SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.
Confidence Value
Hijacking
Mirroring
Salami
2. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.
Detective
Application Programming Interface
Critical Records
ITSEC
3. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive
Enticement
Cryptanalysis
Virtual Memory
Surge Suppressor
4. Adversary intercepts encrypted communications - decrypts - views - encrypts - and send along to the true destination
Man-In-The-Middle Attack
Threats
Business Interruption
Compression
5. False memory reference
Alternate Data Streams (File System Forks)
Dangling Pointer
Worldwide Interoperability for Microwave Access (WI-MAX )
Multi-Processor
6. Only the key protects the encrypted information
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
7. Fault tolerance for power
Codec
Generator
Compression
Tactical
8. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.
Embedded Systems
Network Attached Storage (NAS)
Recovery Point Objective (RPO)
Separation Of Duties
9. A temporary public file to inform others of a compromised digital certificate
Certificate Revocation List (CRL)
Brouter
Off-Site Storage
Highly Confidential
10. To jump to a conclusion
Inference
Spam
Bumping
Hot Spares
11. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.
Burn
Orange Book C2 Classification
DR Or BC Coordinator
Honeypot
12. A type a computer memory that temporarily stores frequently used information for quick access.
Cache
Reciprocal Agreement
Orange Book D Classification
Checklist Test (desk check)
13. Control category- to restore to a previous state by removing the adversary and or the results of their actions
Source Routing Exploitation
Pointer
Corrective
Code
14. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.
Physical Tampering
Twisted Pair
Accurate
Due Care
15. Asymmetric encryption of a hash of message
Digital Signature
Key Escrow
Test Plan
Object Oriented Programming (OOP)
16. Security policy - procedures - and compliance enforcement
Key Space
Administrative Laws
Examples of non-technical security components
Hacker
17. A copy of transaction data - designed for querying and reporting
Attacker (Black hat - Hacker)
Cross Certification
Data Warehouse
Recovery Time Objectives
18. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.
Civil Or Code Law
Maximum Tolerable Downtime (MTD)
Pointer
Patent
19. Momentary loss of power
Containment
Fault
Denial Of Service
Surge
20. A programming device use in development to circumvent controls
Hijacking
Evidence
CobiT
Trapdoors (Backdoors) (Maintenance Hooks)
21. An attack technique that exploits systems that do not perform input validation by embedding partial SQL queries inside input.
Data Dictionary
Injection
ISO/IEC 27001
Object
22. Hitting a filed down key in a lock with a hammer to open without real key
Bumping
Full-Interruption test
Watermarking
Virus
23. uropean standard for IT security criteria. Wasn't universally adopted. - Consists of four components:1. "Security Target" 2. "Target of Evaluation" or ToE. 3. Functional Levels. 4. Assurance Levels.
Modification
Inheritance
Access Control Matrix
Information Technology Security Evaluation Criteria - ITSEC
24. Threats x Vulnerability x Asset Value = Total Risk
Transients
Smurf
ITSEC
Total Risk
25. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.
File
Substitution
Uninterruptible Power Supply (UPS)
Logic Bomb
26. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)
Tar Pits
Declaration
Cipher Text
Databases
27. A planned or unplanned interruption in system availability.
Inheritance
Locard's Principle
System Downtime
Event
28. What is will remain - persistence
Open Mail Relay Servers
Durability
Inference
Compensating
29. A process state - to be executing a process on the CPU
Detective
Cookie
Interception
Running
30. Converts a high level language into machine language
Assembler
Surge Suppressor
Reciprocal Agreement
Shadowing (file shadowing)
31. Final purpose or result
Forensic Copy
Acronym for American Standard Code for Information Interchange (ASCII)
Payload
Mission-Critical Application
32. Recovery alternative - short-term - high cost movable processing location
Mobile Site
Residual Risk
Chain of Custody
Safeguard
33. Recovery alternative - everything needed for the business function - except people and last backup
Hot Site
Stopped
Business Continuity Program
Administrative
34. The principles a person sets for themselves to follow
Technical Access Controls
Ethics
Compensating
Detection
35. A physical enclosure for verifying identity before entry to a facility
Encryption
Mantrap (Double Door System)
Containment
Deleted File
36. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)
Smurf
Event
Quantitative Risk Analysis
Failure Modes and Effect Analysis (FEMA)
37. Uncheck data input which results in redirection
Business Recovery Team
HTTP Response Splitting
Rogue Access Points
Honeypot
38. Control type- that is communication based - typically written or oral
Adware
Denial Of Service
File Server
Administrative
39. Vehicle stopping object
Disaster Recovery Teams (Business Recovery Teams)
Bollard
Admissible
Service Bureau
40. A software design technique for abstraction of a process
Data Hiding
IP Fragmentation
Remote Journaling
Simulation
41. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.
Fire Suppression
Hot Spares
Reference Monitor
Worldwide Interoperability for Microwave Access (WI-MAX )
42. Two different keys decrypt the same cipher text
Botnet
Key Clustering
Smurf
Standalone Test
43. Object based description of a system or a collection of resources
Faraday Cage/ Shield
Data Dictionary
Access Control Matrix
Business Records
44. High degree of visual control
Network Attached Storage (NAS)
Simulation
Surveillance
Botnet
45. Uses a role-based method to determine access rights and permissions. Role based access control is based on the user's role and responsibilities within the company.
Non-Discretionary Access Control
Entrapment
Primary Storage
Kernel
46. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.
Shielding
Business Interruption Insurance
Life Cycle of Evidence
Transients
47. Recognition of an individual's assertion of identity.
Keystroke Logging
Identification
Hub
Mirrored Site
48. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.
Voice Over IP (VOIP)
Electronic Vaulting
Cryptography
Business Impact Analysis
49. A device that converts between digital and analog representation of data.
Proprietary
Modems
Object Reuse
Recovery Time Objectives
50. Written internalized or nationalized norms that are internal to an organization
Directive
Standard
Record Level Deletion
Brouter