SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Process of statistically testing a data set for the likelihood of relevant information.
Business Continuity Program
Highly Confidential
Entrapment
Sampling
2. System of law based upon what is good for society
Civil Or Code Law
Brownout
Contact List
Framework
3. A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources (e.e workaround procedures - alternate work area - etc.)
Pointer
Permutation /Transposition
Contingency Plan
Process Isolation
4. A design methodology which addresses risk early and often
Digital Signature
Spiral
Business Recovery Timeline
Classification
5. Mathematical function that determines the cryptographic operations
Algorithm
Process Isolation
Watermarking
Data Dictionary
6. A state for operating system tasks only
Data Marts
Operational Exercise
Logic Bomb
Supervisor Mode (monitor - system - privileged)
7. Memory management technique that allows two processes to run concurrently without interaction
Disk Mirroring
Alert
Protection
Microwave
8. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.
Blackout
Burn
File Shadowing
Infrastructure
9. A passive network attack involving monitoring of traffic.
TIFF (Tagged Image File Format)
Eavesdropping
E-Mail Spoofing
Multi-Processor
10. A layer 3 device that used to connect two or more network segments and regulate traffic.
Exercise
Failure Modes and Effect Analysis (FEMA)
TCSEC (Orange Book)
Routers
11. A mail server that improperly allows inbound SMTP connections for domains it does not serve.
Open Mail Relay Servers
Double Blind Testing
Need-To-Know
Denial Of Service
12. Effort/time needed to overcome a protective measure
Information Technology Security Evaluation Criteria - ITSEC
Work Factor
On-Site
Modems
13. System of law based upon precedence - with major divisions of criminal - tort - and administrative
Trusted Computing Base
File Extension
Common Law
Disaster Recovery Plan
14. RADIUS - TACACS+ - Diameter
Hub
Domain
Contingency Plan
Centralized Access Control Technologies
15. Continuous surveillance - to provide for detection and response of any failure in preventive controls.
File Shadowing
Monitor
Containment
Fraggle
16. A set of laws that the organization agrees to be bound by
Disk Mirroring
Asymmetric
Generator
Administrative Law
17. Recovery alternative - everything needed for the business function - except people and last backup
Architecture
False (False Positive)
Hot Site
Uninterruptible Power Supply (UPS)
18. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner
Life Cycle of Evidence
Coaxial Cable
Information Owner
Symmetric
19. A BCP testing type - a test that answers the question: Can the organization replicate the business process?
HTTP Response Splitting
Simulation
Brouter
Deadlock
20. Two different keys decrypt the same cipher text
Key Clustering
Bridge
Containment
Risk Assessment / Analysis
21. Statistical probabilities of a collision are more likely than one thinks
Data Hiding
Brouter
Electronic Vaulting
Birthday Attack
22. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).
Control Category
Blind Testing
Repeaters
Plan Maintenance Procedures
23. Using many alphabets
Polyalphabetic
ISO/IEC 27002
Liability
Data Owner
24. Used to code/decode a digital data stream.
Codec
Data Backup Strategies
Checksum
Sampling
25. A signal suggesting a system has been or is being attacked.
Complete
Incident Manager
Deletion
Alert/Alarm
26. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.
Preemptive
Integrated Test
Layering
Business Interruption Insurance
27. Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.
Fragmented Data
SQL Injection
Elements of Negligence
Blind Testing
28. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements
Virtual Memory
Recovery
Checkpoint
TCSEC (Orange Book)
29. Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).
Guidelines
Moore's Law
Degauss
Metadata
30. Disruption of operation of an electronic device due to a competing electromagnetic field.
Masquerading
Digital Signature
EMI
Digital Signature
31. Intellectual property protection for the expression of an idea
CobiT
War Driving
Copyright
Boot (V.)
32. Alternate facility - other than the primary production site - where duplicated vital records and documentation may be stored for use during disaster recovery.
Marking
Centralized Access Control Technologies
Off-Site Storage
Alert/Alarm
33. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals
TCSEC (Orange Book)
Fire Classes
Exercise
Message Digest
34. Indivisible - data field must contain only one value that either all transactions take place or none do
Accreditation
Crisis
Memory Management
Atomicity
35. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions
Orange Book C Classification
Mantrap (Double Door System)
Orange Book D Classification
JPEG (Joint Photographic Experts Group)
36. All of the protection mechanism in a computer system
Trusted Computing Base
Containment
Strong Authentication
Countermeasure
37. A layer 2 device that used to connect two network segments and regulate traffic.
Declaration
Bridge
Work Factor
Object
38. For PKI - to store another copy of a key
Debriefing/Feedback
Standalone Test
Key Escrow
Analysis
39. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.
Processes are Isolated By
Private Branch Exchange (PBX)
Transfer
Steganography
40. Motive - opportunity - and means; when looking for suspects it is important to consider these 3 things
Classification
Digital Signature
MOM
Operating
41. Converts a high level language into machine language
Surveillance
On-Site
Assembler
Interpreter
42. Descrambling the encrypted message with the corresponding key
Decipher
Symmetric
Radio Frequency Interference (RFI)
Accurate
43. Claiming another's identity at a physical level
Masquerading
Shift Cipher (Caesar)
Database Replication
Instance
44. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.
Call Tree
Database Shadowing
Data Owner
Total Risk
45. A Denial of Service attack initiated by sending spoofed UDP echo request to IP broadcast addresses. (See Smurf)
Fraggle
Worm
Switches
File Extension
46. A process state - to be either be unable to run waiting for an external event or terminated
Firewalls
Source Routing Exploitation
Stopped
Activation
47. Written step-by-step actions
Data Hiding
Multi-Programming
Cookie
Procedure
48. Long term knowledge building
Risk Assessment
Education
Incident Handling
War Driving
49. Location where coordination and execution of BCP or DRP is directed
Emergency Operations Center (EOC)
Procedure
Remote Journaling
Sharing
50. Written internalized or nationalized norms that are internal to an organization
Recovery
Recovery
Standard
Domain
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests