SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Security Policy - Personnel Controls - Supervisory Structure - Security Awareness Training - Testing
Administrative Access Controls
Orange Book A Classification
Total Risk
Conflict Of Interest
2. Objects or programming that looks the different but act same
File
Fault
Polymorphism
IP Address Spoofing
3. A state for operating system tasks only
Supervisor Mode (monitor - system - privileged)
Threats
Waterfall
Recovery Point Objective (RPO)
4. The managerial approval to operate a system based upon knowledge of risk to operate
Accreditation
Alarm Filtering
Guidelines
Decipher
5. Unauthorized access of network devices.
Physical Tampering
Separation Of Duties
Active Data
Walk Though
6. Less granular organization of controls -
Control Type
Vital Record
Orange Book A Classification
Near Site
7. Enclosure of electronic communication devices to prevent leakage of electromagnetic signals.
Orange Book A Classification
Smurf
Metadata
Shielding
8. To start business continuity processes
One Time Pad
Structured Walk-Through Test
2-Phase Commit
Activation
9. A state where two subjects can access the same object without proper mediation
Race Condition
Strategic
Covert Channel
Virtual Memory
10. System directed mediation of access with labels
Chain Of Custody
Basics Of Secure Design
Mandatory
Desk Check Test
11. Program instructions based upon the CPU's specific architecture
Orange Book A Classification
Brownout
Machine Language (Machine Code)
Key Management
12. Planning with a goal of returning to the normal business function
Orange Book B1 Classification
Checkpoint
Wireless Fidelity (Wi-Fi )
Restoration
13. Organization's prior arrangements made to maintain the functions and processes important to the existence of the organization
Hash Function
Object
Administrative
Business Continuity Planning (BCP)
14. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.
Plain Text
Sag/Dip
Architecture
Business Unit Recovery
15. Unused storage capacity
Administrative Law
Admissible
Slack Space
Transfer
16. Cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components
Revocation
Secondary Storage
Plaintext
Masked/Interruptible
17. To break a business process into separate functions and assign to different people
Private Branch Exchange (PBX)
Malformed Input
Separation Of Duties
Civil Law
18. A process state - to be executing a process on the CPU
Operational
Standard
Running
Fire Detection
19. One way encryption
Life Cycle of Evidence
Risk Assessment / Analysis
Remanence
Hash Function
20. DoS - Spoofing - dictionary - brute force - wardialing
Procedure
Access Control Attacks
Administrative Law
Memory Management
21. Disruption of operation of an electronic device due to a competing electromagnetic field.
Reciprocal Agreement
Firewalls
Maximum Tolerable Downtime (MTD)
EMI
22. The event signaling an IDS to produce an alarm when no attack has taken place
Boot (V.)
Legacy Data
False Attack Stimulus
Discretionary Access Control (DAC)
23. A choice in risk management - to implement a control that limits or lessens negative effects
Sag/Dip
Concatenation
Multi-Tasking
Mitigate
24. A perpetrator leaves something behind or takes something with them at the scene of a crime
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
25. The property that data meet with a priority expectation of quality and that the data can be relied upon.
Hub
Warm Site
Data Integrity
Central Processing Unit (CPU)
26. Weak evidence
Teardrop
Encipher
Firewall
Hearsay
27. Something that happened
Critical Infrastructure
Emergency Procedures
Mobile Recovery
Event
28. Guidelines within an organization that control the rules and configurations of an IDS
Site Policy
Job Training
Moore's Law
TIFF (Tagged Image File Format)
29. Record of system activity - which provides for monitoring and detection.
Cross Certification
Framework
Log
Information Risk Management (IRM)
30. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.
Microwave
Trademark
Substitution
Examples of technical security components
31. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated
Patch Panels
TIFF (Tagged Image File Format)
Payload
Initialization Vector
32. High frequency noise
Substitution
Convincing
Qualitative
Electromagnetic Interference (EMI)
33. To set the clearance of a subject or the classification of an object
Access Control Matrix
Fragmented Data
Aggregation
Labeling
34. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.
Sampling
Tar Pits
Voice Over IP (VOIP)
Multi-Tasking
35. May be responsible for overall recovery of an organization or unit(s).
Trojan Horse
Electrostatic Discharge
DR Or BC Coordinator
Monitor
36. Used to code/decode a digital data stream.
Data Backups
Codec
Logic Bomb
Control Category
37. Two certificate authorities that trust each other
Recovery
Cross Certification
Discretionary Access Control (DAC)
Recovery Point Objective (RPO)
38. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.
Job Training
Sag/Dip
Source Routing Exploitation
Storage Area Network (SAN)
39. Pertaining to law - no omissions
Complete
Spiral
Mission-Critical Application
Custodian
40. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?
Picking
Desk Check Test
Identification
Countermeasure
41. Property that data is represented in the same manner at all times
Off-Site Storage
Access Point
Certification Authority
Consistency
42. The risk that remains after management implements internal controls - or some other response to risk - (Threats x Vulnerability x Asset Value) x Controls Gap = Residual Risk
Non-Interference
Physical Tampering
Residual Risk
JPEG (Joint Photographic Experts Group)
43. Recovery alternative - everything needed for the business function - except people and last backup
Revocation
Hot Site
CPU Cache
State Machine Model
44. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.
Checklist Test
Routers
Modification
Burn
45. Business and technical process of applying security software updates in a regulated periodic way
Patch Management
Recovery
Blind Testing
Virtual Memory
46. Process whereby data is removed from active files and other data storage structures
Satellite
Deletion
Hearsay
Firmware
47. A program with an inappropriate second purpose
State Machine Model
Dangling Pointer
Transients
Trojan Horse
48. Calculation encompassing threats - vulnerabilities and assets
Total Risk
Recovery
Trojan Horse
Object Reuse
49. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).
Emergency Operations Center (EOC)
Hub
Encryption
Mandatory Access Control (MAC)
50. Maximum tolerance for loss of certain business function - basis of strategy
SYN Flooding
Reference Monitor
Recovery Time Objectives
MOM
