SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Policy or stated actions
Steganography
Conflict Of Interest
Due Care
Sharing
2. Consume resources to a point of exhaustion - loss of availability
Framework
Denial Of Service
Mitigate
Side Channel Attack
3. A description of a database
MOM
Public Key Infrastructure (PKI)
Dangling Pointer
Data Dictionary
4. Record history of incident
Tracking
Access Control
Data Marts
Race Condition
5. A physical enclosure for verifying identity before entry to a facility
Mantrap (Double Door System)
Critical Records
Virus
Intrusion Detection Systems
6. A comprehensive set of controls comprising best practices in information security and provides guidelines on how to set up and maintain security programs.
IDS Intrusion Detection System
One Time Pad
Inheritance
ISO/IEC 27002
7. Disruption of operation of an electronic device due to a competing electromagnetic field.
Governance
Copyright
Noise
EMI
8. Memory - RAM
ISO/IEC 27002
Kerberos
Pervasive Computing and Mobile Computing Devices
Primary Storage
9. Actions measured against either a policy or what a reasonable person would do
Due Diligence
Memory Management
Digital Signature
Integrated Test
10. Control category - more than one control on a single asset
Compensating
Checksum
Boot (V.)
Key Escrow
11. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.
Compiler
Checksum
Governance
Operational Impact Analysis
12. Renders the record inaccessible to the database management system
Waterfall
Standalone Test
Record Level Deletion
Intrusion Detection Systems
13. Induces a crime - tricks a person - and is illegal
Asymmetric
Boot (V.)
Integrated Test
Entrapment
14. A record that must be preserved and available for retrieval if needed.
Electromagnetic Interference (EMI)
Vital Record
Non-Interference
Recovery Point Objective (RPO)
15. A backup of data located where staff can not gain access readily and a regional disaster will not cause harm
Race Condition
Eavesdropping
Access Control Lists
ff Site
16. Fault tolerance for power
Incident
Control Type
Keystroke Logging
Generator
17. A software design technique for abstraction of a process
Copyright
Data Hiding
Analysis
Integrated Test
18. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.
Disk Mirroring
Surge
Governance
Key Management
19. Organization way of classifying data by factors such as criticality - sensitivity and ownership.
Recovery
Basics Of Secure Design
Mantrap (Double Door System)
Classification Scheme
20. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.
Life Cycle of Evidence
Data Marts
Class
Active Data
21. A mobilized resource purchased or contracted for the purpose of business recovery.
Databases
Mobile Recovery
Business Interruption
Alternate Site
22. One way encryption
Identification
File Server
Computer Forensics
Hash Function
23. A world-wide wireless technology
Digital Certificate
Procedure
Wireless Fidelity (Wi-Fi )
Shielding
24. Indivisible - data field must contain only one value that either all transactions take place or none do
File Sharing
Job Training
Atomicity
Honeynet
25. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.
Encryption
Forensic Copy
Ring Protection
Data Integrity
26. Unauthorized wireless network access device.
Risk Mitigation
Rogue Access Points
Faraday Cage/ Shield
Capability Tables
27. Control category- to give instructions or inform
Examples of non-technical security components
Pervasive Computing and Mobile Computing Devices
Directive
Log
28. A back up type - where the organization has excess capacity in another location.
Distributed Processing
Multi-Core
Computer Forensics
Cross Certification
29. Most granular organization of controls
Control Category
Isolation
Recovery Time Objectives
Binary
30. A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.
Alternate Data Streams (File System Forks)
Intrusion Detection Systems
Emergency Procedures
Cryptography
31. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.
Containment
Object Reuse
Orange Book B1 Classification
Business Interruption Insurance
32. Hitting a filed down key in a lock with a hammer to open without real key
Bumping
Masked/Interruptible
Orange Book A Classification
Integrated Test
33. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.
Data Backups
Multi-Processor
Deterrent
Mirroring
34. Representatives from each functional area or department get together and walk through the plan from beginning to end.
Modification
Damage Assessment
Business Records
Structured Walk-Through Test
35. A BCP testing type - a test that answers the question: Can the organization replicate the business process?
Liability
Proprietary
Simulation
Exposure
36. Natural occurrence in circuits that are in close proximity
Interference (Noise)
Interception
Polymorphism
Adware
37. The core of a computer that calculates
Race Condition
Adware
Central Processing Unit (CPU)
Secondary Storage
38. An asymmetric cryptography mechanism that provides authentication.
Activation
TCSEC (Orange Book)
Checklist Test (desk check)
Digital Signature
39. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services
Discretionary Access Control (DAC)
Crisis
Tracking
Access Control Lists
40. Physical description on the exterior of an object that communicates the existence of a label
Marking
Certification
ITSEC
Dangling Pointer
41. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)
Satellite
TNI (Red Book)
Interception
Key Escrow
42. A database backup type which records at the transaction level
System Downtime
Sag/Dip
Remote Journaling
Object Oriented Programming (OOP)
43. Redundant component that provides failover capability in the event of failure or interruption of a primary component.
Modification
Non-Interference
Boot (V.)
Hot Spares
44. OOP concept of a class's details to be hidden from object
Computer Forensics
Sag/Dip
Blind Testing
Encapsulation
45. Interception of a communication session by an attacker.
Least Privilege
Locard's Principle
Hijacking
Shielding
46. Reprogrammable basic startup instructions
CPU Cache
Labeling
Firmware
Access Control
47. A group or network of honeypots
Polyalphabetic
CobiT
Threats
Honeynet
48. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives
Memory Management
Damage Assessment
Data Hiding
Layering
49. A risk assessment method - measurable real money cost
Operational Exercise
Quantitative
Integrated Test
Supervisor Mode (monitor - system - privileged)
50. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive
Operational Test
Virtual Memory
Locard's Principle
Civil Or Code Law