SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Unauthorized wireless network access device.
Cryptanalysis
Revocation
Rogue Access Points
Critical Infrastructure
2. Summary of a communication for the purpose of integrity
Message Digest
Fire Detection
Administrative Law
Degauss
3. Planning for the delegation of authority required when decisions must be made without the normal chain of command
Technical Access Controls
Cipher Text
Multiplexers
Executive Succession
4. To create a copy of data as a precaution against the loss or damage of the original data.
HTTP Response Splitting
Cookie
Critical Functions
Backup
5. Heavily populated areas - particularly susceptible to high-intensity earthquakes - floods - tsunamis - or other disasters - for which emergency response may be necessary in the event of a disaster.
Security Kernel
Call Tree
Database Shadowing
High-Risk Areas
6. Line by line translation from a high level language to machine code
ISO/IEC 27001
Interpreter
Business Records
Sequence Attacks
7. Written suggestions that direct choice to a few alternatives
Guidelines
Atomicity
Key Management
Standalone Test
8. Evidence must be: admissible - authentic - complete - accurate - and convincing
5 Rules Of Evidence
Plaintext
Quantitative
Ethics
9. Organization's prior arrangements made to maintain the functions and processes important to the existence of the organization
File Server
Trademark
File Extension
Business Continuity Planning (BCP)
10. Tool which mediates access
Pointer
ISO/IEC 27001
Control
Near Site
11. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements
Denial Of Service
Residual Risk
ITSEC
Inheritance
12. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.
Trapdoors (Backdoors) (Maintenance Hooks)
Access Control Lists
File Extension
Compiler
13. Subject based description of a system or a collection of resources
Risk Mitigation
Capability Tables
Supervisor Mode (monitor - system - privileged)
Hot Site
14. A type of attack involving attempted insertion - deletion or altering of data.
Masked/Interruptible
Routers
Modification
Hot Site
15. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."
Hearsay Evidence
Trusted Computing Base
Fire Prevention
Disaster Recovery Tape
16. Mitigation of system or component loss or interruption through use of backup capability.
Side Channel Attack
Running
Tracking
Fault Tolerance
17. Controls for termination of attempt to access object
Off-Site Storage
Qualitative
Intrusion Prevention Systems
Workaround Procedures
18. Prolonged loss of commercial power
Blackout
Critical Infrastructure
Hard Disk
Encryption
19. All of the protection mechanism in a computer system
Recovery Time Objectives
Ethics
Trusted Computing Base
Brouter
20. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.
Operational Test
Architecture
Sampling
Emergency
21. A record that must be preserved and available for retrieval if needed.
Vital Record
Trade Secret
Business Continuity Steering Committee
Proprietary
22. Recovery alternative which outsources a business function at a cost
Blind Testing
Encryption
E-Mail Spoofing
Service Bureau
23. Unsolicited commercial email
Distributed Denial Of Service
Spam
Business Continuity Steering Committee
Recovery Strategy
24. Recovery alternative - everything needed for the business function - except people and last backup
Hot Site
Binary
Checklist Test
Key Management
25. Just enough access to do the job
Secondary Storage
Tort
Least Privilege
Authentication
26. Two different keys decrypt the same cipher text
The ACID Test
CPU Cache
Key Clustering
Business Impact Analysis
27. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)
Non-Repudiation
Interception
Authentication
CPU Cache
28. A planned or unplanned interruption in system availability.
Trapdoors (Backdoors) (Maintenance Hooks)
Fiber Optics
System Downtime
Deterrent
29. A collection of information designed to reduce duplication and increase integrity
Criminal Law
Strong Authentication
Databases
Threats
30. A documented battle plan for coordinating response to incidents.
Journaling
Incident Handling
Chain Of Custody
Cookie
31. Pertaining to law - accepted by a court
Desk Check Test
Incident Response
Rollback
Admissible
32. Calculation encompassing threats - vulnerabilities and assets
Emergency Operations Center (EOC)
Trojan Horse
Tort
Total Risk
33. Data or interference that can trigger a false positive
Denial Of Service
Modems
High-Risk Areas
Noise
34. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services
Compensating
Access Control Lists
Disaster
Total Risk
35. An event which stops business from continuing.
Disaster
Inference
File Sharing
Certification Authority
36. Memory management technique that allows two processes to run concurrently without interaction
Non-Discretionary Access Control
Protection
Cross Training
File Extension
37. A programming device use in development to circumvent controls
Salami
Journaling
Sampling
Trapdoors (Backdoors) (Maintenance Hooks)
38. A covert storage channel on the file attribute
Mirroring
Alternate Data Streams (File System Forks)
Voice Over IP (VOIP)
Standalone Test
39. To collect many small pieces of data
Copyright
Logic Bomb
Fire Detection
Aggregation
40. Responsibility for actions
Guidelines
Bollard
Liability
Packet Filtering
41. High frequency noise
Key Space
Reference Monitor
Electromagnetic Interference (EMI)
Triage
42. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.
TIFF (Tagged Image File Format)
Coaxial Cable
Polymorphism
Plan Maintenance Procedures
43. A mathematical tool for verifying no unintentional changes have been made
Checksum
Worm
Recovery Period
Directive
44. One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions
Call Tree
Operational Exercise
Voice Over IP (VOIP)
TNI (Red Book)
45. Less granular organization of controls -
Control Type
Multi-Core
Data Dictionary
Separation Of Duties
46. Object reuse protection and auditing
Orange Book C2 Classification
Hot Site
Logic Bomb
Spam
47. An unintended communication path
Covert Channel
Spyware
Polymorphism
Phishing
48. Converts source code to an executable
Incident Manager
File Level Deletion
Fiber Optics
Compiler
49. An activity that is performed for the purpose of training and conditioning team members - and improving their performance.
Double Blind Testing
Civil Law
Exercise
Sniffing
50. A choice in risk management - to convince another to assume risk - typically by payment
Transfer
Warm Site
Slack Space
Pervasive Computing and Mobile Computing Devices
