SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. OOP concept of a taking attributes from the original or parent
Walk Though
Job Rotation
Inheritance
Business Recovery Team
2. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?
Patent
Desk Check Test
Triage
Access Control Lists
3. Requirement to take time off
Operational Impact Analysis
Mandatory Vacations
Mobile Site
Corrective
4. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).
Multilevel Security System
Alert/Alarm
Threads
Discretionary Access Control (DAC)
5. A template for the designing the architecture
Mandatory Access Control (MAC)
DR Or BC Coordinator
Need-To-Know
Security Blueprint
6. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services
Atomicity
Access Control Lists
System Downtime
Open Mail Relay Servers
7. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)
Declaration
Business Interruption Insurance
Privacy Laws
Failure Modes and Effect Analysis (FEMA)
8. Business activities or information that could not be interrupted or unavailable for several business days without significantly jeopardizing operation of the organization.
Critical Functions
Multi-Party Control
Contact List
Trusted Computing Base
9. A distributed system's transaction control that requires updates to complete or rollback
Decipher
2-Phase Commit
Checklist Test (desk check)
Total Risk
10. Sudden rise in voltage in the power supply.
Key Management
Surge
Sampling
Identification
11. Written step-by-step actions
Remote Access Trojan
Procedure
Debriefing/Feedback
Domain
12. A Denial of Service attack that exploits systems that are not able to handle malicious - overlapping and oversized IP fragments.
Hub
Atomicity
Record Level Deletion
Teardrop
13. An image compression standard for photographs
Infrastructure
Reference Monitor
File Extension
JPEG (Joint Photographic Experts Group)
14. To stop damage from spreading
Reference Monitor
Containment
Operational Impact Analysis
Risk Assessment / Analysis
15. A test that answers the questions: Does the organization have the documentation it needs? Can it be located?
Information Risk Management (IRM)
Business Interruption
Orange Book D Classification
Checklist Test (desk check)
16. A type of multitasking that allows for more even distribution of computing time among competing request
Privacy Laws
Preemptive
Burn
Switches
17. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)
Procedure
Interception
E-Mail Spoofing
Multi-Processing
18. Controls for termination of attempt to access object
System Downtime
Digital Signature
Tort
Intrusion Prevention Systems
19. Uncheck data input which results in redirection
Incident Response Team
Physical Tampering
Identification
HTTP Response Splitting
20. A planned or unplanned interruption in system availability.
System Downtime
Inheritance
Fire Classes
Botnet
21. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid
War Driving
Metadata
Civil Law
Framework
22. To assert or claim credentialing to an authentication system
Discretionary Access Control (DAC)
Orange Book C Classification
Identification
Central Processing Unit (CPU)
23. An administrative unit or a group of objects and subjects controlled by one reference monitor
Distributed Denial Of Service
Symmetric
Security Domain
Operational
24. Process of statistically testing a data set for the likelihood of relevant information.
Key Clustering
Recovery Period
Threats
Sampling
25. Act of luring an intruder and is legal.
Enticement
Restoration
Dictionary Attack
File Level Deletion
26. A critical event - which - if not handled in an appropriate manner - may dramatically impact an organization's profitability - reputation - or ability to operate.
Crisis
Critical Records
Disaster
Non-Repudiation
27. Two different keys decrypt the same cipher text
Call Tree
Key Clustering
Mobile Site
Waterfall
28. People protect their domain
Chain of Custody
Business Continuity Program
Job Rotation
Territoriality
29. To break a business process into separate functions and assign to different people
Detective
Business Impact Assessment (BIA)
Separation Of Duties
Payload
30. Something that happened
Plan Maintenance Procedures
Job Rotation
Orange Book B1 Classification
Event
31. Periodic - automatic and transparent backup of data in bulk.
Electronic Vaulting
Technical Access Controls
Encapsulation
Full Test (Full Interruption)
32. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.
Surge
Plaintext
High-Risk Areas
Bumping
33. Implementation of operating system protection mechanism - where more sensitive built upon the layering concept
Emergency
Open Mail Relay Servers
Encapsulation
Ring Protection
34. Intellectual property protection for marketing efforts
Job Rotation
Trademark
Storage Area Network (SAN)
Fire Suppression
35. Uses two or more legal systems
Fire Prevention
Information Risk Management (IRM)
Internal Use Only
Mixed Law System
36. Pertaining to law - lending it self to one side of an argument
Convincing
Denial Of Service
System Life Cycle
JPEG (Joint Photographic Experts Group)
37. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.
Isolation
Hard Disk
Database Shadowing
Metadata
38. Control category - more than one control on a single asset
UPS
Compensating
Full-Interruption test
Discretionary Access Control (DAC)
39. A type a computer memory that temporarily stores frequently used information for quick access.
Alert/Alarm
Masquerading
TIFF (Tagged Image File Format)
Cache
40. Object based description of a single resource and the permission each subject
Cryptanalysis
Convincing
Firewalls
Access Control Lists
41. Eavesdropping on network communications by a third party.
Tapping
Honeynet
Reciprocal Agreement
Digital Signature
42. Information that - if made public or even shared around the organization - could seriously impede the organization's operations
State Machine Model
Active Data
Highly Confidential
Storage Area Network (SAN)
43. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.
Business Interruption Insurance
Shadowing (file shadowing)
Supervisor Mode (monitor - system - privileged)
Data Leakage
44. Power surge
Education
Kernel
Orange Book D Classification
Electrostatic Discharge
45. Uncleared buffers or media
Trapdoors (Backdoors) (Maintenance Hooks)
Spyware
Checklist Test (desk check)
Object Reuse
46. Mediates communication between un-trusted hosts on behalf of the hosts that it protects.
Record Level Deletion
Honeypot
TIFF (Tagged Image File Format)
Proxies
47. Recovery alternative - a building only with sufficient power - and HVAC
Content Dependent Access Control
Cold Site
Orange Book B1 Classification
MOM
48. Heavily populated areas - particularly susceptible to high-intensity earthquakes - floods - tsunamis - or other disasters - for which emergency response may be necessary in the event of a disaster.
Policy
High-Risk Areas
Cipher Text
Deterrent
49. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.
Warm Site
Intrusion Prevention Systems
Recovery Point Objective (RPO)
Content Dependent Access Control
50. The connection between a wireless and wired network.
Information Owner
Access Point
Walk Though
Hearsay