SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives
Memory Management
Critical Functions
Orange Book C Classification
Plain Text
2. Information which has retained its importance - but which has been created or stored by software/hardware that has been rendered obsolete.
Business Recovery Timeline
Legacy Data
Work Factor
Electronic Vaulting
3. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.
Mirrored Site
Business Interruption
Redundant Servers
Standard
4. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals
Encapsulation
Computer System Evidence
Fault
Fire Classes
5. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.
ff Site
Mirroring
Computer System Evidence
Mandatory Vacations
6. Unauthorized wireless network access device.
Instance
Cryptovariable
Rogue Access Points
Redundant Array Of Independent Drives (RAID)
7. To assert or claim credentialing to an authentication system
CobiT
Identification
Business Records
Sag/Dip
8. Act of luring an intruder and is legal.
Enticement
Technical Access Controls
Application Programming Interface
Civil Or Code Law
9. Server optimized for providing file-based data storage to the network. Unlike a File Server - a NAS unit has no input or output devices - and the OS is dedicated for providing storage services.
Electromagnetic Interference (EMI)
Site Policy
Network Attached Storage (NAS)
Mandatory Access Control (MAC)
10. To stop damage from spreading
Fiber Optics
Containment
Forensic Copy
Structured Walk-Through Test
11. Unsolicited advertising software
Side Channel Attack
Critical Functions
File Sharing
Adware
12. The chance that something negative will occur
Storage Area Network (SAN)
Alternate Data Streams (File System Forks)
Risk
Digital Certificate
13. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.
Recovery
Business Unit Recovery
Emanations
Bit
14. To break a business process into separate functions and assign to different people
Rollback
Internal Use Only
Separation Of Duties
Declaration
15. Memory management technique which allows data to be moved from one memory address to another
Framework
Incident Response Team
Relocation
Examples of non-technical security components
16. To jump to a conclusion
Domain
Emanations
Operational Test
Inference
17. Pertaining to law - verified as real
Maximum Tolerable Downtime (MTD)
Authentic
Site Policy Awareness
Integrated Test
18. A telephone exchange for a specific office or business.
Plain Text
Computer Forensics
Detective
Private Branch Exchange (PBX)
19. A process state - to be executing a process on the CPU
Classification Scheme
Uninterruptible Power Supply (UPS)
False Negative
Running
20. Collection of data on business functions which determines the strategy of resiliency
Business Impact Assessment (BIA)
Multi-Core
Eavesdropping
Enticement
21. Maintenance procedures outline the process for the review and update of business continuity plans.
False (False Positive)
Top Secret
Plan Maintenance Procedures
Ring Protection
22. Forgery of the sender's email address in an email header.
E-Mail Spoofing
Machine Language (Machine Code)
Convincing
Contact List
23. Moving the alphabet intact a certain number spaces
Polyalphabetic
Shift Cipher (Caesar)
Pointer
IP Address Spoofing
24. An availability attack - to consume resources to the point of exhaustion
Twisted Pair
Education
Denial Of Service
Sequence Attacks
25. A type a computer memory that temporarily stores frequently used information for quick access.
Binary
Cache
Aggregation
Access Control Lists
26. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing
Declaration
Technical Access Controls
Shadowing (file shadowing)
Strategic
27. The partial or full duplication of data from a source database to one or more destination databases.
Database Replication
Hard Disk
ISO/IEC 27001
Fire Suppression
28. To reduce fire
Multiplexers
Fire Suppression
Dictionary Attack
Fire Detection
29. Uses two or more legal systems
Burn
Honeypot
Botnet
Mixed Law System
30. Mathematical function that determines the cryptographic operations
Containment
Algorithm
Kernel
Digital Certificate
31. Of a system without prior knowledge by the tester or the tested
Double Blind Testing
Consistency
Service Bureau
Data Recovery
32. Unchecked data which spills into another location in memory
Multi-Tasking
Mixed Law System
Checklist Test (desk check)
Buffer Overflow
33. A backup of data located where staff can gain access immediately
Infrastructure
Hard Disk
On-Site
Security Blueprint
34. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)
Smurf
Wireless Fidelity (Wi-Fi )
Recovery Period
Noise
35. A practice execution of the plan takes place. A specific scenario is established - and the simulation continues up to the point of actual relocation to the alternate site.
Repeaters
Cryptovariable
Simulation Test
Multilevel Security System
36. Controls for termination of attempt to access object
Mandatory
Access Control
Emanations
Intrusion Prevention Systems
37. The study of cryptography and cryptanalysis
Cryptology
Directive
Fragmented Data
Metadata
38. A set of laws that the organization agrees to be bound by
Process Isolation
Life Cycle of Evidence
Administrative Law
Due Care
39. A risk assessment method - measurable real money cost
Quantitative
Storage Area Network (SAN)
Crisis
Fraggle
40. Outputs within a given function are the same result
Mantrap (Double Door System)
Double Blind Testing
Collisions
Firmware
41. A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources (e.e workaround procedures - alternate work area - etc.)
Recovery Time Objectives
Atomicity
Business Interruption Insurance
Contingency Plan
42. A design methodology which executes in a linear one way fashion
Coaxial Cable
Control
Waterfall
Conflict Of Interest
43. To create a copy of data as a precaution against the loss or damage of the original data.
Collisions
Backup
Common Criteria
Event
44. Information about data or records
Eavesdropping
Private Branch Exchange (PBX)
Metadata
CobiT
45. Controls deployed to avert unauthorized and/or undesired actions.
Remanence
Certificate Revocation List (CRL)
Prevention
Revocation
46. The property that data meet with a priority expectation of quality and that the data can be relied upon.
Data Integrity
Boot (V.)
Residual Risk
Kerckhoff's Principle
47. A BCP testing type - a test that answers the question: Can the organization replicate the business process?
Liability
Hearsay Evidence
Multi-Tasking
Simulation
48. Hitting a filed down key in a lock with a hammer to open without real key
Keyed-Hashing For Message Authentication
Business Records
Bumping
Analysis
49. Objects or programming that looks the different but act same
Polymorphism
Eavesdropping
High-Risk Areas
Protection
50. A trusted issuer of digital certificates
Certification Authority
Data Backup Strategies
Gateway
Data Marts
