SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Potentially retrievable data residue that remains following intended erasure of data.
Criminal Law
Time Of Check/Time Of Use
Operational Exercise
Remanence
2. Indivisible - data field must contain only one value that either all transactions take place or none do
Framework
Atomicity
Certification
Log
3. A Denial of Service attack initiated by sending spoofed UDP echo request to IP broadcast addresses. (See Smurf)
JPEG (Joint Photographic Experts Group)
SQL Injection
Mobile Site
Fraggle
4. A state for operating system tasks only
Business Unit Recovery
Modification
Hijacking
Supervisor Mode (monitor - system - privileged)
5. What is will remain - persistence
Multi-Core
Site Policy Awareness
Durability
Triage
6. High frequency noise
Electromagnetic Interference (EMI)
Slack Space
Near Site
Business Impact Assessment (BIA)
7. Act of luring an intruder and is legal.
Recovery Point Objective (RPO)
Enticement
Mission-Critical Application
Storage Area Network (SAN)
8. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.
Standard
Standalone Test
Education
Examples of technical security components
9. When two or more computers are networked together in a LAN situation - one computer may be utilized as a storage location for files for the group.
Machine Language (Machine Code)
File Server
Mirrored Site
Satellite
10. A copy of transaction data - designed for querying and reporting
Warm Site
Attacker (Black hat - Hacker)
Data Warehouse
Accountability
11. Outputs within a given function are the same result
Bit
Collisions
Tactical
Administrative
12. Long term knowledge building
Workaround Procedures
Spyware
Education
Critical Functions
13. The partial or full duplication of data from a source database to one or more destination databases.
Database Replication
Switches
Radio Frequency Interference (RFI)
Mission-Critical Application
14. A structured group of teams ready to take control of the recovery operations if a disaster should occur.
Locard's Principle
Replication
State Machine Model
Disaster Recovery Teams (Business Recovery Teams)
15. An availability attack - to consume resources to the point of exhaustion from multiple vectors
Distributed Denial Of Service
Business Continuity Steering Committee
Capability Tables
Byte Level Deletion
16. Third party processes used to organize the implementation of an architecture
Multi-Party Control
Smurf
Framework
ff Site
17. Information which has retained its importance - but which has been created or stored by software/hardware that has been rendered obsolete.
Data Warehouse
Business Continuity Steering Committee
Targeted Testing
Legacy Data
18. Converts source code to an executable
Durability
Chain Of Custody
Electronic Vaulting
Compiler
19. System mediation of access with the focus on the context of the request
Content Dependent Access Control
Mantrap (Double Door System)
Standard
Due Care
20. Controls for termination of attempt to access object
Elements of Negligence
Intrusion Prevention Systems
Substitution
Checklist Test
21. A collection of data or information that has a name
File
Content Dependent Access Control
Capability Tables
Malformed Input
22. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements
Risk Assessment
Least Privilege
TCSEC (Orange Book)
Wireless Fidelity (Wi-Fi )
23. Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.
Fragmented Data
Alternate Data Streams (File System Forks)
Mitigate
Life Cycle of Evidence
24. The one person responsible for data - its classification and control setting
Plaintext
Kernel
Masquerading
Information Owner
25. The current internationally accepted set of standards and processes for information security products evaluation and assurance - which joins function and assurance requirements
Common Criteria
MOM
Security Blueprint
Contingency Plan
26. High degree of visual control
Strong Authentication
Technical Access Controls
Surveillance
Policy
27. Line noise that is superimposed on the supply circuit.
Executive Succession
Multiplexers
Transients
Masked/Interruptible
28. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)
Disaster
Access Control
Reference Monitor
Smurf
29. Subject based description of a system or a collection of resources
Data Backups
Embedded
Encipher
Capability Tables
30. Recognition of an individual's assertion of identity.
Identification
Plain Text
User
Marking
31. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.
Reference Monitor
Deterrent
Detection
Salami
32. OOP concept of a distinct copy of the class
Intrusion Prevention Systems
Dictionary Attack
Object
Virus
33. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.
Critical Records
Backup
Honeynet
Pervasive Computing and Mobile Computing Devices
34. Redundant component that provides failover capability in the event of failure or interruption of a primary component.
Discretionary
Entrapment
Hot Spares
Multi-Core
35. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.
Brute Force
Change Control
Surge Suppressor
Certificate Revocation List (CRL)
36. Calculation encompassing threats - vulnerabilities and assets
Total Risk
Administrative Laws
Incident Manager
Certificate Revocation List (CRL)
37. A BCP testing type - a test that answers the question: Can the organization operate at the alternate location only?
Test Plan
Asymmetric
Full Test (Full Interruption)
3 Types of harm Addressed in computer crime laws
38. The principles a person sets for themselves to follow
Structured Walkthrough
Ethics
Containment
Emanations
39. Subjects will not interact with each other's objects
Covert Channel
Keystroke Logging
Inheritance
Non-Interference
40. A backup of data located where staff can gain access immediately
On-Site
Containment
Object
Ethics
41. A set of best practices for programmers to seek in all application or data base design: Atomicity - Consistency - Isolation - Durability
Job Training
File Extension
Radio Frequency Interference (RFI)
The ACID Test
42. Recovery alternative - short-term - high cost movable processing location
Class
Corrective
Mobile Site
Forward Recovery
43. For PKI - decertify an entities certificate
Revocation
Interpreter
Kerberos
UPS
44. Fault tolerance for power
Generator
Mobile Site
Administrative Access Controls
Information Flow Model
45. Eavesdropping on network communications by a third party.
Restoration
Forward Recovery
Tapping
Key Clustering
46. System of law based upon what is good for society
Total Risk
Surge
Polymorphism
Civil Or Code Law
47. Line by line translation from a high level language to machine code
Interpreter
Sag/Dip
5 Rules Of Evidence
Due Diligence
48. A basic level of network access control that is based upon information contained in the IP packet header.
Packet Filtering
Shielding
Cryptology
Resumption
49. Mitigation of system or component loss or interruption through use of backup capability.
Fault Tolerance
Framework
Database Shadowing
Firmware
50. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)
Declaration
Modems
Emergency Procedures
Object Oriented Programming (OOP)
