SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Some systems are actually run at the alternate site
Plain Text
Parallel Test
Critical Infrastructure
Business Continuity Planning (BCP)
2. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.
Satellite
Custodian
Byte
Corrective
3. Location to perform the business function
Alternate Site
Kernel
Prevention
Multi-Processing
4. Act of luring an intruder and is legal.
Enticement
Inference
Hard Disk
Remanence
5. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?
Walk Though
BCP Testing Drills and Exercises
Open Mail Relay Servers
Security Domain
6. Physical description on the exterior of an object that communicates the existence of a label
Contact List
Multiplexers
Interference (Noise)
Marking
7. The principles a person sets for themselves to follow
Blind Testing
Spyware
Ethics
Residual Risk
8. The core logic engine of an operating system which almost never changes
Worldwide Interoperability for Microwave Access (WI-MAX )
Incident
Multi-Tasking
Kernel
9. Tool which mediates access
Surge Suppressor
Tapping
Interpreter
Control
10. A Denial of Service attack initiated by sending spoofed UDP echo request to IP broadcast addresses. (See Smurf)
Fraggle
Class
Mandatory Vacations
Business Interruption
11. Two certificate authorities that trust each other
Class
Cryptovariable
Cross Certification
Non-Repudiation
12. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.
Cross Training
Fire Suppression
Object Oriented Programming (OOP)
Time Of Check/Time Of Use
13. More than one CPU on a single board
Incident
Encapsulation
Multi-Core
Data Leakage
14. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.
Alert
Key Escrow
Orange Book B2 Classification
Smurf
15. An availability attack - to consume resources to the point of exhaustion
Denial Of Service
Service Bureau
Plaintext
Critical Functions
16. Ertaining to a number system that has just two unique digits.
Binary
MOM
TNI (Red Book)
Elements of Negligence
17. A cooperative collection of business processes and technologies used for the purpose of binding individuals to a digital certificate
Public Key Infrastructure (PKI)
Wait
Failure Modes and Effect Analysis (FEMA)
System Downtime
18. False memory reference
Dangling Pointer
Codec
Multilevel Security System
Due Care
19. The property that data meet with a priority expectation of quality and that the data can be relied upon.
Information Flow Model
Surge
Data Integrity
Alarm Filtering
20. System directed mediation of access with labels
Honeynet
Mandatory
Dictionary Attack
Coaxial Cable
21. Pertaining to law - no omissions
Complete
Moore's Law
Mandatory Access Control (MAC)
Reference Monitor
22. Written internalized or nationalized norms that are internal to an organization
Emanations
Substitution
Trusted Computing Base
Standard
23. Converts source code to an executable
Compartmentalize
Compiler
Hub
Kerckhoff's Principle
24. Potentially compromising leakage of electrical or acoustical signals.
Embedded Systems
Binary
Emanations
Targeted Testing
25. Pertaining to law - high degree of veracity
Replication
System Life Cycle
Enticement
Accurate
26. The core of a computer that calculates
Risk Mitigation
On-Site
Central Processing Unit (CPU)
User Mode (problem or program state)
27. People protect their domain
Orange Book C Classification
Cryptovariable
Territoriality
Incident Manager
28. Is secondhand and usually not admissible in court
Hearsay Evidence
Investigation
Identification
Metadata
29. Long term knowledge building
Data Recovery
Data Warehouse
Initialization Vector
Education
30. Narrow scope examination of a system
Targeted Testing
Infrastructure
Access Control Lists
Key Escrow
31. To load the first piece of software that starts a computer.
Boot (V.)
Incident Manager
Revocation
Recovery
32. Business and technical process of applying security software updates in a regulated periodic way
Electronic Vaulting
Patch Management
Atomicity
Open Mail Relay Servers
33. An asymmetric cryptography mechanism that provides authentication.
Record Level Deletion
Digital Signature
Data Dictionary
Warm Site
34. Only the key protects the encrypted information
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
35. A one way - directed graph which indicates confidentiality or integrity flow
Lattice
DR Or BC Coordinator
Proprietary
Qualitative
36. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)
Trademark
Smurf
Desk Check Test
Alternate Data Streams (File System Forks)
37. System mediation of access with the focus on the context of the request
Directive
Site Policy Awareness
Content Dependent Access Control
Metadata
38. Process whereby data is removed from active files and other data storage structures
Deletion
Adware
On-Site
Kerckhoff's Principle
39. Joining two pieces of text
Machine Language (Machine Code)
Bollard
SQL Injection
Concatenation
40. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.
Relocation
Object Reuse
Twisted Pair
Civil Or Code Law
41. Mediation of subject and object interactions
Hot Spares
Life Cycle of Evidence
Access Control
Fiber Optics
42. Use of specialized techniques for recovery - authentication - and analysis of electronic data
Computer Forensics
Integrated Test
ff Site
Public Key Infrastructure (PKI)
43. The risk that remains after management implements internal controls - or some other response to risk - (Threats x Vulnerability x Asset Value) x Controls Gap = Residual Risk
Mitigate
Data Marts
Operational Test
Residual Risk
44. Momentary loss of power
ITSEC
Accreditation
Fault
Multi-Programming
45. To stop damage from spreading
Containment
Emergency Operations Center (EOC)
Distributed Processing
Virtual Memory
46. Guidelines within an organization that control the rules and configurations of an IDS
Method
Administrative Law
Site Policy
Rollback
47. Object based description of a single resource and the permission each subject
Rollback
Access Control Lists
Primary Storage
Service Bureau
48. OOP concept of a taking attributes from the original or parent
Inheritance
Event
Information Owner
Multi-Processor
49. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources
Workaround Procedures
Teardrop
Threats
Administrative Access Controls
50. Framework that defines goals for the controls that should be used to properly manage IT - consists of 4 domains: - Plan and Organize - - Acquire and Implement - Deliver and Support - Monitor and Evaluate
CobiT
Multi-Processor
Risk Assessment / Analysis
Certification