address with the IP address of a legitimate host on the same subnet. This attack is known as:

70

A security analyst is reviewing firewall logs and notices a high rate of TCP SYN packets to multiple ports on a server, but no corresponding ACK or RST packets. This is characteristic of which type of attack?

71

Which of the following is a secure remote access VPN protocol that uses TLS for encryption and is commonly used with Cisco AnyConnect?

72

A company wants to deploy a network IDS that can analyze traffic patterns and detect anomalies. Where should the IDS sensor be placed to monitor all traffic on a network segment without introducing latency?

73

A security administrator is hardening a wireless network. Which TWO of the following should be avoided due to known vulnerabilities?

74

A security analyst is reviewing a TLS 1.3 deployment. Which THREE of the following are features of TLS 1.3?

75

An organization is designing network segmentation to protect sensitive data. Which TWO of the following are effective methods for implementing network segmentation?

76

A security analyst is investigating a potential ARP spoofing attack on a local network segment. Which TWO network security controls would be most effective in preventing or detecting such an attack at Layer 2?

77

A network administrator is designing a secure remote access solution for employees using company laptops. The solution must support strong authentication, encryption, and be resistant to man-in-the-middle attacks. Which THREE components should be included?

78

During a security assessment, a penetration tester successfully performs a DHCP starvation attack followed by a DHCP spoofing attack. Which TWO outcomes are the most likely consequences of this combined attack?

79

A company is migrating from WPA2-PSK to WPA3 for its wireless network. Which THREE benefits does WPA3 provide compared to WPA2?

Practice all 79 Network and Communications Security questions

Other SSCP exam domains

Access ControlsRisk Identification, Monitoring, and AnalysisIncident Response and RecoverySecurity Operations and AdministrationCryptographySystems and Application SecurityRisk Identification, Monitoring and Analysis

Frequently asked questions

What does the Network and Communications Security domain cover on the SSCP exam?

The Network and Communications Security domain covers the key concepts tested in this area of the SSCP exam blueprint published by ISC2. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all SSCP domains — no account required.

How many Network and Communications Security questions are in the SSCP question bank?

The Courseiva SSCP question bank contains 79 questions in the Network and Communications Security domain. Click any question to see the full explanation and answer breakdown.

What is the best way to practice Network and Communications Security for SSCP?

Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.

Can I practice only Network and Communications Security questions for SSCP?

Yes — the session launcher on this page draws questions exclusively from the Network and Communications Security domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.

Free forever · No credit card required

Track your SSCP domain progress

Save your results, see per-domain analytics, and get readiness scores — free, for every certification.

Sign Up Free

Free forever · Every certification included

Practice Session

10 questions20 questions30 questions50 questions

Study Resources

All DomainsPractice TestMock ExamFlashcardsStudy Guide

Related Exams

CCCISSPSY0-701