SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A device that provides the functions of both a bridge and a router.
Guidelines
Operational
Brouter
Multi-Processor
2. A control before attack
Safeguard
Electronic Vaulting
Relocation
Processes are Isolated By
3. Object based description of a single resource and the permission each subject
Access Control Lists
Data Hiding
Incident Response Team
Cookie
4. Small data warehouse
Data Marts
Control Category
Content Dependent Access Control
Watermarking
5. A system designed to prevent unauthorized access to or from a private network.
Initialization Vector
Firewall
Inheritance
Spyware
6. A backup type which creates a complete copy
Copyright
Checksum
Replication
Information Technology Security Evaluation Criteria - ITSEC
7. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.
Adware
Business Recovery Timeline
On-Site
File Server
8. A mail server that improperly allows inbound SMTP connections for domains it does not serve.
Open Mail Relay Servers
Boot (V.)
Mobile Site
Rootkit
9. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.
Redundant Servers
Business Interruption Insurance
Overlapping Fragment Attack
Modems
10. For PKI - decertify an entities certificate
Data Diddler
Ring Protection
Burn
Revocation
11. Tool which mediates access
Steganography
Due Care
Control
Prevention
12. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)
File Shadowing
Data Diddler
Shielding
Smurf
13. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals
Public Key Infrastructure (PKI)
Polymorphism
Fire Classes
Information Owner
14. Scrambled form of the message or data
Cipher Text
Fire Suppression
TCSEC (Orange Book)
Recovery
15. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.
Residual Data
Accountability
Remote Access Trojan
ISO/IEC 27002
16. Just enough access to do the job
Walk Though
Least Privilege
Standalone Test
Near Site
17. Record history of incident
Tort
Cross Certification
Tracking
Slack Space
18. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.
Microwave
Mirroring
Denial Of Service
EMI
19. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs
Orange Book B1 Classification
Corrective
Critical Infrastructure
Application Programming Interface
20. A perpetrator leaves something behind or takes something with them at the scene of a crime
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
21. Trading one for another
Sag/Dip
SQL Injection
Substitution
System Life Cycle
22. Descrambling the encrypted message with the corresponding key
Decipher
Examples of technical security components
Orange Book B1 Classification
Internal Use Only
23. The property that data meet with a priority expectation of quality and that the data can be relied upon.
Disaster
Proxies
Data Integrity
Restoration
24. Recording activities at the keyboard level
Keystroke Logging
Civil Law
Electromagnetic Interference (EMI)
Brute Force
25. To know more than one job
Cross Training
Change Control
Masked/Interruptible
Moore's Law
26. The partial or full duplication of data from a source database to one or more destination databases.
Sampling
Multi-Processing
Alert
Database Replication
27. Initial surge of current
Protection
Inrush Current
Desk Check Test
Intrusion Detection Systems
28. An availability attack - to consume resources to the point of exhaustion
Wireless Fidelity (Wi-Fi )
Non-Interference
Denial Of Service
Electrostatic Discharge
29. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid
Metadata
Class
Civil Law
TIFF (Tagged Image File Format)
30. Recovery alternative - everything needed for the business function - except people and last backup
Hot Site
Process Isolation
Technical Access Controls
Targeted Testing
31. The one person responsible for data - its classification and control setting
Compartmentalize
The ACID Test
Information Owner
Secondary Storage
32. OOP concept of a distinct copy of the class
Full Test (Full Interruption)
Integrated Test
Object
Data Marts
33. Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization - community - nation - etc
Critical Infrastructure
IDS Intrusion Detection System
Orange Book B1 Classification
Service Bureau
34. Weakness or flaw in an asset
IP Fragmentation
Time Of Check/Time Of Use
Vulnerability
Trade Secret
35. A group of hard drives working as one storage unit for the purpose of speed and fault tolerance
Chain of Custody
Binary
Generator
Redundant Array Of Independent Drives (RAID)
36. Prolonged loss of commercial power
Blackout
Sharing
Walk Though
Double Blind Testing
37. Use of specialized techniques for recovery - authentication - and analysis of electronic data
Asymmetric
Trade Secret
Computer Forensics
Bumping
38. System mediation of access with the focus on the context of the request
Deleted File
Redundant Servers
Acronym for American Standard Code for Information Interchange (ASCII)
Content Dependent Access Control
39. Owner directed mediation of access
Discretionary
Digital Certificate
Mitigate
Ring Protection
40. Requirement of access to data for a clearly defined purpose
Transients
Faraday Cage/ Shield
UPS
Need-To-Know
41. Reprogrammable basic startup instructions
Brouter
Centralized Access Control Technologies
Spiral
Firmware
42. A collection of information designed to reduce duplication and increase integrity
Databases
Liability
Process Isolation
Forensic Copy
43. Recording the Who What When Where How of evidence
Chain Of Custody
Identification
Elements of Negligence
Faraday Cage/ Shield
44. Key
Access Control
Exercise
Identification
Cryptovariable
45. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.
Accountability
Uninterruptible Power Supply (UPS)
Access Control Matrix
Running
46. A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.
Hot Spares
Emergency Procedures
Byte Level Deletion
Event
47. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.
File Level Deletion
Residual Data
Object Oriented Programming (OOP)
Access Control Attacks
48. Renders the record inaccessible to the database management system
ITSEC
Packet Filtering
Notification
Record Level Deletion
49. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements
Standalone Test
TNI (Red Book)
Hot Spares
Fiber Optics
50. Moving letters around
Recovery
Permutation /Transposition
Data Owner
Top Secret