SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A documented battle plan for coordinating response to incidents.
Storage Area Network (SAN)
Physical Tampering
Electronic Vaulting
Incident Handling
2. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).
Concentrator
Physical Tampering
Repeaters
Infrastructure
3. Controls for termination of attempt to access object
Intrusion Prevention Systems
Reciprocal Agreement
Debriefing/Feedback
Brownout
4. A condition in which neither party is willing to stop their activity for the other to complete
Vulnerability
Governance
Deadlock
Cookie
5. A running key using a random key that is never used again
Tar Pits
Interception
Bit
One Time Pad
6. Information about data or records
Botnet
Metadata
Stopped
Database Shadowing
7. The process of categorizing attack alerts produced from an IDS in order to distinguish false positives from actual attacks
Domain
Alarm Filtering
Life Cycle of Evidence
Process Isolation
8. People who interact with assets
Side Channel Attack
UPS
Data Backups
User
9. Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.
Fragmented Data
Call Tree
True Attack Stimulus
Hard Disk
10. A layer 2 device that used to connect two network segments and regulate traffic.
Bridge
Orange Book B1 Classification
Operational Exercise
Firewall
11. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.
On-Site
False Negative
Reference Monitor
Criminal Law
12. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.
Interpreter
Executive Succession
Source Routing Exploitation
Open Mail Relay Servers
13. Object based description of a system or a collection of resources
Remote Journaling
Separation Of Duties
Algorithm
Access Control Matrix
14. Identification and notification of an unauthorized and/or undesired action
Sequence Attacks
Business Recovery Team
Detection
Accountability
15. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)
Data Backup Strategies
Declaration
Custodian
Non-Discretionary Access Control
16. To move from location to location - keeping the same function
Near Site
Distributed Processing
Job Rotation
Orange Book B1 Classification
17. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.
Recovery Point Objective (RPO)
Data Backup Strategies
Event
Satellite
18. The core logic engine of an operating system which almost never changes
Kernel
Test Plan
Multilevel Security System
Fragmented Data
19. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.
Inrush Current
Residual Data
Compartmentalize
Fire Classes
20. A world-wide wireless technology
Time Of Check/Time Of Use
Wireless Fidelity (Wi-Fi )
Redundant Servers
Civil Law
21. Written core statements that rarely change
Spiral
Policy
Call Tree
Log
22. Pertaining to law - lending it self to one side of an argument
Brouter
Least Privilege
Convincing
Trusted Computing Base
23. A type of attack involving attempted insertion - deletion or altering of data.
Fault
Enticement
Examples of technical security components
Modification
24. An alert or alarm that is triggered when no actual attack has taken place
False (False Positive)
Application Programming Interface
Hijacking
Data Backup Strategies
25. A disturbance that degrades performance of electronic devices and electronic communications.
Worm
ITSEC
Radio Frequency Interference (RFI)
Redundant Array Of Independent Drives (RAID)
26. Threats x Vulnerability x Asset Value = Total Risk
Restoration
Countermeasure
E-Mail Spoofing
Total Risk
27. One entity with two competing allegiances
Conflict Of Interest
Hijacking
Admissible
Discretionary
28. A template for the designing the architecture
Electromagnetic Interference (EMI)
Security Blueprint
Cache
Decipher
29. Security policy - procedures - and compliance enforcement
Data Hiding
Rogue Access Points
Protection
Examples of non-technical security components
30. Maintenance procedures outline the process for the review and update of business continuity plans.
Boot (V.)
Critical Infrastructure
Plan Maintenance Procedures
Risk Assessment / Analysis
31. A control after attack
User Mode (problem or program state)
Forward Recovery
Remote Journaling
Countermeasure
32. Converts source code to an executable
Wireless Fidelity (Wi-Fi )
Compiler
Near Site
Emergency
33. Control category - more than one control on a single asset
Debriefing/Feedback
Key Escrow
Recovery Point Objective (RPO)
Compensating
34. Sphere of influence
Domain
Life Cycle of Evidence
Custodian
Top Secret
35. Power surge
Generator
Electrostatic Discharge
Capability Tables
ISO/IEC 27001
36. All of the protection mechanism in a computer system
Ethics
Information Flow Model
Trusted Computing Base
Twisted Pair
37. Someone who wants to cause harm
Administrative Law
Attacker (Black hat - Hacker)
DR Or BC Coordinator
Emanations
38. More than one processor sharing same memory - also know as parallel systems
Bumping
Non-Discretionary Access Control
Double Blind Testing
Multi-Processor
39. Implementation of measures to deter specific threats to the continuity of business operations - and/or respond to any occurrence of such threats in a timely and appropriate manner.
Tapping
Concentrator
Risk Mitigation
Mobile Site
40. A process state - to be executing a process on the CPU
Running
Life Cycle of Evidence
Job Training
Tort
41. A value an organization places on an IDS based on past performance and analysis to help determine its ability to effectively identify an attack
Near Site
Confidence Value
Mantrap (Double Door System)
Fraggle
42. Pertaining to law - verified as real
Control Type
Backup
Authentic
Redundant Servers
43. Reduction of voltage by the utility company for a prolonged period of time
Cache
Brownout
Hot Spares
Distributed Denial Of Service
44. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs
Fragmented Data
Safeguard
Steganography
Application Programming Interface
45. One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions
Labeling
Recovery Time Objectives
Dangling Pointer
Operational Exercise
46. Evaluation of a system without prior knowledge by the tester
Blind Testing
Site Policy Awareness
Hijacking
IP Fragmentation
47. Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization - community - nation - etc
Intrusion Prevention Systems
Alert/Alarm
Parallel Test
Critical Infrastructure
48. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems
Acronym for American Standard Code for Information Interchange (ASCII)
Permutation /Transposition
Active Data
Databases
49. Data or interference that can trigger a false positive
Noise
Security Blueprint
Key Escrow
Capability Tables
50. A perpetrator leaves something behind or takes something with them at the scene of a crime
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
