SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Standard for the establishment - implementation - control - and improvement of the Information Security Management System
Mandatory Access Control (MAC)
Legacy Data
Recovery
ISO/IEC 27001
2. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.
Contingency Plan
Alert
Data Backup Strategies
Critical Records
3. Inference about encrypted communications
Procedure
Side Channel Attack
Debriefing/Feedback
Reciprocal Agreement
4. A covert storage channel on the file attribute
Emergency
Smurf
Fire Prevention
Alternate Data Streams (File System Forks)
5. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner
Life Cycle of Evidence
Repeaters
Hot Spares
Intrusion Detection Systems
6. People protect their domain
Disk Mirroring
Simulation
Territoriality
Least Privilege
7. Control category- to record an adversary's actions
Symmetric
False (False Positive)
Microwave
Detective
8. Maximum tolerance for loss of certain business function - basis of strategy
Orange Book C2 Classification
Decipher
Recovery Time Objectives
Cryptography
9. One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions
Interpreter
Intrusion Prevention Systems
Salami
Operational Exercise
10. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.
Failure Modes and Effect Analysis (FEMA)
Contingency Plan
Operational Impact Analysis
Buffer Overflow
11. A distributed system's transaction control that requires updates to complete or rollback
CobiT
Event
2-Phase Commit
Access Control Lists
12. Subset of operating systems components dedicated to protection mechanisms
Security Kernel
Payload
Incident Handling
Data Dictionary
13. Unchecked data which spills into another location in memory
Buffer Overflow
Radio Frequency Interference (RFI)
Message Digest
Fiber Optics
14. To break a business process into separate functions and assign to different people
Threat Agent
Separation Of Duties
Accurate
Orange Book B1 Classification
15. Code making
Cryptography
Process Isolation
Common Law
Burn
16. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.
Brute Force
Uninterruptible Power Supply (UPS)
Mitigate
Routers
17. Binary decision by a system of permitting or denying access to the entire system
Keyed-Hashing For Message Authentication
Authentication
Bit
Non-Interference
18. High degree of visual control
Stopped
Accreditation
Surveillance
Control Type
19. A condition in which neither party is willing to stop their activity for the other to complete
Storage Area Network (SAN)
Business Impact Assessment (BIA)
Primary Storage
Deadlock
20. Memory management technique that allows two processes to run concurrently without interaction
Certification
Protection
Trusted Computing Base
ISO/IEC 27002
21. A test conducted on one or more components of a plan under actual operating conditions.
Operational Test
Hot Spares
Degauss
Standalone Test
22. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.
Multilevel Security System
Worm
Dangling Pointer
Governance
23. Information that - if made public or even shared around the organization - could seriously impede the organization's operations
Highly Confidential
Firewalls
Quantitative Risk Analysis
Control Category
24. A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources (e.e workaround procedures - alternate work area - etc.)
Rollback
Contingency Plan
Multilevel Security System
Birthday Attack
25. Control category- to give instructions or inform
Time Of Check/Time Of Use
Masquerading
Directive
Data Custodian
26. Location to perform the business function
Alternate Site
Exercise
Simulation
Marking
27. It is embedded as part of a complete device often including hardware and mechanical parts - Features a limited OS - Mobile phones - routers and wireless devices take a similar approach - Less than robust security features - Difficult to patch.
Site Policy Awareness
Trademark
Embedded Systems
Activation
28. Act of luring an intruder and is legal.
Plaintext
Enticement
UPS
Cross Certification
29. Forging of an IP address.
Job Training
Generator
IP Address Spoofing
Standalone Test
30. Written core statements that rarely change
Man-In-The-Middle Attack
Policy
Compiler
Compartmentalize
31. Recording the Who What When Where How of evidence
Spyware
Fire Prevention
Chain Of Custody
UPS
32. Employment education done once per position or at significant change of function
Substitution
Job Training
On-Site
False (False Positive)
33. A technology that reduces the size of a file.
Pervasive Computing and Mobile Computing Devices
Mirrored Site
Compression
Multi-Core
34. Collection of data on business functions which determines the strategy of resiliency
Initialization Vector
Fiber Optics
Multi-Programming
Business Impact Assessment (BIA)
35. A signal suggesting a system has been or is being attacked.
Bumping
Alert/Alarm
Honeynet
Data Integrity
36. High frequency noise
Electromagnetic Interference (EMI)
Common Law
Accurate
Business Continuity Program
37. Two certificate authorities that trust each other
Cross Certification
Dictionary Attack
Noise
Blind Testing
38. More than one process in the middle of executing at a time
Bumping
Maximum Tolerable Downtime (MTD)
Security Clearance
Multi-Tasking
39. A collection of information designed to reduce duplication and increase integrity
Brownout
Elements of Negligence
Databases
Remote Journaling
40. Unauthorized wireless network access device.
Rogue Access Points
Embedded
Incident Handling
Labeling
41. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.
Polyalphabetic
Corrective
Data Backups
Debriefing/Feedback
42. Converts a high level language into machine language
Total Risk
Assembler
Picking
Fire Detection
43. Malware that makes small random changes to many data points
Data Diddler
Emergency Procedures
TCSEC (Orange Book)
Atomicity
44. A risk assessment method - measurable real money cost
Faraday Cage/ Shield
True Attack Stimulus
Disaster Recovery Tape
Quantitative
45. A program with an inappropriate second purpose
Degauss
Trojan Horse
Non-Interference
Monitor
46. Specific format of technical and physical controls that support the chosen framework and the architecture
Least Privilege
Processes are Isolated By
Total Risk
Infrastructure
47. Searching for wireless networks in a moving car.
War Driving
Worldwide Interoperability for Microwave Access (WI-MAX )
Mandatory Access Control (MAC)
Disaster Recovery Teams (Business Recovery Teams)
48. To move from location to location - keeping the same function
Job Rotation
Hearsay
Multilevel Security System
Discretionary Access Control (DAC)
49. Guidelines within an organization that control the rules and configurations of an IDS
Disaster Recovery Tape
Site Policy
Analysis
Elements of Negligence
50. Event(s) that cause harm
Incident
Elements of Negligence
Remote Access Trojan
Waterfall
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests