SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Controls deployed to avert unauthorized and/or undesired actions.
Trademark
Prevention
Access Control Matrix
Classification
2. Uncleared buffers or media
Relocation
Due Care
Object Reuse
Hot Site
3. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.
Machine Language (Machine Code)
Transients
Radio Frequency Interference (RFI)
Standalone Test
4. Those who initiate the attack
Threat Agent
Phishing
Multi-Core
Burn
5. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity
Satellite
Machine Language (Machine Code)
Log
Site Policy Awareness
6. A state for operating system tasks only
Race Condition
Wireless Fidelity (Wi-Fi )
Supervisor Mode (monitor - system - privileged)
Modems
7. Moving the alphabet intact a certain number spaces
Shift Cipher (Caesar)
Data Leakage
Polyalphabetic
Full Test (Full Interruption)
8. Responsibility of a user for the actions taken by their account which requires unique identification
Ethics
Marking
Accountability
Security Clearance
9. The event signaling an IDS to produce an alarm when no attack has taken place
Residual Data
False Attack Stimulus
Double Blind Testing
Triage
10. Two different keys decrypt the same cipher text
Access Control Lists
Data Integrity
Key Clustering
Coaxial Cable
11. A choice in risk management - to implement a control that limits or lessens negative effects
Virus
Governance
Malformed Input
Mitigate
12. Subset of operating systems components dedicated to protection mechanisms
Security Kernel
Spam
Information Risk Management (IRM)
Civil Or Code Law
13. Server optimized for providing file-based data storage to the network. Unlike a File Server - a NAS unit has no input or output devices - and the OS is dedicated for providing storage services.
Residual Risk
Business Records
System Life Cycle
Network Attached Storage (NAS)
14. Alternate facility - other than the primary production site - where duplicated vital records and documentation may be stored for use during disaster recovery.
Process Isolation
Off-Site Storage
Acronym for American Standard Code for Information Interchange (ASCII)
Triage
15. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.
Encryption
Intrusion Prevention Systems
Disaster
Dictionary Attack
16. A description of a database
ISO/IEC 27002
IP Fragmentation
Data Dictionary
TNI (Red Book)
17. A social engineering attack that uses spoofed email or websites to persuade people to divulge information.
Incident Response Team
Phishing
Electromagnetic Interference (EMI)
Intrusion Detection Systems
18. Unchecked data which spills into another location in memory
Injection
MOM
Buffer Overflow
Double Blind Testing
19. Requirement of access to data for a clearly defined purpose
Need-To-Know
Desk Check Test
Centralized Access Control Technologies
Asymmetric
20. A planned or unplanned interruption in system availability.
Bridge
System Downtime
Conflict Of Interest
Common Law
21. A backup type which creates a complete copy
Disaster
Orange Book D Classification
Replication
Criminal Law
22. Provides a physical cross connect point for devices.
True Attack Stimulus
Accreditation
Patch Panels
Locard's Principle
23. Framework that defines goals for the controls that should be used to properly manage IT - consists of 4 domains: - Plan and Organize - - Acquire and Implement - Deliver and Support - Monitor and Evaluate
Dangling Pointer
Accreditation
Civil Law
CobiT
24. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs
Application Programming Interface
Database Shadowing
Cipher Text
Adware
25. The process of assessing damage - following a disaster - to computer hardware - vital records - office facilities - etc. And determining what can be salvaged or restored and what must be replaced.
Chain Of Custody
Microwave
Processes are Isolated By
Damage Assessment
26. A set of best practices for programmers to seek in all application or data base design: Atomicity - Consistency - Isolation - Durability
Object Oriented Programming (OOP)
Data Marts
Fault
The ACID Test
27. Copies of the plan are handed out to each functional area to ensure the plan properly deals with the area's needs and vulnerabilities
Relocation
Capability Tables
Full-Interruption test
Checklist Test
28. Descrambling the encrypted message with the corresponding key
Decipher
Data Leakage
Uninterruptible Power Supply (UPS)
Spyware
29. A choice in risk management - to convince another to assume risk - typically by payment
ISO/IEC 27001
Transfer
Blind Testing
Rootkit
30. A unit of execution
Chain Of Custody
Threads
Asymmetric
ff Site
31. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.
Emergency
Dangling Pointer
Procedure
Access Control Attacks
32. Vehicle or tool that exploits a weakness
Sniffing
Technical Access Controls
Encapsulation
Threats
33. Implementation of operating system protection mechanism - where more sensitive built upon the layering concept
Ring Protection
Analysis
Legacy Data
Copyright
34. Written suggestions that direct choice to a few alternatives
Journaling
Fiber Optics
False Negative
Guidelines
35. Converts source code to an executable
Information Flow Model
Compiler
Shadowing (file shadowing)
Cold Site
36. Not fulfilling legally recognized obligation - failure to conform to a standard of care that results in injury or damage - and proximate causation - not practicing due diligence - or due care - not following prudent person (doing due diligence in due
Spam
Elements of Negligence
Gateway
Malformed Input
37. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.
Governance
Residual Data
Accountability
Shadowing (file shadowing)
38. One entity with two competing allegiances
Fire Prevention
Conflict Of Interest
Gateway
Detection
39. To break a business process into separate functions and assign to different people
Brouter
Hot Spares
Separation Of Duties
Lattice
40. A database backup type which records at the transaction level
Data Backups
Entrapment
Security Clearance
Remote Journaling
41. A collection of information designed to reduce duplication and increase integrity
Encapsulation
Double Blind Testing
Databases
Worm
42. Malware that subverts the detective controls of an operating system
Record Level Deletion
Cross-Site Scripting
Rootkit
Domain
43. Line noise that is superimposed on the supply circuit.
Transients
5 Rules Of Evidence
Framework
Assembler
44. Consume resources to a point of exhaustion - loss of availability
Digital Signature
Denial Of Service
Side Channel Attack
Initialization Vector
45. False memory reference
Fraggle
Emergency
Mandatory Access Control (MAC)
Dangling Pointer
46. Third party processes used to organize the implementation of an architecture
Shielding
Honeypot
Framework
Analysis
47. A legal enforceable agreement between: two people - two organizations - a person and an organization.
Near Site
Business Interruption
Hijacking
Tort
48. A perpetrator leaves something behind or takes something with them at the scene of a crime
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
49. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.
Aggregation
Emanations
Orange Book B2 Classification
Algorithm
50. Pertaining to law - no omissions
Maximum Tolerable Downtime (MTD)
Complete
Executive Succession
Common Law