SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Review of data
Standalone Test
Warm Site
Security Kernel
Analysis
2. When two or more computers are networked together in a LAN situation - one computer may be utilized as a storage location for files for the group.
Uninterruptible Power Supply (UPS)
File Server
Governance
Class
3. Ertaining to a number system that has just two unique digits.
Object Reuse
Binary
Botnet
Mission-Critical Application
4. An access policy that uses a security label system. Users have clearances - and resources have security labels that contain data classifications. MAC compares these two attributes to determine access control capabilies - most commonly used in governm
Protection
Mandatory Access Control (MAC)
Crisis
Layering
5. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.
Assembler
Fault Tolerance
Eavesdropping
Reciprocal Agreement
6. Regular operations are stopped and where processing is moved to the alternate site.
Recovery Period
Multi-Programming
Accountability
Full-Interruption test
7. Line noise that is superimposed on the supply circuit.
Governance
Secondary Storage
Transients
Certificate Revocation List (CRL)
8. A collection of information designed to reduce duplication and increase integrity
Capability Tables
Databases
Desk Check Test
Architecture
9. A process state - (blocked) needing input before continuing
Wait
Classification
Deterrent
Internal Use Only
10. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions
Access Control Attacks
Bumping
Framework
Orange Book D Classification
11. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.
Physical Tampering
True Attack Stimulus
Worldwide Interoperability for Microwave Access (WI-MAX )
Non-Interference
12. Controls for termination of attempt to access object
Fire Prevention
Deadlock
Double Blind Testing
Intrusion Prevention Systems
13. Potential danger to information or systems
Public Key Infrastructure (PKI)
Risk Assessment
Threats
Job Training
14. Calculation encompassing threats - vulnerabilities and assets
IP Address Spoofing
TEMPEST
Emergency Procedures
Total Risk
15. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.
Business Unit Recovery
Executive Succession
3 Types of harm Addressed in computer crime laws
Modems
16. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).
Contingency Plan
Metadata
Criminal Law
Repeaters
17. A design methodology which addresses risk early and often
Job Training
Labeling
Threads
Spiral
18. The process of assessing damage - following a disaster - to computer hardware - vital records - office facilities - etc. And determining what can be salvaged or restored and what must be replaced.
Damage Assessment
Recovery Point Objective (RPO)
Rollback
Virus
19. To smooth out reductions or increases in power
Hijacking
Orange Book C2 Classification
UPS
BCP Testing Drills and Exercises
20. The partial or full duplication of data from a source database to one or more destination databases.
Interception
Database Replication
Patch Management
Basics Of Secure Design
21. A technology that reduces the size of a file.
Data Backups
Disaster Recovery Tape
Ring Protection
Compression
22. A committee of decision makers - business owners - technology experts and continuity professionals - tasked with making strategic recovery and continuity planning decisions for the organization.
Data Warehouse
State Machine Model
Multi-Processor
Business Continuity Steering Committee
23. A practice execution of the plan takes place. A specific scenario is established - and the simulation continues up to the point of actual relocation to the alternate site.
Alternate Site
Simulation Test
Hash Function
Encryption
24. Robust project management process of new systems with at least the following phases: design and development - production - distribution - operation - maintenance - retirement - and disposal
System Life Cycle
Resumption
Data Owner
Firewalls
25. A process state - to be executing a process on the CPU
Surge Suppressor
Disaster Recovery Teams (Business Recovery Teams)
Common Criteria
Running
26. Alternate facility - other than the primary production site - where duplicated vital records and documentation may be stored for use during disaster recovery.
Off-Site Storage
Contingency Plan
Backup
Non-Discretionary Access Control
27. A set of best practices for programmers to seek in all application or data base design: Atomicity - Consistency - Isolation - Durability
Compiler
The ACID Test
Recovery Point Objective (RPO)
BCP Testing Drills and Exercises
28. The first rating that requires security labels
Object
Mock Disaster
Electrostatic Discharge
Orange Book B1 Classification
29. A type a computer memory that temporarily stores frequently used information for quick access.
Cache
Redundant Array Of Independent Drives (RAID)
Data Dictionary
Business Interruption Insurance
30. A type of multitasking that allows for more even distribution of computing time among competing request
5 Rules Of Evidence
Preemptive
Checklist Test
Recovery Period
31. To jump to a conclusion
Administrative Laws
Inference
Faraday Cage/ Shield
ITSEC
32. Use of specialized techniques for recovery - authentication - and analysis of electronic data
Architecture
Strategic
Change Control
Computer Forensics
33. A risk assessment method - intrinsic value
Embedded
Data Dictionary
Qualitative
Privacy Laws
34. Employment education done once per position or at significant change of function
Resumption
Vulnerability
IP Fragmentation
Job Training
35. A collection of data or information that has a name
Prevention
Residual Risk
Test Plan
File
36. A perpetrator leaves something behind or takes something with them at the scene of a crime
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
37. A backup of data located where staff can gain access readily and a localized disaster will not cause harm
Rollback
Near Site
5 Rules Of Evidence
Dangling Pointer
38. Physical description on the exterior of an object that communicates the existence of a label
Containment
Classification Scheme
Marking
State Machine Model
39. Total number of keys available that may be selected by the user of a cryptosystem
Admissible
Key Space
Technical Access Controls
Accountability
40. Part of a transaction control for a database which informs the database of the last recorded transaction
Bridge
Basics Of Secure Design
Checkpoint
Access Control Lists
41. OOP concept of an object's abilities - what it does
Collisions
Salami
Object Oriented Programming (OOP)
Method
42. Renders the file inaccessible to the operating system - available to reuse for data storage.
Workaround Procedures
Job Rotation
Honeynet
File Level Deletion
43. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.
Business Interruption Insurance
Proxies
Remote Access Trojan
Policy
44. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.
Access Control
Mandatory Vacations
Plain Text
Business Interruption
45. Record of system activity - which provides for monitoring and detection.
Wait
Strong Authentication
Log
Generator
46. A subnetwork with storage devices servicing all servers on the attached network.
Storage Area Network (SAN)
Structured Walk-Through Test
CPU Cache
Capability Tables
47. Authentication protocol which only uses symmetric session keys between principals distributed by a 3rd party using different preshared symmetric keys
Kerberos
Administrative Access Controls
Labeling
Radio Frequency Interference (RFI)
48. RADIUS - TACACS+ - Diameter
Certification Authority
Centralized Access Control Technologies
Kernel
Security Domain
49. With enough computing power trying all possible combinations
Repeaters
Brute Force
Lattice
Parallel Test
50. Intellectual property management technique for identifying after distribution
Network Attached Storage (NAS)
Electrostatic Discharge
Watermarking
Man-In-The-Middle Attack
