SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An attack involving the hijacking of a TCP session by predicting a sequence number.
Sequence Attacks
Analysis
Certification Authority
Walk Though
2. Reduces causes of fire
Notification
Fire Prevention
Checkpoint
Reference Monitor
3. Natural or human-readable form of message
Cryptovariable
Legacy Data
Plain Text
Architecture
4. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.
Structured Walkthrough
Primary Storage
Operational Test
Network Attached Storage (NAS)
5. Line noise that is superimposed on the supply circuit.
Accurate
Cache
Custodian
Transients
6. Abstract and mathematical in nature - defining all possible states - transitions and operations
Lattice
Hot Site
State Machine Model
Radio Frequency Interference (RFI)
7. The document that defines the resources - actions - tasks and data required to manage the business recovery process in the event of a business interruption within the stated disaster recovery goals.
Botnet
Disaster Recovery Plan
Watermarking
Phishing
8. An access policy that uses a security label system. Users have clearances - and resources have security labels that contain data classifications. MAC compares these two attributes to determine access control capabilies - most commonly used in governm
Object Reuse
Mandatory Access Control (MAC)
Business Continuity Steering Committee
Remanence
9. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.
Hard Disk
Interpreter
Business Unit Recovery
Birthday Attack
10. Memory management technique which allows data to be moved from one memory address to another
Decipher
Relocation
Debriefing/Feedback
Electronic Vaulting
11. Standard for the establishment - implementation - control - and improvement of the Information Security Management System
ISO/IEC 27001
Injection
Supervisor Mode (monitor - system - privileged)
Blackout
12. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.
Teardrop
Satellite
Incident Response Team
Primary Storage
13. A backup of data located where staff can gain access readily and a localized disaster will not cause harm
Fire Prevention
Near Site
Voice Over IP (VOIP)
Remanence
14. Granular decision by a system of permitting or denying access to a particular resource on the system
Method
Orange Book D Classification
Alarm Filtering
Authorization
15. The one person responsible for data - its classification and control setting
Information Owner
Moore's Law
Denial Of Service
Directive
16. State of computer - to be running a process
Operating
Containment
Business Impact Assessment (BIA)
Mandatory
17. Encryption system using shared key/private key/single key/secret key
Symmetric
Discretionary
Brownout
Near Site
18. A system that enforces an access control policy between two networks.
Instance
Firewalls
Lattice
Pervasive Computing and Mobile Computing Devices
19. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).
Hub
Access Control Attacks
Rollback
Alternate Data Streams (File System Forks)
20. A technology that reduces the size of a file.
Sampling
Chain Of Custody
Side Channel Attack
Compression
21. A perpetrator leaves something behind or takes something with them at the scene of a crime
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
22. Forgery of the sender's email address in an email header.
Multi-Tasking
Full-Interruption test
E-Mail Spoofing
Supervisor Mode (monitor - system - privileged)
23. A system designed to prevent unauthorized access to or from a private network.
Modems
Byte Level Deletion
Firewall
Degauss
24. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements
Routers
TCSEC (Orange Book)
Risk Assessment / Analysis
Method
25. Converts source code to an executable
Due Diligence
Metadata
Compiler
Operating
26. The core of a computer that calculates
Layering
Central Processing Unit (CPU)
Alert/Alarm
Slack Space
27. Measures followed to restore critical functions following a security incident.
Teardrop
Recovery
Sharing
Emergency
28. Written internalized or nationalized norms that are internal to an organization
Decipher
Standard
Operational Test
Checkpoint
29. Transaction controls for a database - a return to a previous state
Secondary Storage
Rollback
Cookie
Slack Space
30. Return to a normal state
Examples of technical security components
Tactical
Notification
Recovery
31. Memory management technique which allows subjects to use the same resource
Sharing
Application Programming Interface
Risk Mitigation
Highly Confidential
32. Tool which mediates access
Pointer
Content Dependent Access Control
Deadlock
Control
33. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.
Forward Recovery
Rollback
Targeted Testing
Byte Level Deletion
34. A race condition where the security changes during the object's access
Time Of Check/Time Of Use
Birthday Attack
Watermarking
Mixed Law System
35. An attack that breaks up malicious code into fragments - in an attempt to elude detection.
SYN Flooding
Forensic Copy
IP Fragmentation
Threads
36. Prolonged loss of commercial power
Compensating
Blackout
Elements of Negligence
Pervasive Computing and Mobile Computing Devices
37. Is secondhand and usually not admissible in court
Fire Suppression
Operational Impact Analysis
Honeynet
Hearsay Evidence
38. A state where two subjects can access the same object without proper mediation
Side Channel Attack
Rollback
Key Escrow
Race Condition
39. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.
Uninterruptible Power Supply (UPS)
Byte
Job Training
Deleted File
40. A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.
Protection
Keyed-Hashing For Message Authentication
Education
Bit
41. Object based description of a system or a collection of resources
Access Control Lists
Business Unit Recovery
Access Control Matrix
SQL Injection
42. Intellectual property protection for an invention
Event
Patent
Spyware
Risk Assessment
43. To smooth out reductions or increases in power
Key Management
UPS
Encipher
Isolation
44. Indivisible - data field must contain only one value that either all transactions take place or none do
Open Mail Relay Servers
Atomicity
Application Programming Interface
Stopped
45. Periodic - automatic and transparent backup of data in bulk.
Archival Data
Data Recovery
Electronic Vaulting
Log
46. Uncleared buffers or media
Journaling
Centralized Access Control Technologies
Administrative
Object Reuse
47. Control category- to give instructions or inform
Electronic Vaulting
Directive
Spiral
Interpreter
48. A test conducted on multiple components of a plan - in conjunction with each other - typically under simulated operating conditions
Integrated Test
Collisions
Recovery
Life Cycle of Evidence
49. Less granular organization of controls -
Hub
Infrastructure
Network Attached Storage (NAS)
Control Type
50. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.
Business Impact Assessment (BIA)
Mantrap (Double Door System)
Discretionary
Analysis