SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A database backup type which records at the transaction level
Network Attached Storage (NAS)
Message Digest
Teardrop
Remote Journaling
2. To break a business process into separate functions and assign to different people
Patch Management
System Life Cycle
Isolation
Separation Of Duties
3. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.
Reciprocal Agreement
Collisions
Machine Language (Machine Code)
Strategic
4. A programming design concept which abstracts one set of functions from another in a serialized fashion
Layering
Routers
Interference (Noise)
Deadlock
5. For PKI - to have more than one person in charge of a sensitive function
Multi-Party Control
Isolation
Proxies
Object
6. To set the clearance of a subject or the classification of an object
Need-To-Know
Labeling
Concentrator
Authentic
7. A program that waits for a condition or time to occur that executes an inappropriate activity
Access Control Matrix
Logic Bomb
Distributed Denial Of Service
Physical Tampering
8. Renders the file inaccessible to the operating system - available to reuse for data storage.
Object
Resumption
File Level Deletion
Directive
9. The core logic engine of an operating system which almost never changes
Monitor
Data Backups
Kernel
Data Marts
10. Object based description of a single resource and the permission each subject
Business Continuity Program
Double Blind Testing
Symmetric
Access Control Lists
11. Statistical probabilities of a collision are more likely than one thinks
Code
Birthday Attack
ISO/IEC 27001
Operational Test
12. A committee of decision makers - business owners - technology experts and continuity professionals - tasked with making strategic recovery and continuity planning decisions for the organization.
Safeguard
Business Continuity Steering Committee
Disaster Recovery Teams (Business Recovery Teams)
Business Recovery Timeline
13. A passive network attack involving monitoring of traffic.
Top Secret
Eavesdropping
Application Programming Interface
Denial Of Service
14. Recovery alternative - short-term - high cost movable processing location
Running Key
Initialization Vector
Incident Handling
Mobile Site
15. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.
Remote Journaling
User
Data Backups
Sharing
16. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)
Pointer
Declaration
Coaxial Cable
Inheritance
17. Used to code/decode a digital data stream.
Processes are Isolated By
Alternate Site
Fire Prevention
Codec
18. More than one processor sharing same memory - also know as parallel systems
Bumping
Digital Certificate
Non-Interference
Multi-Processor
19. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.
Orange Book C Classification
Isolation
Worldwide Interoperability for Microwave Access (WI-MAX )
Recovery Point Objective (RPO)
20. A codename that refers to the study and mitigation of information disclosure via electromagnetic emanations from electronic equipment.
Stopped
TEMPEST
Access Control Lists
Containment
21. Location where coordination and execution of BCP or DRP is directed
Capability Tables
Emergency Operations Center (EOC)
Critical Records
Sharing
22. A test conducted on multiple components of a plan - in conjunction with each other - typically under simulated operating conditions
Containment
Integrated Test
True Attack Stimulus
Intrusion Prevention Systems
23. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.
Shielding
Risk
Quantitative Risk Analysis
Packet Filtering
24. Evaluation of a system without prior knowledge by the tester
Keystroke Logging
Rollback
Blind Testing
Atomicity
25. To evaluate the current situation and make basic decisions as to what to do
Open Mail Relay Servers
Disaster Recovery Plan
Triage
Sniffing
26. Highly sensitive internal documents that could seriously damage the organization if such information were lost or made public.
Electromagnetic Interference (EMI)
Top Secret
Executive Succession
Hot Spares
27. Code breaking - practice of defeating the protective properties of cryptography.
Encapsulation
Operational Test
Incident Response
Cryptanalysis
28. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner
Damage Assessment
Double Blind Testing
Life Cycle of Evidence
Code
29. One of the key benefits of a network is the ability to share files stored on the server among several users.
File Sharing
Digital Certificate
Accreditation
Modems
30. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives
Common Law
Information Owner
Distributed Processing
Memory Management
31. An encryption method that has a key as long as the message
Buffer Overflow
Satellite
Electrostatic Discharge
Running Key
32. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated
Disaster
Orange Book D Classification
War Dialing
Initialization Vector
33. A critical event - which - if not handled in an appropriate manner - may dramatically impact an organization's profitability - reputation - or ability to operate.
Restoration
Crisis
Denial Of Service
Policy
34. A perpetrator leaves something behind or takes something with them at the scene of a crime
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
35. Final purpose or result
Incident Response Team
Declaration
Sharing
Payload
36. Server optimized for providing file-based data storage to the network. Unlike a File Server - a NAS unit has no input or output devices - and the OS is dedicated for providing storage services.
Network Attached Storage (NAS)
Containment
Threads
Compiler
37. Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).
Alert/Alarm
Key Escrow
Degauss
Integrated Test
38. Impossibility of denying authenticity and identity
Checklist Test
Threats
Non-Repudiation
Logic Bomb
39. A collection of information designed to reduce duplication and increase integrity
Databases
Spiral
Mobile Recovery
Teardrop
40. Uses a role-based method to determine access rights and permissions. Role based access control is based on the user's role and responsibilities within the company.
Mobile Site
Assembler
Remote Journaling
Non-Discretionary Access Control
41. One entity with two competing allegiances
Electromagnetic Interference (EMI)
Detective
DR Or BC Coordinator
Conflict Of Interest
42. Unauthorized access of network devices.
Physical Tampering
Uninterruptible Power Supply (UPS)
Orange Book C Classification
Business Recovery Team
43. With enough computing power trying all possible combinations
Brute Force
Complete
Common Criteria
Data Dictionary
44. More than one CPU on a single board
Alternate Site
Multi-Core
Classification
Mobile Site
45. An alert or alarm that is triggered when no actual attack has taken place
Convincing
False (False Positive)
Kerberos
Damage Assessment
46. Quantity of risk remaining after a control is applied
Boot (V.)
Plain Text
Residual Risk
Containment
47. Creation distribution update and deletion
Full Test (Full Interruption)
Key Management
Maximum Tolerable Downtime (MTD)
Access Point
48. Intellectual property protection for an invention
Mirroring
Patent
Administrative
Triage
49. Communicate to stakeholders
Risk
Debriefing/Feedback
Uninterruptible Power Supply (UPS)
Picking
50. Objects or programming that looks the different but act same
Layering
Critical Functions
Polymorphism
Alarm Filtering