SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Method for determine functions - identifying function failure - assessing it - and were failure is most likely to occur
Failure Modes and Effect Analysis (FEMA)
Object
ITSEC
Public Key Infrastructure (PKI)
2. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.
Journaling
Noise
Business Continuity Steering Committee
Certification Authority
3. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data
Byte Level Deletion
Triage
Rootkit
Threats
4. Most granular organization of controls
Control Category
Recovery
Domain
Byte Level Deletion
5. Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization - community - nation - etc
Event
Critical Infrastructure
Acronym for American Standard Code for Information Interchange (ASCII)
Governance
6. Responsibility for actions
Orange Book B2 Classification
Data Backups
Liability
Mixed Law System
7. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.
Analysis
Sequence Attacks
Generator
Trade Secret
8. Binary decision by a system of permitting or denying access to the entire system
Critical Records
Accurate
Authentication
Disaster Recovery Teams (Business Recovery Teams)
9. To break a business process into separate functions and assign to different people
Consistency
Separation Of Duties
Plaintext
Centralized Access Control Technologies
10. The connection between a wireless and wired network.
Threats
Common Criteria
Blackout
Access Point
11. Intellectual property management technique for identifying after distribution
Blackout
Watermarking
Job Training
Tactical
12. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.
Source Routing Exploitation
Redundant Servers
Masked/Interruptible
Private Branch Exchange (PBX)
13. Part of a transaction control for a database which informs the database of the last recorded transaction
Checkpoint
One Time Pad
Plaintext
Adware
14. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.
Simulation
Countermeasure
Structured Walkthrough
Microwave
15. A choice in risk management - to convince another to assume risk - typically by payment
Transfer
Deterrent
Analysis
Source Routing Exploitation
16. The event signaling an IDS to produce an alarm when no attack has taken place
Tar Pits
Data Leakage
False Attack Stimulus
Control Type
17. A set of laws that the organization agrees to be bound by
Administrative Law
Resumption
Restoration
Restoration
18. A failure of an IDS to detect an actual attack
Incident
DR Or BC Coordinator
Lattice
False Negative
19. Companies should have their own team - made up of ppl from management - IT leagal - HR - and public relations - security and other key areas
TCSEC (Orange Book)
Incident Response Team
Sniffing
Keystroke Logging
20. A backup of data located where staff can gain access readily and a localized disaster will not cause harm
Record Level Deletion
Sag/Dip
Spiral
Near Site
21. A process state - (blocked) needing input before continuing
ISO/IEC 27001
Complete
Wait
Phishing
22. Impossibility of denying authenticity and identity
Byte Level Deletion
Highly Confidential
Virus
Non-Repudiation
23. An attack technique that exploits systems that do not perform input validation by embedding partial SQL queries inside input.
Threads
Data Custodian
Corrective
Injection
24. Unsolicited advertising software
Key Escrow
Total Risk
Adware
ISO/IEC 27002
25. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.
Residual Data
Preemptive
Architecture
Logic Bomb
26. Searching for wireless networks in a moving car.
Botnet
War Driving
Twisted Pair
Object Reuse
27. A description of a database
Data Dictionary
Authentication
Patch Panels
Data Owner
28. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.
Redundant Servers
Sharing
Object Reuse
Data Marts
29. To stop damage from spreading
Bumping
Information Flow Model
Containment
Deadlock
30. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.
Checklist Test (desk check)
Layering
Forward Recovery
Privacy Laws
31. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.
Hard Disk
Public Key Infrastructure (PKI)
Data Integrity
Residual Risk
32. Pertaining to law - lending it self to one side of an argument
Operating
Mobile Site
Mixed Law System
Convincing
33. Redundant component that provides failover capability in the event of failure or interruption of a primary component.
Hot Spares
Cryptography
Emergency Procedures
Emanations
34. Third party processes used to organize the implementation of an architecture
Due Care
Multi-Core
Framework
Shielding
35. Written suggestions that direct choice to a few alternatives
Threads
Identification
Guidelines
Overlapping Fragment Attack
36. A one way - directed graph which indicates confidentiality or integrity flow
SYN Flooding
Botnet
Boot (V.)
Lattice
37. Mediation of subject and object interactions
Concatenation
Job Training
Access Control
Cross Training
38. A type a computer memory that temporarily stores frequently used information for quick access.
Rootkit
Threat Agent
Cache
Reference Monitor
39. Pertaining to law - accepted by a court
Layering
Concentrator
Honeynet
Admissible
40. For PKI - decertify an entities certificate
Cache
Sampling
Application Programming Interface
Revocation
41. Archival Data is information that is not directly accessible to the user of a computer system but that the organization maintains for long-term storage and record keeping purposes.
SQL Injection
Threats
Archival Data
Safeguard
42. Mediates communication between un-trusted hosts on behalf of the hosts that it protects.
Proxies
Copyright
Time Of Check/Time Of Use
Packet Filtering
43. Written core statements that rarely change
Business Impact Analysis
Policy
Non-Discretionary Access Control
Desk Check Test
44. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.
Race Condition
Hearsay
Quantitative Risk Analysis
Firewall
45. Short period of low voltage.
Substitution
Crisis
Sag/Dip
Primary Storage
46. A system that enforces an access control policy between two networks.
Firewalls
Operational Impact Analysis
Orange Book C Classification
Interception
47. To jump to a conclusion
E-Mail Spoofing
Criminal Law
Inference
Orange Book B1 Classification
48. A trusted issuer of digital certificates
Side Channel Attack
Control Type
Certification Authority
Safeguard
49. Computing power will double every 18 months
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
50. The restoration of computer files from backup media to restore programs and production data to the state that existed at the time of the last safe backup.
Masquerading
TIFF (Tagged Image File Format)
Total Risk
Data Recovery