SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A distributed system's transaction control that requires updates to complete or rollback
2-Phase Commit
Pointer
Admissible
E-Mail Spoofing
2. An unintended communication path
Covert Channel
Chain Of Custody
Access Control Lists
Operational Exercise
3. Less granular organization of controls -
Sag/Dip
Control Type
Copyright
File Server
4. A collection of information designed to reduce duplication and increase integrity
Information Technology Security Evaluation Criteria - ITSEC
Activation
Memory Management
Databases
5. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).
TCSEC (Orange Book)
Non-Discretionary Access Control
Hub
Durability
6. Also known as regulatory laws - covers standards of performance or conduct expected by government agencies from companies - industries - and certain officials
Detection
Administrative Laws
Mission-Critical Application
5 Rules Of Evidence
7. Uses two or more legal systems
BCP Testing Drills and Exercises
Masquerading
Fault Tolerance
Mixed Law System
8. To smooth out reductions or increases in power
Top Secret
UPS
Storage Area Network (SAN)
Reciprocal Agreement
9. People protect their domain
Non-Repudiation
Territoriality
Code
Infrastructure
10. Granular decision by a system of permitting or denying access to a particular resource on the system
Mitigate
Compression
Authorization
Wireless Fidelity (Wi-Fi )
11. Object based description of a single resource and the permission each subject
SYN Flooding
Access Control Lists
Electromagnetic Interference (EMI)
Virus
12. Requirement to take time off
Analysis
Multi-Processor
Chain Of Custody
Mandatory Vacations
13. A design methodology which executes in a linear one way fashion
Radio Frequency Interference (RFI)
Classification Scheme
Ring Protection
Waterfall
14. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)
Parallel Test
Interception
Framework
Technical Access Controls
15. To create a copy of data as a precaution against the loss or damage of the original data.
Criminal Law
Certificate Revocation List (CRL)
Simulation
Backup
16. Firewalls - encryption - and access control lists
Plan Maintenance Procedures
Examples of technical security components
Electronic Vaulting
Control Type
17. Eavesdropping on network communications by a third party.
Microwave
Transients
Certification
Tapping
18. Power surge
Hearsay
Discretionary
Class
Electrostatic Discharge
19. Unauthorized access of network devices.
Information Risk Management (IRM)
Class
Structured Walk-Through Test
Physical Tampering
20. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.
Pervasive Computing and Mobile Computing Devices
Disaster Recovery Tape
Birthday Attack
Data Backups
21. A state for operating system tasks only
Supervisor Mode (monitor - system - privileged)
Forward Recovery
Checkpoint
Data Hiding
22. An attack involving the hijacking of a TCP session by predicting a sequence number.
File Level Deletion
Sequence Attacks
Virus
Redundant Array Of Independent Drives (RAID)
23. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.
Access Point
Compensating
Twisted Pair
Cold Site
24. Autonomous malware that requires a flaw in a service
E-Mail Spoofing
Worm
Pervasive Computing and Mobile Computing Devices
Site Policy Awareness
25. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress
5 Rules Of Evidence
True Attack Stimulus
Inrush Current
Domain
26. State of computer - to be running a process
Public Key Infrastructure (PKI)
Multi-Processor
Contingency Plan
Operating
27. Requirement of access to data for a clearly defined purpose
Need-To-Know
Detection
Data Recovery
Operational
28. Dedicated fast memory located on the same board as the CPU
Elements of Negligence
Network Attached Storage (NAS)
CPU Cache
Supervisor Mode (monitor - system - privileged)
29. High level - pertaining to planning
Evidence
Picking
Strategic
Information Flow Model
30. The response of an organization to a disaster or other significant event that may significantly impact the organization - its people - or its ability to function productively.
Access Control Attacks
Notification
User
Incident Response
31. To jump to a conclusion
Multi-Processing
Control Type
Critical Records
Inference
32. The hard drive
Interpreter
Secondary Storage
Aggregation
Multilevel Security System
33. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?
Entrapment
Brownout
Desk Check Test
HTTP Response Splitting
34. An access policy that uses a security label system. Users have clearances - and resources have security labels that contain data classifications. MAC compares these two attributes to determine access control capabilies - most commonly used in governm
Malformed Input
Mandatory Access Control (MAC)
Object
Slack Space
35. An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy.
E-Mail Spoofing
Orange Book C Classification
Recovery Strategy
Strong Authentication
36. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.
One Time Pad
Reciprocal Agreement
Metadata
Faraday Cage/ Shield
37. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.
Resumption
Fragmented Data
Mock Disaster
Journaling
38. A Denial of Service attack that exploits systems that are not able to handle malicious - overlapping and oversized IP fragments.
Switches
Identification
Multiplexers
Teardrop
39. OOP concept of an object at runtime
Network Attached Storage (NAS)
Examples of technical security components
Instance
Crisis
40. A process state - (blocked) needing input before continuing
Fire Prevention
Wait
Criminal Law
Procedure
41. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.
Pointer
Binary
Resumption
Metadata
42. The one person responsible for data - its classification and control setting
Common Criteria
Journaling
Administrative Access Controls
Information Owner
43. What is will remain - persistence
Deletion
Asymmetric
Durability
Surveillance
44. Weak evidence
Hearsay
Compression
Compensating
Cross Certification
45. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.
Kerckhoff's Principle
Change Control
Slack Space
Critical Infrastructure
46. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.
Common Law
Governance
Patch Management
Computer Forensics
47. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.
ISO/IEC 27002
Business Recovery Team
TEMPEST
Orange Book A Classification
48. An administrative unit or a group of objects and subjects controlled by one reference monitor
Journaling
Algorithm
Security Domain
Encryption
49. One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions
Wireless Fidelity (Wi-Fi )
SYN Flooding
Recovery Strategy
Operational Exercise
50. Pertaining to law - high degree of veracity
Accurate
Activation
Honeypot
Cold Site
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests