SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Communication of a security incident to stakeholders and data owners.
Hub
Notification
User
Smurf
2. A physical enclosure for verifying identity before entry to a facility
Kerberos
Dangling Pointer
Information Technology Security Evaluation Criteria - ITSEC
Mantrap (Double Door System)
3. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor
Gateway
State Machine Model
Privacy Laws
Coaxial Cable
4. Renders the file inaccessible to the operating system - available to reuse for data storage.
Incident Handling
Overlapping Fragment Attack
File Level Deletion
Byte Level Deletion
5. One way encryption
Hash Function
Security Clearance
Structured Walkthrough
Top Secret
6. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.
Electrostatic Discharge
Exercise
Business Unit Recovery
Labeling
7. Key
Object
Cryptovariable
Computer System Evidence
User
8. An activity that is performed for the purpose of training and conditioning team members - and improving their performance.
Checksum
Eavesdropping
Exercise
Bit
9. Dedicated fast memory located on the same board as the CPU
Critical Records
CPU Cache
Threats
Framework
10. Recording the Who What When Where How of evidence
Binary
Information Flow Model
Chain Of Custody
Emergency Procedures
11. Code making
Certification Authority
Checklist Test
Policy
Cryptography
12. Highly sensitive internal documents that could seriously damage the organization if such information were lost or made public.
Object
Top Secret
Smurf
TIFF (Tagged Image File Format)
13. Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.
Fragmented Data
Compensating
Sharing
Warm Site
14. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.
Redundant Servers
Disaster Recovery Teams (Business Recovery Teams)
Byte Level Deletion
Work Factor
15. A practice execution of the plan takes place. A specific scenario is established - and the simulation continues up to the point of actual relocation to the alternate site.
Mock Disaster
Process Isolation
Simulation Test
Data Dictionary
16. Total number of keys available that may be selected by the user of a cryptosystem
Orange Book C Classification
Key Space
Time Of Check/Time Of Use
Mission-Critical Application
17. It is embedded as part of a complete device often including hardware and mechanical parts - Features a limited OS - Mobile phones - routers and wireless devices take a similar approach - Less than robust security features - Difficult to patch.
Non-Interference
Embedded Systems
Business Continuity Steering Committee
Risk
18. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.
False Negative
The ACID Test
Data Backups
Wireless Fidelity (Wi-Fi )
19. A unit of execution
Threads
File Sharing
Quantitative Risk Analysis
Business Interruption Insurance
20. An individuals conduct that violates government laws developed to protect the public
Mobile Recovery
Method
Life Cycle of Evidence
Criminal Law
21. A test that answers the questions: Does the organization have the documentation it needs? Can it be located?
Attacker (Black hat - Hacker)
Architecture
Checklist Test (desk check)
Noise
22. One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions
Operational Exercise
Disaster
Data Leakage
Data Hiding
23. Responsibility of a user for the actions taken by their account which requires unique identification
Plan Maintenance Procedures
Electromagnetic Interference (EMI)
Triage
Accountability
24. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.
Emergency
ISO/IEC 27002
Targeted Testing
Business Recovery Timeline
25. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress
True Attack Stimulus
Simulation
Safeguard
Cookie
26. To ensure that evidence will be admissible in court by showing it was properly controlled and handled before being presented in court
Hard Disk
Directive
Chain of Custody
Running
27. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."
Brownout
Authentic
Faraday Cage/ Shield
Disaster Recovery Tape
28. A value an organization places on an IDS based on past performance and analysis to help determine its ability to effectively identify an attack
Covert Channel
Confidence Value
Recovery Point Objective (RPO)
Resumption
29. A description of a database
Data Dictionary
Time Of Check/Time Of Use
Supervisor Mode (monitor - system - privileged)
Mirroring
30. A device that sequentially switches multiple analog inputs to the output.
Object
Multiplexers
Restoration
Radio Frequency Interference (RFI)
31. Unauthorized wireless network access device.
Rogue Access Points
Plain Text
Key Escrow
Civil Law
32. The managerial approval to operate a system based upon knowledge of risk to operate
Accreditation
Chain Of Custody
Intrusion Detection Systems
Patent
33. Pertaining to law - high degree of veracity
JPEG (Joint Photographic Experts Group)
Ring Protection
Accurate
Disaster Recovery Tape
34. Organized group of compromised computers
Warm Site
Botnet
Shift Cipher (Caesar)
Off-Site Storage
35. Can be statistical (monitor behavior) or signature based (watch for known attacks)
Keyed-Hashing For Message Authentication
IDS Intrusion Detection System
Dictionary Attack
Rollback
36. Method for determine functions - identifying function failure - assessing it - and were failure is most likely to occur
Failure Modes and Effect Analysis (FEMA)
Interference (Noise)
Repeaters
Security Blueprint
37. A record that must be preserved and available for retrieval if needed.
Blind Testing
Databases
Vital Record
Denial Of Service
38. Vehicle stopping object
Business Recovery Timeline
Satellite
Bollard
Recovery
39. Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization - community - nation - etc
Critical Infrastructure
Spiral
Plan Maintenance Procedures
Preemptive
40. Unsolicited advertising software
Wireless Fidelity (Wi-Fi )
Adware
Data Dictionary
Proprietary
41. A process state - to be either be unable to run waiting for an external event or terminated
Service Bureau
Buffer Overflow
Stopped
Active Data
42. Try a list of words in passwords or encryption keys
Dictionary Attack
Mock Disaster
Incident Response Team
Vulnerability
43. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.
Secondary Storage
File Server
Multilevel Security System
Twisted Pair
44. Quantity of risk remaining after a control is applied
Residual Risk
Burn
Shielding
Orange Book D Classification
45. To move from location to location - keeping the same function
File Level Deletion
Workaround Procedures
Job Rotation
Virtual Memory
46. Two different keys decrypt the same cipher text
Orange Book B1 Classification
Key Clustering
Running
Object
47. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.
Countermeasure
Non-Interference
Business Recovery Timeline
Multi-Processor
48. A document designed to periodically exercise specific action tasks and procedures to ensure viability in a real disaster or severe outage situation.
Test Plan
Sag/Dip
Hot Spares
Firewall
49. The first rating that requires security labels
Orange Book B1 Classification
Satellite
Data Backups
Brownout
50. Creation distribution update and deletion
Compensating
Key Management
Data Hiding
Proxies