SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Someone who wants to cause harm
Fire Suppression
Attacker (Black hat - Hacker)
Double Blind Testing
ITSEC
2. A process state - (blocked) needing input before continuing
Private Branch Exchange (PBX)
Payload
Embedded Systems
Wait
3. Control category- to give instructions or inform
Directive
Emergency Operations Center (EOC)
Due Care
ff Site
4. Only the key protects the encrypted information
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
5. Forging of an IP address.
Fire Classes
IP Address Spoofing
Cold Site
Strategic
6. A basic level of network access control that is based upon information contained in the IP packet header.
Data Integrity
Encryption
Packet Filtering
Evidence
7. Property that data is represented in the same manner at all times
Failure Modes and Effect Analysis (FEMA)
Acronym for American Standard Code for Information Interchange (ASCII)
Consistency
Waterfall
8. Security policy - procedures - and compliance enforcement
Classification
Emanations
Examples of non-technical security components
Trapdoors (Backdoors) (Maintenance Hooks)
9. A programming device use in development to circumvent controls
Trapdoors (Backdoors) (Maintenance Hooks)
Degauss
Tracking
Total Risk
10. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.
Deleted File
Total Risk
Operating
Method
11. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.
Fiber Optics
Codec
Inference
Firewalls
12. A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the security policy
Concentrator
Policy
SQL Injection
Mandatory Vacations
13. Controls for termination of attempt to access object
Spyware
Intrusion Prevention Systems
Ring Protection
File Server
14. The hard drive
Secondary Storage
Evidence
Backup
Sag/Dip
15. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.
Encipher
Hijacking
TNI (Red Book)
Structured Walkthrough
16. Ertaining to a number system that has just two unique digits.
Blackout
Memory Management
Non-Interference
Binary
17. Prolonged loss of commercial power
Identification
Blackout
Multi-Processing
Business Interruption Insurance
18. Just enough access to do the job
Inrush Current
Shift Cipher (Caesar)
Least Privilege
Data Recovery
19. Renders the record inaccessible to the database management system
Record Level Deletion
Risk
Initialization Vector
Administrative Law
20. Mediation of covert channels must be addressed
Logic Bomb
High-Risk Areas
Information Flow Model
Confidence Value
21. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.
Integrated Test
Cold Site
Access Control
Reference Monitor
22. Pertaining to law - high degree of veracity
Accurate
Physical Tampering
Repeaters
Hacker
23. All of the protection mechanism in a computer system
Hot Site
Trusted Computing Base
Quantitative Risk Analysis
Labeling
24. High level - pertaining to planning
Emergency Operations Center (EOC)
Strategic
Discretionary Access Control (DAC)
Object Reuse
25. Written step-by-step actions
Injection
Job Rotation
Procedure
Standalone Test
26. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements
ITSEC
Digital Certificate
User
Trade Secret
27. Requires two of the three user authentication attributes (knows - is or has) - e.g. you have an ATM card and enter a PIN
Strong Authentication
IP Address Spoofing
Firewalls
Revocation
28. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.
Business Recovery Timeline
Deleted File
Sharing
Memory Management
29. A physical enclosure for verifying identity before entry to a facility
ISO/IEC 27001
Strategic
Layering
Mantrap (Double Door System)
30. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.
Radio Frequency Interference (RFI)
Exposure
Business Continuity Program
JPEG (Joint Photographic Experts Group)
31. Consume resources to a point of exhaustion - loss of availability
Denial Of Service
Race Condition
File Extension
Authentic
32. For PKI - to store another copy of a key
Detection
Total Risk
Key Escrow
Data Backup Strategies
33. High frequency noise
Electromagnetic Interference (EMI)
Multi-Core
Business Impact Analysis
ISO/IEC 27002
34. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources
Near Site
Residual Risk
Workaround Procedures
Steganography
35. A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.
Bit
Event
Business Impact Assessment (BIA)
Framework
36. OOP concept of a taking attributes from the original or parent
Inheritance
Non-Interference
Business Continuity Steering Committee
Simulation
37. A group of hard drives working as one storage unit for the purpose of speed and fault tolerance
Mobile Recovery
Redundant Array Of Independent Drives (RAID)
Mandatory Vacations
Inheritance
38. Code breaking - practice of defeating the protective properties of cryptography.
Disk Mirroring
Cache
Cryptanalysis
Log
39. People protect their domain
Life Cycle of Evidence
Territoriality
Redundant Array Of Independent Drives (RAID)
Compression
40. For PKI - to have more than one person in charge of a sensitive function
Multi-Party Control
File Extension
Multiplexers
Cryptology
41. Unauthorized wireless network access device.
Intrusion Prevention Systems
Walk Though
Patch Management
Rogue Access Points
42. Responsibility for actions
Database Shadowing
Inference
Liability
Workaround Procedures
43. Deals with discretionary protection
Orange Book C Classification
Business Impact Analysis
Pervasive Computing and Mobile Computing Devices
Burn
44. Disruption of operation of an electronic device due to a competing electromagnetic field.
Information Owner
EMI
Cookie
Protection
45. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.
Orange Book A Classification
Privacy Laws
Data Hiding
Phishing
46. To set the clearance of a subject or the classification of an object
Metadata
Near Site
Hearsay
Labeling
47. Owner directed mediation of access
Denial Of Service
Declaration
Remote Journaling
Discretionary
48. An opportunity for a threat to cause loss. (terminology that encompasses many recent risk terms)
Exposure
One Time Pad
Hearsay Evidence
Bollard
49. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.
Brute Force
ITSEC
Burn
Disaster Recovery Plan
50. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.
HTTP Response Splitting
Rootkit
Object Reuse
Microwave
