SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A shield against leakage of electromagnetic signals.
Faraday Cage/ Shield
Proxies
Digital Signature
Call Tree
2. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.
Interference (Noise)
Forensic Copy
Privacy Laws
Orange Book B1 Classification
3. A state where two subjects can access the same object without proper mediation
Shift Cipher (Caesar)
Fire Prevention
Race Condition
Data Warehouse
4. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.
Investigation
Active Data
Preemptive
Data Owner
5. Identification and notification of an unauthorized and/or undesired action
Log
Detection
Business Impact Assessment (BIA)
Access Control Lists
6. For PKI - decertify an entities certificate
Revocation
Fire Detection
Operating
Brute Force
7. Mediation of covert channels must be addressed
Information Flow Model
Reciprocal Agreement
Atomicity
TIFF (Tagged Image File Format)
8. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.
Physical Tampering
Due Care
Privacy Laws
TIFF (Tagged Image File Format)
9. Used to code/decode a digital data stream.
Quantitative Risk Analysis
Fire Suppression
Disaster Recovery Plan
Codec
10. A type a computer memory that temporarily stores frequently used information for quick access.
Shielding
Cache
Tort
Byte Level Deletion
11. Indivisible - data field must contain only one value that either all transactions take place or none do
Hearsay Evidence
Simulation Test
Atomicity
Encipher
12. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.
Emergency
Multi-Core
Code
Directive
13. Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.
Sag/Dip
Fragmented Data
Highly Confidential
Interpreter
14. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.
Criminal Law
Virtual Memory
Non-Interference
Standalone Test
15. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.
Maximum Tolerable Downtime (MTD)
Access Control Lists
Disaster
Analysis
16. A electronic attestation of identity by a certificate authority
Emergency Procedures
Key Clustering
Threats
Digital Certificate
17. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.
Class
Burn
Decipher
Orange Book B2 Classification
18. A programming device use in development to circumvent controls
Trapdoors (Backdoors) (Maintenance Hooks)
Trademark
Threats
Tactical
19. Enclosure of electronic communication devices to prevent leakage of electromagnetic signals.
DR Or BC Coordinator
Shielding
File
Centralized Access Control Technologies
20. Recording activities at the keyboard level
Electronic Vaulting
Keystroke Logging
Rogue Access Points
Running
21. Wrong against society
Polymorphism
Radio Frequency Interference (RFI)
Criminal Law
Covert Channel
22. A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.
IP Address Spoofing
Simulation
Firmware
Bit
23. Owner directed mediation of access
Discretionary
Risk Assessment
Symmetric
Virtual Memory
24. To evaluate the current situation and make basic decisions as to what to do
False Attack Stimulus
Recovery
Triage
Incident Handling
25. Unauthorized wireless network access device.
False Negative
Rogue Access Points
Hot Site
Forward Recovery
26. Control category- to restore to a previous state by removing the adversary and or the results of their actions
Directive
Corrective
Switches
Targeted Testing
27. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.
3 Types of harm Addressed in computer crime laws
Accurate
Log
Classification
28. A technology that reduces the size of a file.
Compression
Deletion
Data Leakage
Teardrop
29. A trusted issuer of digital certificates
Plan Maintenance Procedures
Certification Authority
Digital Signature
Polyalphabetic
30. A signal suggesting a system has been or is being attacked.
Damage Assessment
Private Branch Exchange (PBX)
Hearsay Evidence
Alert/Alarm
31. Calculation encompassing threats - vulnerabilities and assets
Total Risk
Waterfall
Metadata
Voice Over IP (VOIP)
32. Mediation of subject and object interactions
Plaintext
Access Control
TCSEC (Orange Book)
Object
33. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.
Fire Detection
Sequence Attacks
Collisions
Deleted File
34. Real-time data backup ( Data Mirroring)
The ACID Test
Quantitative
Bit
Database Shadowing
35. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.
Cross-Site Scripting
Restoration
Symmetric
Threats
36. A basic level of network access control that is based upon information contained in the IP packet header.
Packet Filtering
Emergency Procedures
Operational
Mandatory Vacations
37. Transaction controls for a database - a return to a previous state
Rollback
Alert
Activation
Analysis
38. Individuals and departments responsible for the storage and safeguarding of computerized data.
Critical Functions
Business Impact Assessment (BIA)
Data Custodian
Infrastructure
39. Measures followed to restore critical functions following a security incident.
Data Diddler
EMI
Recovery
Eavesdropping
40. Outputs within a given function are the same result
Pervasive Computing and Mobile Computing Devices
Collisions
Access Control Lists
Due Care
41. Encryption system using shared key/private key/single key/secret key
True Attack Stimulus
IDS Intrusion Detection System
Symmetric
IP Address Spoofing
42. Tool which mediates access
Brownout
Control
Critical Infrastructure
Multi-Processor
43. A documented battle plan for coordinating response to incidents.
Due Diligence
Incident Response Team
Incident Handling
Deleted File
44. Memory - RAM
Substitution
Attacker (Black hat - Hacker)
Primary Storage
Activation
45. A Denial of Service attack that floods the target system with connection requests that are not finalized.
Executive Succession
Critical Records
Computer System Evidence
SYN Flooding
46. Written core statements that rarely change
Cryptology
Alert
Gateway
Policy
47. To know more than one job
Key Space
Kernel
Cross Training
Algorithm
48. Robust project management process of new systems with at least the following phases: design and development - production - distribution - operation - maintenance - retirement - and disposal
System Life Cycle
Decipher
Packet Filtering
Trusted Computing Base
49. To reduce sudden rises in current
Internal Use Only
Waterfall
Failure Modes and Effect Analysis (FEMA)
Surge Suppressor
50. Narrow scope examination of a system
Honeypot
Targeted Testing
Protection
Cross-Site Scripting
