SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.
Multi-Core
Private Branch Exchange (PBX)
Data Dictionary
Evidence
2. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.
Side Channel Attack
Brouter
Recovery
Electronic Vaulting
3. Computing power will double every 18 months
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
4. Inference about encrypted communications
Side Channel Attack
Operating
Education
Electrostatic Discharge
5. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.
Dangling Pointer
Ring Protection
Trapdoors (Backdoors) (Maintenance Hooks)
Forensic Copy
6. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.
Reciprocal Agreement
Cross Certification
Investigation
Metadata
7. Use of specialized techniques for recovery - authentication - and analysis of electronic data
Operational Test
Computer Forensics
Data Integrity
Recovery Time Objectives
8. Process whereby data is removed from active files and other data storage structures
Bit
Data Dictionary
ISO/IEC 27002
Deletion
9. Can be statistical (monitor behavior) or signature based (watch for known attacks)
IDS Intrusion Detection System
Criminal Law
Control Type
Faraday Cage/ Shield
10. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)
Malformed Input
Smurf
Trade Secret
Risk Mitigation
11. To start business continuity processes
Cryptography
Labeling
Activation
Internal Use Only
12. Renders the record inaccessible to the database management system
Kerckhoff's Principle
Buffer Overflow
CobiT
Record Level Deletion
13. Mediation of covert channels must be addressed
Information Flow Model
Detection
Certification Authority
Backup
14. A Denial of Service attack that floods the target system with connection requests that are not finalized.
SYN Flooding
Cryptanalysis
Recovery Time Objectives
Virus
15. Abstract and mathematical in nature - defining all possible states - transitions and operations
Administrative
EMI
Data Custodian
State Machine Model
16. Individuals and departments responsible for the storage and safeguarding of computerized data.
Data Custodian
Orange Book B2 Classification
Enticement
Redundant Servers
17. A basic level of network access control that is based upon information contained in the IP packet header.
Packet Filtering
Journaling
Labeling
Satellite
18. Using small special tools all tumblers of the lock are aligned - opening the door
Kerberos
Picking
Orange Book B2 Classification
Accountability
19. Firewalls - encryption - and access control lists
War Driving
Critical Records
Complete
Examples of technical security components
20. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.
Monitor
Infrastructure
File Shadowing
Aggregation
21. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements
Total Risk
Checkpoint
Hot Spares
ITSEC
22. The managerial approval to operate a system based upon knowledge of risk to operate
Dangling Pointer
Virtual Memory
Accreditation
Recovery Time Objectives
23. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.
Policy
User Mode (problem or program state)
Cross-Site Scripting
TIFF (Tagged Image File Format)
24. Act of luring an intruder and is legal.
Near Site
Enticement
Memory Management
Hearsay
25. A programming device use in development to circumvent controls
Spyware
Directive
Encryption
Trapdoors (Backdoors) (Maintenance Hooks)
26. One method of exercising teams in which participants are challenged to determine the actions they would take in the event of a specific disaster scenario. Mock disasters usually involve all - or most - of the applicable teams.
Containment
Distributed Processing
Residual Risk
Mock Disaster
27. Malware that uses the trust on a website to redirect users to untrusted websites which captures data or installs more malware
IP Fragmentation
Directive
Cross-Site Scripting
Spyware
28. The response of an organization to a disaster or other significant event that may significantly impact the organization - its people - or its ability to function productively.
Sag/Dip
Failure Modes and Effect Analysis (FEMA)
Bollard
Incident Response
29. The process of identifying - accessing - reducing risk to an acceptable level - and implementing the right countermeasure to maintain that level of risk
Recovery Time Objectives
Data Dictionary
Compartmentalize
Information Risk Management (IRM)
30. Security Policy - Personnel Controls - Supervisory Structure - Security Awareness Training - Testing
Administrative Access Controls
Site Policy
Due Diligence
Copyright
31. A test that answers the questions: Does the organization have the documentation it needs? Can it be located?
Metadata
CobiT
Checklist Test (desk check)
Repeaters
32. Control category- to give instructions or inform
Permutation /Transposition
Directive
Hot Site
Full-Interruption test
33. The time period between a disaster and a return to normal functions - during which the disaster recovery plan is employed.
Disaster Recovery Teams (Business Recovery Teams)
Recovery Period
Mixed Law System
Inrush Current
34. A critical event - which - if not handled in an appropriate manner - may dramatically impact an organization's profitability - reputation - or ability to operate.
Crisis
Object Oriented Programming (OOP)
Administrative Laws
Disaster
35. A social engineering attack that uses spoofed email or websites to persuade people to divulge information.
Tapping
Fraggle
Phishing
Distributed Denial Of Service
36. A system that enforces an access control policy between two networks.
Database Replication
Firewalls
Digital Signature
Examples of non-technical security components
37. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.
Cross-Site Scripting
Patch Panels
Picking
Data Owner
38. Record of system activity - which provides for monitoring and detection.
Relocation
Business Records
Log
Maximum Tolerable Downtime (MTD)
39. Unused storage capacity
Call Tree
Slack Space
False Attack Stimulus
Fault
40. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.
Orange Book C Classification
Containment
Multi-Processor
Operational Impact Analysis
41. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).
Discretionary Access Control (DAC)
Confidence Value
User
Least Privilege
42. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.
Civil Law
Multilevel Security System
Gateway
Data Backup Strategies
43. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services
Access Control Lists
Business Continuity Steering Committee
Fraggle
Critical Records
44. Controls for termination of attempt to access object
Custodian
Intrusion Prevention Systems
Recovery Time Objectives
Patch Management
45. Measures followed to restore critical functions following a security incident.
Process Isolation
Kerckhoff's Principle
Recovery
Race Condition
46. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.
Cipher Text
Targeted Testing
Mandatory Access Control (MAC)
Analysis
47. Subjects will not interact with each other's objects
Hard Disk
Firewalls
Non-Interference
Remote Access Trojan
48. The study of cryptography and cryptanalysis
Alert
Threads
Authentication
Cryptology
49. A value an organization places on an IDS based on past performance and analysis to help determine its ability to effectively identify an attack
Orange Book D Classification
Alert
Confidence Value
Disaster Recovery Teams (Business Recovery Teams)
50. What is will remain - persistence
Operational Test
Hot Spares
Durability
Tar Pits
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests