SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.
Checkpoint
Compiler
Criminal Law
Business Continuity Program
2. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements
TNI (Red Book)
Primary Storage
Walk Though
Alert
3. A Denial of Service attack that exploits systems that are not able to handle malicious - overlapping and oversized IP fragments.
Teardrop
Resumption
Salami
Privacy Laws
4. System of law based upon precedence - with major divisions of criminal - tort - and administrative
Domain
Walk Though
Common Law
Multilevel Security System
5. A backup type which creates a complete copy
Digital Certificate
Locard's Principle
Emergency
Replication
6. Recognition of an individual's assertion of identity.
Business Interruption
Data Backups
Identification
Data Dictionary
7. Memory management technique that allows two processes to run concurrently without interaction
Durability
Data Backup Strategies
Protection
Interception
8. A group of hard drives working as one storage unit for the purpose of speed and fault tolerance
Redundant Array Of Independent Drives (RAID)
Algorithm
Operational Exercise
Full Test (Full Interruption)
9. A race condition where the security changes during the object's access
Tapping
Contact List
Standalone Test
Time Of Check/Time Of Use
10. OOP concept of an object at runtime
Encipher
Recovery Strategy
Instance
Radio Frequency Interference (RFI)
11. Server optimized for providing file-based data storage to the network. Unlike a File Server - a NAS unit has no input or output devices - and the OS is dedicated for providing storage services.
Qualitative
Surge Suppressor
Algorithm
Network Attached Storage (NAS)
12. Maintenance procedures outline the process for the review and update of business continuity plans.
Coaxial Cable
Administrative Law
Accreditation
Plan Maintenance Procedures
13. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.
Embedded Systems
Detection
Electronic Vaulting
Administrative Laws
14. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.
Encapsulation
Plaintext
Blind Testing
Bollard
15. Line noise that is superimposed on the supply circuit.
Identification
5 Rules Of Evidence
Territoriality
Transients
16. Encryption system using a pair of mathematically related unequal keys
Attacker (Black hat - Hacker)
Asymmetric
Memory Management
Incident Handling
17. An access policy that uses a security label system. Users have clearances - and resources have security labels that contain data classifications. MAC compares these two attributes to determine access control capabilies - most commonly used in governm
Trade Secret
Mandatory Access Control (MAC)
Workaround Procedures
Cache
18. Pertaining to law - verified as real
Parallel Test
Service Bureau
Log
Authentic
19. A layer 3 device that used to connect two or more network segments and regulate traffic.
Routers
Incident Manager
Integrated Test
Threads
20. Written internalized or nationalized norms that are internal to an organization
Standard
Accountability
Teardrop
Multi-Core
21. Inference about encrypted communications
Bit
Side Channel Attack
Network Attached Storage (NAS)
Ethics
22. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.
Risk Assessment / Analysis
Central Processing Unit (CPU)
Inheritance
5 Rules Of Evidence
23. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.
Microwave
Data Recovery
Source Routing Exploitation
Data Backups
24. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.
Executive Succession
Tactical
Satellite
Parallel Test
25. Location where coordination and execution of BCP or DRP is directed
Checkpoint
Sequence Attacks
Checksum
Emergency Operations Center (EOC)
26. Communicate to stakeholders
Dangling Pointer
Cross Training
Debriefing/Feedback
Concatenation
27. Uncheck data input which results in redirection
Plan Maintenance Procedures
HTTP Response Splitting
Hub
Spyware
28. Short period of low voltage.
Job Training
Convincing
Shift Cipher (Caesar)
Sag/Dip
29. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated
Marking
Fiber Optics
Initialization Vector
Algorithm
30. The managerial approval to operate a system based upon knowledge of risk to operate
Bridge
Accreditation
Detective
Proxies
31. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.
Recovery Point Objective (RPO)
Change Control
Eavesdropping
Key Escrow
32. A list of team members and/or key players to be contacted including their backups. The list will include the necessary contact information (i.e. Home phone - pager - cell - etc.) And in most cases be considered confidential.
Contact List
Hearsay
Durability
Strategic
33. Malware that makes small random changes to many data points
Data Diddler
Spyware
Sniffing
Executive Succession
34. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.
Uninterruptible Power Supply (UPS)
Hard Disk
Faraday Cage/ Shield
User Mode (problem or program state)
35. Asymmetric encryption of a hash of message
Due Care
Data Backup Strategies
Digital Signature
Contact List
36. Objects or programming that looks the different but act same
Tracking
Key Escrow
One Time Pad
Polymorphism
37. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives
Entrapment
Memory Management
Plaintext
Business Unit Recovery
38. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.
Orange Book C Classification
Injection
Honeypot
Mirroring
39. Program that inappropriately collects private data or activity
Archival Data
Spyware
IP Fragmentation
Slack Space
40. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources
Electromagnetic Interference (EMI)
Honeypot
Workaround Procedures
Event
41. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities
Database Shadowing
Collisions
BCP Testing Drills and Exercises
Embedded
42. All of the protection mechanism in a computer system
Trusted Computing Base
Security Clearance
Intrusion Prevention Systems
Recovery Period
43. Return to a normal state
Recovery
Multiplexers
Access Control Matrix
Sniffing
44. An opportunity for a threat to cause loss. (terminology that encompasses many recent risk terms)
Investigation
Exposure
Asymmetric
Standalone Test
45. Amount of time for restoring a business process or function to normal operations without major loss
Evidence
Accreditation
Time Of Check/Time Of Use
Maximum Tolerable Downtime (MTD)
46. Hitting a filed down key in a lock with a hammer to open without real key
Cross Certification
Bumping
Key Management
Trusted Computing Base
47. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.
One Time Pad
Business Recovery Team
Total Risk
TIFF (Tagged Image File Format)
48. Momentary loss of power
Isolation
Security Blueprint
Separation Of Duties
Fault
49. To reduce fire
Digital Signature
Digital Signature
Fire Suppression
Network Attached Storage (NAS)
50. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress
Access Control
True Attack Stimulus
Memory Management
User Mode (problem or program state)
