SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A basic level of network access control that is based upon information contained in the IP packet header.
Packet Filtering
Control Category
Forward Recovery
Non-Interference
2. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive
Fire Suppression
Job Training
Virtual Memory
5 Rules Of Evidence
3. What is will remain - persistence
E-Mail Spoofing
Keystroke Logging
ITSEC
Durability
4. Induces a crime - tricks a person - and is illegal
Data Owner
Running Key
Information Technology Security Evaluation Criteria - ITSEC
Entrapment
5. An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy.
Infrastructure
Business Recovery Timeline
Recovery Strategy
Open Mail Relay Servers
6. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.
Plain Text
Alternate Data Streams (File System Forks)
Vital Record
Business Continuity Program
7. The hard drive
Secondary Storage
Due Care
Object Oriented Programming (OOP)
Repeaters
8. Record history of incident
Mixed Law System
Tracking
Disaster Recovery Plan
Firmware
9. One of the key benefits of a network is the ability to share files stored on the server among several users.
Data Hiding
File Sharing
Identification
Executive Succession
10. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.
Processes are Isolated By
Bridge
Patch Management
TNI (Red Book)
11. Property that data is represented in the same manner at all times
Source Routing Exploitation
Plaintext
Consistency
Common Criteria
12. Provides a physical cross connect point for devices.
Patch Panels
Operational Impact Analysis
Security Clearance
Aggregation
13. Information which has retained its importance - but which has been created or stored by software/hardware that has been rendered obsolete.
Critical Functions
Legacy Data
Business Impact Assessment (BIA)
Damage Assessment
14. Unused storage capacity
Education
Slack Space
Security Domain
Multi-Party Control
15. Interception of a communication session by an attacker.
Job Training
Dictionary Attack
Data Marts
Hijacking
16. Method for determine functions - identifying function failure - assessing it - and were failure is most likely to occur
Keystroke Logging
Sampling
Fire Prevention
Failure Modes and Effect Analysis (FEMA)
17. Substitution at the word or phrase level
Access Control Matrix
Mirroring
Code
Multiplexers
18. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.
Alert
IP Address Spoofing
Change Control
Boot (V.)
19. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)
Replication
Forward Recovery
5 Rules Of Evidence
Smurf
20. Mediates communication between un-trusted hosts on behalf of the hosts that it protects.
Restoration
Access Control Lists
Deterrent
Proxies
21. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.
Incident Response
Monitor
Boot (V.)
Orange Book B2 Classification
22. To segregate for the purposes of labeling
Compartmentalize
Acronym for American Standard Code for Information Interchange (ASCII)
Surge
Strategic
23. Maximum tolerance for loss of certain business function - basis of strategy
Cold Site
Recovery Time Objectives
Hacker
Double Blind Testing
24. A world-wide wireless technology
Transfer
Mirroring
Wireless Fidelity (Wi-Fi )
Trojan Horse
25. A documented battle plan for coordinating response to incidents.
Certification
Content Dependent Access Control
Incident Handling
File Shadowing
26. Ertaining to a number system that has just two unique digits.
Hub
Binary
Kerckhoff's Principle
Incident Handling
27. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.
Business Records
War Dialing
Incident Handling
Business Unit Recovery
28. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.
Notification
Trusted Computing Base
Multilevel Security System
File Sharing
29. False memory reference
Authorization
Fire Prevention
Dictionary Attack
Dangling Pointer
30. Requirement to take time off
Mandatory Vacations
Database Replication
Identification
Conflict Of Interest
31. A cooperative collection of business processes and technologies used for the purpose of binding individuals to a digital certificate
Basics Of Secure Design
Accountability
Digital Signature
Public Key Infrastructure (PKI)
32. Measures followed to restore critical functions following a security incident.
Proprietary
Change Control
Recovery
Data Dictionary
33. Intellectual property protection for the expression of an idea
Copyright
JPEG (Joint Photographic Experts Group)
Mantrap (Double Door System)
Multi-Programming
34. Long term knowledge building
Business Recovery Timeline
The ACID Test
Kerckhoff's Principle
Education
35. Malware that makes many small changes over time to a single data point or system
Salami
Data Owner
Locard's Principle
Access Control Lists
36. A trusted issuer of digital certificates
Strategic
Administrative
Certification Authority
Surge
37. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).
Full-Interruption test
Hub
Embedded
Satellite
38. A critical event - which - if not handled in an appropriate manner - may dramatically impact an organization's profitability - reputation - or ability to operate.
3 Types of harm Addressed in computer crime laws
Information Technology Security Evaluation Criteria - ITSEC
Proxies
Crisis
39. A Trojan horse with the express underlying purpose of controlling host from a distance
Bollard
Remote Access Trojan
Corrective
Targeted Testing
40. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.
Pointer
Enticement
Orange Book B2 Classification
Degauss
41. Requirement of access to data for a clearly defined purpose
Lattice
Consistency
Remote Access Trojan
Need-To-Know
42. Consume resources to a point of exhaustion - loss of availability
Chain of Custody
Labeling
Denial Of Service
Payload
43. A mathematical tool for verifying no unintentional changes have been made
Accurate
User
Checksum
Near Site
44. An attack involving the hijacking of a TCP session by predicting a sequence number.
Failure Modes and Effect Analysis (FEMA)
Sequence Attacks
Deleted File
Cryptography
45. A condition in which neither party is willing to stop their activity for the other to complete
Deadlock
Investigation
Worldwide Interoperability for Microwave Access (WI-MAX )
High-Risk Areas
46. An individuals conduct that violates government laws developed to protect the public
Exposure
Modems
Criminal Law
Incident Response
47. Communication of a security incident to stakeholders and data owners.
Cross-Site Scripting
Electronic Vaulting
Notification
Redundant Servers
48. Pertaining to law - high degree of veracity
Logic Bomb
Monitor
Asymmetric
Accurate
49. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.
Authentic
Operational Impact Analysis
Time Of Check/Time Of Use
Malformed Input
50. A backup of data located where staff can not gain access readily and a regional disaster will not cause harm
Discretionary
Worldwide Interoperability for Microwave Access (WI-MAX )
Fiber Optics
ff Site
