SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.
Security Domain
Redundant Servers
Faraday Cage/ Shield
Civil Law
2. Intellectual property management technique for identifying after distribution
Watermarking
Enticement
Bit
Mission-Critical Application
3. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing
E-Mail Spoofing
Technical Access Controls
Network Attached Storage (NAS)
Control Type
4. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.
Classification Scheme
Forensic Copy
TCSEC (Orange Book)
Embedded
5. A covert storage channel on the file attribute
Collisions
Alternate Data Streams (File System Forks)
3 Types of harm Addressed in computer crime laws
Complete
6. Weakness or flaw in an asset
Hard Disk
Vulnerability
Alternate Site
Recovery Strategy
7. The collection and summation of risk data relating to a particular asset and controls for that asset
Multi-Tasking
Sampling
Central Processing Unit (CPU)
Risk Assessment
8. A perpetrator leaves something behind or takes something with them at the scene of a crime
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
9. An administrative unit or a group of objects and subjects controlled by one reference monitor
Work Factor
Security Domain
Database Shadowing
Due Care
10. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.
File Shadowing
Rootkit
Acronym for American Standard Code for Information Interchange (ASCII)
Analysis
11. Responsibility of a user for the actions taken by their account which requires unique identification
Accountability
Threads
Masked/Interruptible
Generator
12. A database backup type which records at the transaction level
Deterrent
Key Management
Fault
Remote Journaling
13. Recovery alternative - everything needed for the business function - except people and last backup
Worm
Hot Site
Redundant Servers
On-Site
14. Individuals and departments responsible for the storage and safeguarding of computerized data.
Substitution
Total Risk
Data Custodian
System Downtime
15. Short period of low voltage.
Plain Text
Sag/Dip
Contact List
Surge
16. RADIUS - TACACS+ - Diameter
Trapdoors (Backdoors) (Maintenance Hooks)
Change Control
Watermarking
Centralized Access Control Technologies
17. Mathematical function that determines the cryptographic operations
Data Diddler
Algorithm
Routers
Degauss
18. Control category - more than one control on a single asset
Compensating
Orange Book A Classification
Databases
Risk
19. A cooperative collection of business processes and technologies used for the purpose of binding individuals to a digital certificate
Residual Data
BCP Testing Drills and Exercises
Desk Check Test
Public Key Infrastructure (PKI)
20. The technical and risk assesment of a system within the context of the operating environment
Alert
Policy
Aggregation
Certification
21. A software design technique for abstraction of a process
False Attack Stimulus
Bit
Business Continuity Program
Data Hiding
22. A control after attack
Analysis
Attacker (Black hat - Hacker)
Bridge
Countermeasure
23. Process whereby data is removed from active files and other data storage structures
Database Shadowing
Shadowing (file shadowing)
Operational Impact Analysis
Deletion
24. A template for the designing the architecture
Operational Test
Governance
Noise
Security Blueprint
25. A database that contains the name - type - range of values - source and authorization for access for each data element
Alternate Data Streams (File System Forks)
Embedded Systems
Due Diligence
Data Dictionary
26. A basic level of network access control that is based upon information contained in the IP packet header.
Legacy Data
Alert
Packet Filtering
TCSEC (Orange Book)
27. Asymmetric encryption of a hash of message
Declaration
Notification
Digital Signature
User
28. Requirement of access to data for a clearly defined purpose
Need-To-Know
Administrative Law
Machine Language (Machine Code)
Multi-Processor
29. System of law based upon what is good for society
Compression
Civil Or Code Law
Remote Journaling
File Sharing
30. A design methodology which addresses risk early and often
Vital Record
Cache
Classification Scheme
Spiral
31. Potential danger to information or systems
Bridge
Threats
Cipher Text
Hash Function
32. A disturbance that degrades performance of electronic devices and electronic communications.
Disaster
Threats
Active Data
Radio Frequency Interference (RFI)
33. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.
Business Interruption
Administrative Access Controls
ISO/IEC 27001
Mandatory Access Control (MAC)
34. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity
Satellite
Site Policy Awareness
Compensating
Durability
35. Natural or human-readable form of message
Plain Text
Supervisor Mode (monitor - system - privileged)
Data Recovery
Multi-Core
36. Narrow scope examination of a system
Information Technology Security Evaluation Criteria - ITSEC
Keyed-Hashing For Message Authentication
Targeted Testing
Plain Text
37. A unit of execution
Modems
Threads
Integrated Test
Mobile Recovery
38. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.
Mitigate
Restoration
File Shadowing
Payload
39. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).
Data Backups
Cross-Site Scripting
Discretionary Access Control (DAC)
Analysis
40. The process of assessing damage - following a disaster - to computer hardware - vital records - office facilities - etc. And determining what can be salvaged or restored and what must be replaced.
Strong Authentication
Infrastructure
Damage Assessment
Adware
41. Collection of data on business functions which determines the strategy of resiliency
Digital Signature
Business Impact Assessment (BIA)
Encapsulation
Side Channel Attack
42. Descrambling the encrypted message with the corresponding key
Mixed Law System
Decipher
Honeynet
Mirroring
43. False memory reference
Active Data
Dangling Pointer
Worldwide Interoperability for Microwave Access (WI-MAX )
Database Replication
44. The connection between a wireless and wired network.
Emergency
Electronic Vaulting
Business Impact Analysis
Access Point
45. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.
War Dialing
Common Criteria
Preemptive
Fire Classes
46. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions
Tactical
Site Policy
Resumption
ISO/IEC 27002
47. Program that inappropriately collects private data or activity
Plaintext
Cross Certification
Spyware
Multi-Party Control
48. An individuals conduct that violates government laws developed to protect the public
Criminal Law
Secondary Storage
Business Recovery Team
Encapsulation
49. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.
Business Interruption Insurance
Hash Function
Redundant Array Of Independent Drives (RAID)
Hacker
50. Used to code/decode a digital data stream.
Recovery Strategy
Codec
Emergency Operations Center (EOC)
System Life Cycle