SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).
Hub
Initialization Vector
Bumping
Territoriality
2. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.
Keystroke Logging
Disk Mirroring
Information Owner
Business Interruption
3. Intellectual property protection for the expression of an idea
Risk Assessment / Analysis
Brownout
Recovery
Copyright
4. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data
Admissible
Modification
Byte Level Deletion
Restoration
5. A type a computer memory that temporarily stores frequently used information for quick access.
Cache
Computer System Evidence
Sampling
Inheritance
6. The first rating that requires security labels
Orange Book B1 Classification
Algorithm
Discretionary
Chain of Custody
7. A choice in risk management - to convince another to assume risk - typically by payment
Containment
Secondary Storage
Transfer
Storage Area Network (SAN)
8. All of the protection mechanism in a computer system
Trusted Computing Base
Mandatory Access Control (MAC)
Firewall
Simulation Test
9. Organized group of compromised computers
Due Care
Capability Tables
Access Control Lists
Botnet
10. Binary decision by a system of permitting or denying access to the entire system
Mock Disaster
Consistency
Sampling
Authentication
11. A back up type - where the organization has excess capacity in another location.
Key Space
Distributed Processing
Checklist Test (desk check)
Incident Response Team
12. A programming device use in development to circumvent controls
Trapdoors (Backdoors) (Maintenance Hooks)
Detective
Spam
Multi-Tasking
13. A risk assessment method - measurable real money cost
Degauss
Quantitative
Mirrored Site
Top Secret
14. A electronic attestation of identity by a certificate authority
Due Care
Digital Certificate
Honeypot
Threat Agent
15. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid
Preemptive
Sniffing
Data Owner
Civil Law
16. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code
Fiber Optics
Machine Language (Machine Code)
3 Types of harm Addressed in computer crime laws
Authorization
17. A passive network attack involving monitoring of traffic.
Remote Journaling
Cross Certification
Eavesdropping
Infrastructure
18. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.
Emergency Procedures
Patch Management
File Shadowing
Containment
19. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.
Lattice
Cold Site
Picking
Multilevel Security System
20. Final purpose or result
Cookie
Worm
Payload
Routers
21. Recording the Who What When Where How of evidence
File Level Deletion
Countermeasure
Isolation
Chain Of Custody
22. Natural occurrence in circuits that are in close proximity
Wait
Dictionary Attack
Interference (Noise)
Full Test (Full Interruption)
23. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.
TEMPEST
TIFF (Tagged Image File Format)
Prevention
Data Backups
24. For PKI - to store another copy of a key
Key Space
False Negative
Total Risk
Key Escrow
25. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a hub).
Concentrator
Embedded Systems
Honeypot
Data Owner
26. To create a copy of data as a precaution against the loss or damage of the original data.
Checkpoint
Maximum Tolerable Downtime (MTD)
Birthday Attack
Backup
27. The level and label given to an individual for the purpose of compartmentalization
Governance
Security Clearance
Denial Of Service
Dangling Pointer
28. The hard drive
Secondary Storage
IP Fragmentation
Blackout
Monitor
29. A type of attack involving attempted insertion - deletion or altering of data.
Rogue Access Points
Modification
Business Unit Recovery
Cryptology
30. An administrative unit or a group of objects and subjects controlled by one reference monitor
Vital Record
Security Domain
Checklist Test
Isolation
31. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."
Strong Authentication
Disaster Recovery Tape
Degauss
Microwave
32. A design methodology which addresses risk early and often
Packet Filtering
Spiral
Cross Certification
Coaxial Cable
33. Eavesdropping on network communications by a third party.
File Shadowing
Tapping
Data Backups
Cipher Text
34. A list of team members and/or key players to be contacted including their backups. The list will include the necessary contact information (i.e. Home phone - pager - cell - etc.) And in most cases be considered confidential.
Worldwide Interoperability for Microwave Access (WI-MAX )
Contact List
State Machine Model
Cold Site
35. A covert storage channel on the file attribute
War Dialing
Compensating
Alternate Data Streams (File System Forks)
Injection
36. Heavily populated areas - particularly susceptible to high-intensity earthquakes - floods - tsunamis - or other disasters - for which emergency response may be necessary in the event of a disaster.
User
Disaster Recovery Tape
Interpreter
High-Risk Areas
37. Part of a transaction control for a database which informs the database of the last recorded transaction
Masquerading
Asymmetric
Checkpoint
Life Cycle of Evidence
38. Return to a normal state
Supervisor Mode (monitor - system - privileged)
Vital Record
Multi-Tasking
Recovery
39. Weakness or flaw in an asset
3 Types of harm Addressed in computer crime laws
Data Integrity
Access Control Matrix
Vulnerability
40. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals
Admissible
Fire Classes
Compensating
Active Data
41. A BCP testing type - a test that answers the question: Can the organization operate at the alternate location only?
Data Diddler
Full Test (Full Interruption)
File Level Deletion
Replication
42. An availability attack - to consume resources to the point of exhaustion from multiple vectors
Distributed Denial Of Service
Data Leakage
Contingency Plan
Discretionary Access Control (DAC)
43. A device that sequentially switches multiple analog inputs to the output.
Classification Scheme
Multiplexers
Spiral
Residual Risk
44. Ertaining to a number system that has just two unique digits.
Binary
Coaxial Cable
Emergency Operations Center (EOC)
Picking
45. A program that waits for a condition or time to occur that executes an inappropriate activity
Access Control Lists
Logic Bomb
Object
Territoriality
46. Intellectual property protection for marketing efforts
Disaster Recovery Teams (Business Recovery Teams)
Atomicity
Trademark
BCP Testing Drills and Exercises
47. Calculation encompassing threats - vulnerabilities and assets
Journaling
File Extension
Access Control
Total Risk
48. Regular operations are stopped and where processing is moved to the alternate site.
Smurf
Full-Interruption test
Inheritance
Remote Journaling
49. A practice execution of the plan takes place. A specific scenario is established - and the simulation continues up to the point of actual relocation to the alternate site.
Enticement
Simulation Test
One Time Pad
Waterfall
50. Subjects will not interact with each other's objects
Non-Interference
Detective
Electronic Vaulting
Strong Authentication
