SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Real-time - automatic and transparent backup of data.
High-Risk Areas
Double Blind Testing
Remote Journaling
Simulation
2. Reduction of voltage by the utility company for a prolonged period of time
Blind Testing
Tapping
Brownout
Central Processing Unit (CPU)
3. Intellectual property protection for the expression of an idea
Key Escrow
Honeynet
Mirrored Site
Copyright
4. Method for determine functions - identifying function failure - assessing it - and were failure is most likely to occur
ff Site
Detection
Failure Modes and Effect Analysis (FEMA)
Embedded Systems
5. Program that inappropriately collects private data or activity
Spyware
Denial Of Service
Business Interruption Insurance
Byte
6. The one person responsible for data - its classification and control setting
Object Reuse
Information Owner
Deterrent
File Sharing
7. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).
Discretionary Access Control (DAC)
Certificate Revocation List (CRL)
Database Replication
Gateway
8. An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business - as well as legal or regulatory impacts.
Open Mail Relay Servers
Enticement
Mission-Critical Application
Aggregation
9. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.
Data Leakage
Multi-Processing
Business Continuity Steering Committee
Kerberos
10. Encryption system using shared key/private key/single key/secret key
Key Escrow
Bollard
Symmetric
Detection
11. The document that defines the resources - actions - tasks and data required to manage the business recovery process in the event of a business interruption within the stated disaster recovery goals.
Directive
Spyware
Infrastructure
Disaster Recovery Plan
12. Process of statistically testing a data set for the likelihood of relevant information.
Business Recovery Timeline
Sampling
Private Branch Exchange (PBX)
Mandatory
13. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.
Lattice
Access Point
Recovery Point Objective (RPO)
Blackout
14. A backup of data located where staff can gain access immediately
Mobile Site
HTTP Response Splitting
Inheritance
On-Site
15. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals
Open Mail Relay Servers
Fire Classes
Consistency
Compiler
16. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists
Running
Layering
Mitigate
Business Records
17. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs
Threats
Denial Of Service
Mandatory Vacations
Application Programming Interface
18. A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.
Concatenation
Data Dictionary
Bit
Work Factor
19. Part of a transaction control for a database which informs the database of the last recorded transaction
Mission-Critical Application
False Negative
Checklist Test
Checkpoint
20. Requires two of the three user authentication attributes (knows - is or has) - e.g. you have an ATM card and enter a PIN
Hard Disk
Strong Authentication
Wireless Fidelity (Wi-Fi )
Due Diligence
21. To assert or claim credentialing to an authentication system
Desk Check Test
Eavesdropping
Waterfall
Identification
22. A template for the designing the architecture
Spiral
Critical Functions
Security Blueprint
Race Condition
23. Communication of a security incident to stakeholders and data owners.
Concatenation
User Mode (problem or program state)
Standard
Notification
24. Written suggestions that direct choice to a few alternatives
Generator
Directive
TIFF (Tagged Image File Format)
Guidelines
25. Ertaining to a number system that has just two unique digits.
Decipher
Binary
Double Blind Testing
Intrusion Prevention Systems
26. The guardian of asset(s) - a maintenance activity
TIFF (Tagged Image File Format)
Fragmented Data
Custodian
Checklist Test
27. A software design technique for abstraction of a process
Data Hiding
Polymorphism
Business Unit Recovery
Operating
28. Hitting a filed down key in a lock with a hammer to open without real key
Convincing
Bumping
Time Of Check/Time Of Use
Virtual Memory
29. To load the first piece of software that starts a computer.
Boot (V.)
Cryptovariable
Analysis
Safeguard
30. Unchecked data which spills into another location in memory
Radio Frequency Interference (RFI)
Access Control Attacks
Man-In-The-Middle Attack
Buffer Overflow
31. The time period between a disaster and a return to normal functions - during which the disaster recovery plan is employed.
Rogue Access Points
Recovery Period
TCSEC (Orange Book)
Coaxial Cable
32. Control category - more than one control on a single asset
Embedded
ff Site
Compensating
Virtual Memory
33. To create a copy of data as a precaution against the loss or damage of the original data.
Intrusion Detection Systems
UPS
Backup
Waterfall
34. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.
BCP Testing Drills and Exercises
Forward Recovery
Trojan Horse
Critical Records
35. A backup of data located where staff can gain access readily and a localized disaster will not cause harm
Mission-Critical Application
Byte
Custodian
Near Site
36. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress
Virtual Memory
Collisions
Access Control
True Attack Stimulus
37. One of the most important first steps in the planning development. Qualitative and quantitative data needs to be gathered - analyzed - interpreted and presented to management
Multi-Processing
Hot Site
Business Impact Analysis
Liability
38. Joining two pieces of text
Recovery Period
Concatenation
Highly Confidential
Risk Assessment
39. A secure connection to another network.
Orange Book C Classification
Incident Manager
Central Processing Unit (CPU)
Gateway
40. Subjects will not interact with each other's objects
Architecture
Non-Interference
Multi-Core
Change Control
41. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.
Reciprocal Agreement
Identification
Risk Assessment
Administrative Access Controls
42. Pertaining to law - accepted by a court
Dangling Pointer
Atomicity
Proxies
Admissible
43. To break a business process into separate functions and assign to different people
Mirroring
Separation Of Duties
Centralized Access Control Technologies
Forensic Copy
44. Event(s) that cause harm
Procedure
Custodian
Territoriality
Incident
45. High degree of visual control
Surveillance
Job Rotation
Virtual Memory
Compensating
46. The collection and summation of risk data relating to a particular asset and controls for that asset
Decipher
Risk Assessment
JPEG (Joint Photographic Experts Group)
Trade Secret
47. Forging of an IP address.
Contingency Plan
Distributed Processing
IP Address Spoofing
Boot (V.)
48. To reduce fire
Transfer
Business Interruption
High-Risk Areas
Fire Suppression
49. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.
Stopped
Business Unit Recovery
Deadlock
Data Backups
50. Standard for the establishment - implementation - control - and improvement of the Information Security Management System
Firmware
Detective
Remote Access Trojan
ISO/IEC 27001