SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To load the first piece of software that starts a computer.
Boot (V.)
Atomicity
Decipher
Virtual Memory
2. A comprehensive set of controls comprising best practices in information security and provides guidelines on how to set up and maintain security programs.
Cache
Multi-Processing
ISO/IEC 27002
Message Digest
3. Scrambled form of the message or data
Cipher Text
Change Control
Object Oriented Programming (OOP)
Trapdoors (Backdoors) (Maintenance Hooks)
4. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.
State Machine Model
Encryption
Disk Mirroring
Multiplexers
5. Initial surge of current
Mixed Law System
Remote Journaling
Coaxial Cable
Inrush Current
6. To execute more than one instruction at an instant in time
Intrusion Detection Systems
Multi-Processing
Maximum Tolerable Downtime (MTD)
Electronic Vaulting
7. Object based description of a single resource and the permission each subject
Access Control Lists
File Level Deletion
Worm
Cryptovariable
8. One of the most important first steps in the planning development. Qualitative and quantitative data needs to be gathered - analyzed - interpreted and presented to management
TNI (Red Book)
Due Care
Business Impact Analysis
War Dialing
9. A layer 3 device that used to connect two or more network segments and regulate traffic.
Threats
Routers
Gateway
Electromagnetic Interference (EMI)
10. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.
Wireless Fidelity (Wi-Fi )
Permutation /Transposition
Pointer
Privacy Laws
11. Owner directed mediation of access
Method
Warm Site
Discretionary
Alarm Filtering
12. Specific format of technical and physical controls that support the chosen framework and the architecture
Pervasive Computing and Mobile Computing Devices
Infrastructure
Steganography
Atomicity
13. With enough computing power trying all possible combinations
Virtual Memory
Accurate
HTTP Response Splitting
Brute Force
14. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services
Access Control Lists
Centralized Access Control Technologies
System Life Cycle
Replication
15. A Denial of Service attack that floods the target system with connection requests that are not finalized.
Integrated Test
Interception
SYN Flooding
Layering
16. A secure connection to another network.
Classification Scheme
MOM
Gateway
Site Policy Awareness
17. Redundant component that provides failover capability in the event of failure or interruption of a primary component.
Emergency
Hearsay
Hot Spares
Countermeasure
18. A distributed system's transaction control that requires updates to complete or rollback
Elements of Negligence
2-Phase Commit
Overlapping Fragment Attack
Virus
19. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.
Forward Recovery
Salami
Data Recovery
Multilevel Security System
20. Intellectual property protection for marketing efforts
Codec
Incident
Pointer
Trademark
21. Hitting a filed down key in a lock with a hammer to open without real key
Key Management
Bumping
File
Threats
22. Interception of a communication session by an attacker.
Security Blueprint
Hijacking
Orange Book C2 Classification
TEMPEST
23. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).
TCSEC (Orange Book)
False (False Positive)
Discretionary Access Control (DAC)
Recovery Time Objectives
24. A test conducted on one or more components of a plan under actual operating conditions.
Parallel Test
Encipher
Operational Test
Hard Disk
25. Claiming another's identity at a physical level
Total Risk
Masquerading
Tort
Hearsay
26. The guardian of asset(s) - a maintenance activity
Detective
Rogue Access Points
Custodian
Disaster Recovery Teams (Business Recovery Teams)
27. Substitution at the word or phrase level
Code
Deletion
Information Owner
Exercise
28. A layer 2 device that used to connect two or more network segments and regulate traffic.
File Server
Switches
SYN Flooding
Checkpoint
29. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities
BCP Testing Drills and Exercises
Embedded Systems
Mission-Critical Application
Administrative Laws
30. False memory reference
Dangling Pointer
Database Replication
Adware
Hub
31. To reduce fire
Fire Suppression
Durability
Relocation
Deletion
32. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?
Framework
Assembler
Desk Check Test
Object Oriented Programming (OOP)
33. People who interact with assets
Administrative Laws
User
ISO/IEC 27001
Disaster Recovery Teams (Business Recovery Teams)
34. An asymmetric cryptography mechanism that provides authentication.
Test Plan
Multi-Processor
False (False Positive)
Digital Signature
35. Responsibility of a user for the actions taken by their account which requires unique identification
Transfer
Phishing
Accountability
Packet Filtering
36. Third party processes used to organize the implementation of an architecture
Framework
MOM
Tracking
Database Replication
37. Security policy - procedures - and compliance enforcement
ff Site
Lattice
Deadlock
Examples of non-technical security components
38. Two different keys decrypt the same cipher text
Gateway
Key Clustering
Botnet
Interception
39. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.
Access Point
Running
Satellite
Honeynet
40. Unsolicited advertising software
Ethics
BCP Testing Drills and Exercises
Adware
Secondary Storage
41. Recording the Who What When Where How of evidence
Isolation
Object Oriented Programming (OOP)
Chain Of Custody
Noise
42. Uncheck data input which results in redirection
HTTP Response Splitting
Confidence Value
Tactical
Content Dependent Access Control
43. An availability attack - to consume resources to the point of exhaustion from multiple vectors
Cryptography
Distributed Denial Of Service
Least Privilege
Modification
44. OOP concept of an object at runtime
False (False Positive)
Masquerading
Watermarking
Instance
45. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.
Bit
Electronic Vaulting
Satellite
Certificate Revocation List (CRL)
46. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.
Degauss
Key Clustering
Burn
Cross-Site Scripting
47. OOP concept of a taking attributes from the original or parent
Inheritance
Masquerading
Business Recovery Team
Certification
48. A layer 2 device that used to connect two network segments and regulate traffic.
Life Cycle of Evidence
Denial Of Service
Bridge
Simulation
49. Information that - if made public or even shared around the organization - could seriously impede the organization's operations
Territoriality
File
Ring Protection
Highly Confidential
50. Measures followed to restore critical functions following a security incident.
E-Mail Spoofing
Recovery
Certification Authority
Burn
