SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. OOP concept of a template that consist of attributes and behaviors
Sequence Attacks
Honeypot
Class
Key Escrow
2. Code making
Non-Discretionary Access Control
Administrative
Worldwide Interoperability for Microwave Access (WI-MAX )
Cryptography
3. A program that waits for a condition or time to occur that executes an inappropriate activity
Fire Suppression
Logic Bomb
Structured Walk-Through Test
Mock Disaster
4. A group of hard drives working as one storage unit for the purpose of speed and fault tolerance
Redundant Array Of Independent Drives (RAID)
Accurate
Mobile Site
Identification
5. The process of assessing damage - following a disaster - to computer hardware - vital records - office facilities - etc. And determining what can be salvaged or restored and what must be replaced.
Damage Assessment
Uninterruptible Power Supply (UPS)
Compression
Business Continuity Steering Committee
6. A state for operating system tasks only
Supervisor Mode (monitor - system - privileged)
Tactical
Key Clustering
Security Clearance
7. After being seized - the investigator should make a bit mirror image copy of the storage media before doing anything else.
Privacy Laws
Trademark
Computer System Evidence
Inrush Current
8. The connection between a wireless and wired network.
Injection
Access Point
MOM
Work Factor
9. A protocol for the efficient transmission of voice over the Internet
Voice Over IP (VOIP)
Substitution
Monitor
Civil Law
10. Calculation encompassing threats - vulnerabilities and assets
Total Risk
Aggregation
Malformed Input
Twisted Pair
11. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.
Polymorphism
Bit
Archival Data
Data Backups
12. An availability attack - to consume resources to the point of exhaustion
Denial Of Service
Rootkit
Directive
Damage Assessment
13. Trading one for another
Copyright
Polyalphabetic
Honeynet
Substitution
14. To start business continuity processes
Mandatory Vacations
Data Warehouse
Activation
Overlapping Fragment Attack
15. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.
Compiler
Brouter
Hard Disk
Investigation
16. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.
Near Site
Job Training
Orange Book B1 Classification
Recovery Point Objective (RPO)
17. Organization way of classifying data by factors such as criticality - sensitivity and ownership.
Classification Scheme
Repeaters
Sampling
Moore's Law
18. To execute more than one instruction at an instant in time
Dictionary Attack
Chain of Custody
Durability
Multi-Processing
19. A BCP testing type - a test that answers the question: Can the organization replicate the business process?
Bit
Simulation
Surveillance
Satellite
20. A process state - to be executing a process on the CPU
Running
Cookie
Degauss
Business Recovery Timeline
21. A type a computer memory that temporarily stores frequently used information for quick access.
Cache
Key Space
Entrapment
Patent
22. Recovery alternative which outsources a business function at a cost
File Server
Service Bureau
Compartmentalize
Sniffing
23. The technical and risk assesment of a system within the context of the operating environment
Certification
Data Dictionary
Race Condition
Administrative Law
24. A committee of decision makers - business owners - technology experts and continuity professionals - tasked with making strategic recovery and continuity planning decisions for the organization.
Denial Of Service
File Server
Inference
Business Continuity Steering Committee
25. Archival Data is information that is not directly accessible to the user of a computer system but that the organization maintains for long-term storage and record keeping purposes.
Archival Data
Off-Site Storage
Control Type
Shielding
26. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.
Source Routing Exploitation
Cipher Text
Change Control
Disaster Recovery Tape
27. Recovery alternative - short-term - high cost movable processing location
Elements of Negligence
Hearsay Evidence
Containment
Mobile Site
28. It is embedded as part of a complete device often including hardware and mechanical parts - Features a limited OS - Mobile phones - routers and wireless devices take a similar approach - Less than robust security features - Difficult to patch.
Embedded Systems
Cryptography
Checksum
Layering
29. Claiming another's identity at a physical level
Masquerading
Change Control
Damage Assessment
Birthday Attack
30. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.
Data Leakage
War Driving
Off-Site Storage
Metadata
31. A programming device use in development to circumvent controls
EMI
Trapdoors (Backdoors) (Maintenance Hooks)
Double Blind Testing
Recovery Point Objective (RPO)
32. Uses a role-based method to determine access rights and permissions. Role based access control is based on the user's role and responsibilities within the company.
Patch Management
Ring Protection
Non-Discretionary Access Control
Mandatory Access Control (MAC)
33. Actions measured against either a policy or what a reasonable person would do
Orange Book D Classification
Due Diligence
Algorithm
Certificate Revocation List (CRL)
34. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services
Plaintext
Access Control Lists
Intrusion Prevention Systems
Data Integrity
35. Written suggestions that direct choice to a few alternatives
Guidelines
Directive
Top Secret
Worm
36. State of computer - to be running a process
Restoration
Primary Storage
Gateway
Operating
37. People who interact with assets
User
System Life Cycle
Initialization Vector
Protection
38. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.
Cross Certification
Governance
Data Backups
Electronic Vaulting
39. The level and label given to an individual for the purpose of compartmentalization
File Sharing
Security Clearance
Evidence
Checklist Test
40. Define the way in which the organization operates.
Kernel
Top Secret
Proprietary
Incident Manager
41. A backup of data located where staff can not gain access readily and a regional disaster will not cause harm
Dangling Pointer
ff Site
Embedded
Routers
42. Sphere of influence
Application Programming Interface
SYN Flooding
Transients
Domain
43. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.
Man-In-The-Middle Attack
Residual Data
Certification
Shadowing (file shadowing)
44. A collection of data or information that has a name
Rollback
Asymmetric
Exposure
File
45. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.
Criminal Law
Patch Management
Disk Mirroring
Data Dictionary
46. Converts a high level language into machine language
Risk Assessment
Site Policy Awareness
Cryptography
Assembler
47. High level - pertaining to planning
Strategic
UPS
Brownout
Digital Certificate
48. More than one CPU on a single board
Multi-Core
Critical Records
Discretionary Access Control (DAC)
Entrapment
49. Program that inappropriately collects private data or activity
Full-Interruption test
Remote Journaling
Containment
Spyware
50. Record history of incident
Tracking
Collisions
Business Impact Analysis
Mirroring