SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Using many alphabets
Electromagnetic Interference (EMI)
Denial Of Service
Fire Classes
Polyalphabetic
2. A set of best practices for programmers to seek in all application or data base design: Atomicity - Consistency - Isolation - Durability
Complete
Call Tree
Transfer
The ACID Test
3. The time period between a disaster and a return to normal functions - during which the disaster recovery plan is employed.
Identification
Business Recovery Timeline
Data Dictionary
Recovery Period
4. What is will remain - persistence
One Time Pad
Sniffing
Durability
IP Fragmentation
5. Responsibility for actions
Convincing
Liability
Data Owner
Switches
6. A form of data hiding which protects running threads of execution from using each other's memory
Process Isolation
Incident Response
Exercise
Acronym for American Standard Code for Information Interchange (ASCII)
7. Mediates communication between un-trusted hosts on behalf of the hosts that it protects.
Near Site
Admissible
Decipher
Proxies
8. Implementation of measures to deter specific threats to the continuity of business operations - and/or respond to any occurrence of such threats in a timely and appropriate manner.
Risk Mitigation
Voice Over IP (VOIP)
3 Types of harm Addressed in computer crime laws
Safeguard
9. OOP concept of a template that consist of attributes and behaviors
Backup
File Server
Transfer
Class
10. Joining two pieces of text
Crisis
Concatenation
Generator
Policy
11. Reduction of voltage by the utility company for a prolonged period of time
Desk Check Test
Brownout
File Sharing
Activation
12. Only the key protects the encrypted information
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
13. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.
Generator
Residual Data
Byte
Assembler
14. Loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.
Internal Use Only
Desk Check Test
Parallel Test
Wireless Fidelity (Wi-Fi )
15. Sphere of influence
Trade Secret
Domain
Inference
Entrapment
16. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems
ISO/IEC 27001
Byte Level Deletion
Acronym for American Standard Code for Information Interchange (ASCII)
Critical Functions
17. Information which has retained its importance - but which has been created or stored by software/hardware that has been rendered obsolete.
Due Care
Incident Response
Fault
Legacy Data
18. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data
Business Interruption
File Sharing
Byte Level Deletion
Data Integrity
19. Requirement of access to data for a clearly defined purpose
Need-To-Know
CPU Cache
Call Tree
Keyed-Hashing For Message Authentication
20. Act of scrambling the cleartext message by using a key.
Custodian
Burn
Worm
Encipher
21. Uncheck data input which results in redirection
Buffer Overflow
Orange Book A Classification
Hot Site
HTTP Response Splitting
22. Recovery alternative - short-term - high cost movable processing location
Mandatory
Hacker
Machine Language (Machine Code)
Mobile Site
23. A social engineering attack that uses spoofed email or websites to persuade people to divulge information.
Phishing
Off-Site Storage
IP Address Spoofing
Capability Tables
24. A unit of execution
Plaintext
Electrostatic Discharge
Threads
Initialization Vector
25. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.
Identification
Data Custodian
Security Blueprint
Change Control
26. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.
Incident Response Team
Centralized Access Control Technologies
Covert Channel
Business Interruption
27. A codename that refers to the study and mitigation of information disclosure via electromagnetic emanations from electronic equipment.
False Attack Stimulus
TEMPEST
Cipher Text
E-Mail Spoofing
28. A system that enforces an access control policy between two networks.
Malformed Input
Firewalls
Triage
Classification Scheme
29. To assert or claim credentialing to an authentication system
Multi-Tasking
Identification
Kerckhoff's Principle
Business Unit Recovery
30. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.
Dictionary Attack
File Shadowing
TNI (Red Book)
Isolation
31. Recovery alternative which includes cold site and some equipment and infrastructure is available
Off-Site Storage
Blind Testing
Warm Site
Fault Tolerance
32. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.
Business Recovery Timeline
Separation Of Duties
Consistency
Injection
33. Interception of a communication session by an attacker.
Business Continuity Program
Hub
Routers
Hijacking
34. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.
Due Diligence
Denial Of Service
Hard Disk
Residual Risk
35. A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.
Non-Repudiation
Bollard
Threats
Bit
36. A process state - to be either be unable to run waiting for an external event or terminated
Stopped
Malformed Input
Hacker
Distributed Denial Of Service
37. Weak evidence
Man-In-The-Middle Attack
Radio Frequency Interference (RFI)
Hearsay
Multi-Processing
38. A practice execution of the plan takes place. A specific scenario is established - and the simulation continues up to the point of actual relocation to the alternate site.
Simulation Test
Tracking
Incident
Buffer Overflow
39. Using small special tools all tumblers of the lock are aligned - opening the door
Routers
Picking
Total Risk
Botnet
40. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.
Deleted File
Pervasive Computing and Mobile Computing Devices
Workaround Procedures
Hash Function
41. Process whereby data is removed from active files and other data storage structures
TIFF (Tagged Image File Format)
Deletion
Administrative
Side Channel Attack
42. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.
Recovery Point Objective (RPO)
Notification
Certificate Revocation List (CRL)
Symmetric
43. Heavily populated areas - particularly susceptible to high-intensity earthquakes - floods - tsunamis - or other disasters - for which emergency response may be necessary in the event of a disaster.
High-Risk Areas
Multi-Processor
Detection
Running
44. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.
Operational Impact Analysis
Birthday Attack
Routers
Governance
45. A test conducted on multiple components of a plan - in conjunction with each other - typically under simulated operating conditions
Warm Site
Integrated Test
System Downtime
DR Or BC Coordinator
46. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.
Active Data
Fire Suppression
Contingency Plan
Orange Book A Classification
47. A collection of information designed to reduce duplication and increase integrity
Databases
Durability
Compression
Walk Though
48. A process state - to be executing a process on the CPU
Business Continuity Program
Information Flow Model
Running
False Negative
49. Object reuse protection and auditing
Forensic Copy
File Extension
Orange Book C2 Classification
Hub
50. A running key using a random key that is never used again
Electrostatic Discharge
One Time Pad
Confidence Value
Packet Filtering