SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.
Class
False (False Positive)
Firewalls
Microwave
2. The process of assessing damage - following a disaster - to computer hardware - vital records - office facilities - etc. And determining what can be salvaged or restored and what must be replaced.
Sniffing
Intrusion Detection Systems
Damage Assessment
Inrush Current
3. Recording the Who What When Where How of evidence
Reference Monitor
File Shadowing
Mandatory
Chain Of Custody
4. Calculation encompassing threats - vulnerabilities and assets
Total Risk
Alert
Operational
Packet Filtering
5. A list of team members and/or key players to be contacted including their backups. The list will include the necessary contact information (i.e. Home phone - pager - cell - etc.) And in most cases be considered confidential.
Cryptography
Incident Response
Contact List
Inference
6. A collection of data or information that has a name
File Level Deletion
Business Interruption
Remanence
File
7. Sudden rise in voltage in the power supply.
Surge
Burn
ISO/IEC 27001
Masked/Interruptible
8. Also known as regulatory laws - covers standards of performance or conduct expected by government agencies from companies - industries - and certain officials
Compensating
Need-To-Know
Analysis
Administrative Laws
9. Renders the file inaccessible to the operating system - available to reuse for data storage.
File Level Deletion
Enticement
Buffer Overflow
Non-Repudiation
10. A protocol for the efficient transmission of voice over the Internet
Simulation Test
Voice Over IP (VOIP)
Orange Book B1 Classification
Intrusion Detection Systems
11. Method for determine functions - identifying function failure - assessing it - and were failure is most likely to occur
Method
Checksum
Boot (V.)
Failure Modes and Effect Analysis (FEMA)
12. A running key using a random key that is never used again
Walk Though
One Time Pad
ff Site
Orange Book C2 Classification
13. More than one processor sharing same memory - also know as parallel systems
Buffer Overflow
Fragmented Data
Spiral
Multi-Processor
14. Short period of low voltage.
Assembler
Sag/Dip
Mission-Critical Application
IP Fragmentation
15. Key
Cryptovariable
User
Data Leakage
Guidelines
16. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems
Operational Impact Analysis
Discretionary
Acronym for American Standard Code for Information Interchange (ASCII)
Bridge
17. An attack involving the hijacking of a TCP session by predicting a sequence number.
Sequence Attacks
Mixed Law System
Electronic Vaulting
Rollback
18. Process whereby data is removed from active files and other data storage structures
ITSEC
Deletion
Custodian
Information Technology Security Evaluation Criteria - ITSEC
19. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.
Buffer Overflow
Forensic Copy
False (False Positive)
Honeynet
20. To segregate for the purposes of labeling
Supervisor Mode (monitor - system - privileged)
Honeypot
Access Control Lists
Compartmentalize
21. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.
Business Unit Recovery
Remote Journaling
Keystroke Logging
Cookie
22. Mediates communication between un-trusted hosts on behalf of the hosts that it protects.
Business Impact Assessment (BIA)
Physical Tampering
Proxies
Kerberos
23. Physical description on the exterior of an object that communicates the existence of a label
Marking
Birthday Attack
Desk Check Test
Buffer Overflow
24. Lower frequency noise
Radio Frequency Interference (RFI)
Walk Though
Polymorphism
Critical Functions
25. A group of hard drives working as one storage unit for the purpose of speed and fault tolerance
Fire Suppression
Teardrop
Redundant Array Of Independent Drives (RAID)
Crisis
26. Vehicle or tool that exploits a weakness
Process Isolation
Threats
Classification Scheme
Accurate
27. An activity that is performed for the purpose of training and conditioning team members - and improving their performance.
Routers
Supervisor Mode (monitor - system - privileged)
Network Attached Storage (NAS)
Exercise
28. More than one CPU on a single board
Multi-Core
Hub
Liability
Privacy Laws
29. Joining two pieces of text
Deletion
Hub
Pointer
Concatenation
30. Inappropriate data
Radio Frequency Interference (RFI)
Certification
Running
Malformed Input
31. Robust project management process of new systems with at least the following phases: design and development - production - distribution - operation - maintenance - retirement - and disposal
Data Diddler
Patent
System Life Cycle
Coaxial Cable
32. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.
Distributed Processing
Call Tree
Business Interruption Insurance
Reciprocal Agreement
33. Substitution at the word or phrase level
Corrective
Databases
Cross Certification
Code
34. Can be statistical (monitor behavior) or signature based (watch for known attacks)
Disaster Recovery Teams (Business Recovery Teams)
File Shadowing
IDS Intrusion Detection System
Mock Disaster
35. Act of scrambling the cleartext message by using a key.
Encipher
Patent
Hash Function
Isolation
36. A test that answers the questions: Does the organization have the documentation it needs? Can it be located?
Key Management
Cookie
Modification
Checklist Test (desk check)
37. Control type- that is communication based - typically written or oral
Disk Mirroring
Remote Journaling
Key Management
Administrative
38. Using small special tools all tumblers of the lock are aligned - opening the door
Key Management
Running Key
Picking
Desk Check Test
39. A Trojan horse with the express underlying purpose of controlling host from a distance
Remote Access Trojan
Classification Scheme
Analysis
Crisis
40. The hard drive
Criminal Law
Durability
Structured Walk-Through Test
Secondary Storage
41. To load the first piece of software that starts a computer.
Boot (V.)
Open Mail Relay Servers
Hot Spares
Operational Test
42. Motive - opportunity - and means; when looking for suspects it is important to consider these 3 things
Replication
Modification
Buffer Overflow
MOM
43. A state for operating system tasks only
Analysis
Security Kernel
Supervisor Mode (monitor - system - privileged)
Bumping
44. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.
Data Recovery
JPEG (Joint Photographic Experts Group)
Data Custodian
Business Continuity Program
45. An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy.
Race Condition
Patch Panels
Accurate
Recovery Strategy
46. A type a computer memory that temporarily stores frequently used information for quick access.
Alternate Data Streams (File System Forks)
Orange Book C Classification
Cache
Control Category
47. Those who initiate the attack
Business Records
Object Reuse
Threat Agent
Incident Response Team
48. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)
Interception
Hot Spares
Key Space
Incident Response Team
49. Malware that makes many small changes over time to a single data point or system
Digital Certificate
Payload
Surge Suppressor
Salami
50. Written core statements that rarely change
Locard's Principle
Multi-Processing
Full-Interruption test
Policy