SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?
Desk Check Test
Maximum Tolerable Downtime (MTD)
Data Custodian
Authorization
2. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.
Revocation
Redundant Servers
Polyalphabetic
Source Routing Exploitation
3. An opportunity for a threat to cause loss. (terminology that encompasses many recent risk terms)
Exposure
Warm Site
TNI (Red Book)
Botnet
4. Malware that makes small random changes to many data points
Trade Secret
Data Diddler
CobiT
Multilevel Security System
5. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.
Business Records
Data Backup Strategies
Object Reuse
Symmetric
6. Object reuse protection and auditing
Orange Book C2 Classification
Event
Mantrap (Double Door System)
Cryptanalysis
7. The problems solving state - the opposite of supervisor mode
Reference Monitor
User Mode (problem or program state)
Cryptography
Certification Authority
8. Recognition of an individual's assertion of identity.
Checksum
Authorization
Recovery Period
Identification
9. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.
Trade Secret
Standalone Test
Containment
Orange Book B1 Classification
10. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.
Examples of non-technical security components
Radio Frequency Interference (RFI)
Forensic Copy
Threat Agent
11. Mathematical function that determines the cryptographic operations
Active Data
Mixed Law System
Databases
Algorithm
12. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.
Risk Mitigation
Waterfall
Change Control
Discretionary Access Control (DAC)
13. Organization way of classifying data by factors such as criticality - sensitivity and ownership.
E-Mail Spoofing
Hearsay
Classification Scheme
Threats
14. An alert or alarm that is triggered when no actual attack has taken place
Side Channel Attack
Sharing
False (False Positive)
Administrative Laws
15. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.
ITSEC
Encryption
War Dialing
Journaling
16. Memory - RAM
Primary Storage
Multilevel Security System
Bollard
System Life Cycle
17. A description of a database
Checklist Test (desk check)
Hearsay
Data Dictionary
Access Control
18. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements
Fire Classes
Trade Secret
TCSEC (Orange Book)
Moore's Law
19. A backup of data located where staff can gain access readily and a localized disaster will not cause harm
Near Site
Control Category
Cryptanalysis
Archival Data
20. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress
Proxies
True Attack Stimulus
Cross-Site Scripting
Cold Site
21. A backup of data located where staff can not gain access readily and a regional disaster will not cause harm
ff Site
Recovery
Concentrator
Spyware
22. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.
Detection
Framework
Worldwide Interoperability for Microwave Access (WI-MAX )
Virus
23. Forgery of the sender's email address in an email header.
Kerberos
E-Mail Spoofing
Business Interruption Insurance
Forensic Copy
24. Potentially compromising leakage of electrical or acoustical signals.
Data Owner
Activation
Emanations
Walk Though
25. A test conducted on one or more components of a plan under actual operating conditions.
System Downtime
Dictionary Attack
Operational Test
Slack Space
26. Security policy - procedures - and compliance enforcement
Picking
Resumption
Alert
Examples of non-technical security components
27. Intellectual property management technique for identifying after distribution
Watermarking
Sag/Dip
Due Diligence
Bollard
28. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.
Electromagnetic Interference (EMI)
Processes are Isolated By
Hot Site
Privacy Laws
29. Malware that subverts the detective controls of an operating system
Business Continuity Program
IP Fragmentation
Buffer Overflow
Rootkit
30. Methodical research of an incident with the purpose of finding the root cause
Transfer
False Attack Stimulus
Framework
Investigation
31. A passive network attack involving monitoring of traffic.
Checkpoint
Eavesdropping
Incident Response Team
Emanations
32. Consume resources to a point of exhaustion - loss of availability
Targeted Testing
Denial Of Service
Cryptovariable
War Driving
33. Data or interference that can trigger a false positive
Information Technology Security Evaluation Criteria - ITSEC
Wait
Data Warehouse
Noise
34. Mediates communication between un-trusted hosts on behalf of the hosts that it protects.
Strategic
Proxies
Threats
Certification
35. OOP concept of a template that consist of attributes and behaviors
Class
Checksum
Governance
Incident
36. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.
Quantitative Risk Analysis
TEMPEST
Worm
ff Site
37. A Denial of Service attack initiated by sending spoofed UDP echo request to IP broadcast addresses. (See Smurf)
Logic Bomb
Object Oriented Programming (OOP)
Twisted Pair
Fraggle
38. Program that inappropriately collects private data or activity
Spyware
Birthday Attack
Spiral
Gateway
39. A program that waits for a condition or time to occur that executes an inappropriate activity
Corrective
Cryptanalysis
Boot (V.)
Logic Bomb
40. An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business - as well as legal or regulatory impacts.
Mission-Critical Application
Checklist Test
Redundant Array Of Independent Drives (RAID)
Infrastructure
41. OOP concept of a taking attributes from the original or parent
Safeguard
Desk Check Test
Inheritance
Cookie
42. To reduce fire
Kerckhoff's Principle
Fire Suppression
Sampling
Rogue Access Points
43. Alternate facility - other than the primary production site - where duplicated vital records and documentation may be stored for use during disaster recovery.
Access Control Lists
Patch Panels
Off-Site Storage
Certification
44. Disruption of operation of an electronic device due to a competing electromagnetic field.
Interpreter
Failure Modes and Effect Analysis (FEMA)
EMI
Orange Book D Classification
45. A basic level of network access control that is based upon information contained in the IP packet header.
Log
The ACID Test
Packet Filtering
IP Fragmentation
46. The process of categorizing attack alerts produced from an IDS in order to distinguish false positives from actual attacks
Alarm Filtering
Operational Exercise
Object Oriented Programming (OOP)
Replication
47. Key
Memory Management
Cryptovariable
Gateway
Parallel Test
48. Just enough access to do the job
Data Leakage
Simulation
Chain of Custody
Least Privilege
49. More than one process in the middle of executing at a time
Coaxial Cable
Buffer Overflow
Multi-Tasking
Cryptanalysis
50. Employment education done once per position or at significant change of function
MOM
BCP Testing Drills and Exercises
Bit
Job Training
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests