SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An administrative unit or a group of objects and subjects controlled by one reference monitor
Emanations
Plan Maintenance Procedures
Internal Use Only
Security Domain
2. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.
Business Recovery Timeline
Disaster Recovery Tape
Orange Book B2 Classification
Disaster
3. Recovery alternative - complete duplication of services including personnel
Mirrored Site
Access Control Lists
Mirroring
HTTP Response Splitting
4. Notification that a potential disaster situation exists or has occurred; direction for recipient to stand by for possible activation of disaster recovery plan.
Alert
Encipher
Database Replication
Logic Bomb
5. An availability attack - to consume resources to the point of exhaustion from multiple vectors
Relocation
Internal Use Only
Distributed Denial Of Service
Modification
6. Renders the file inaccessible to the operating system - available to reuse for data storage.
Mock Disaster
Cryptovariable
Recovery
File Level Deletion
7. Object reuse protection and auditing
Shadowing (file shadowing)
Orange Book C2 Classification
Multi-Processor
Quantitative Risk Analysis
8. Intellectual property protection for an invention
Threats
War Driving
Binary
Patent
9. A one way - directed graph which indicates confidentiality or integrity flow
Key Escrow
Lattice
Orange Book A Classification
Recovery
10. Unauthorized wireless network access device.
Triage
Near Site
Cross Certification
Rogue Access Points
11. To jump to a conclusion
Inference
Damage Assessment
Activation
Information Owner
12. Eavesdropping on network communications by a third party.
Private Branch Exchange (PBX)
False Attack Stimulus
Sniffing
Data Custodian
13. The study of cryptography and cryptanalysis
Symmetric
Infrastructure
Hearsay Evidence
Cryptology
14. Companies should have their own team - made up of ppl from management - IT leagal - HR - and public relations - security and other key areas
State Machine Model
Bridge
Embedded
Incident Response Team
15. Communicate to stakeholders
Mandatory Access Control (MAC)
Mantrap (Double Door System)
Algorithm
Debriefing/Feedback
16. It is embedded as part of a complete device often including hardware and mechanical parts - Features a limited OS - Mobile phones - routers and wireless devices take a similar approach - Less than robust security features - Difficult to patch.
Distributed Denial Of Service
Embedded Systems
Data Custodian
Polymorphism
17. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code
Embedded
Deterrent
3 Types of harm Addressed in computer crime laws
Examples of non-technical security components
18. Short period of low voltage.
Sag/Dip
Object Reuse
Business Continuity Program
Access Control Matrix
19. Malware that makes many small changes over time to a single data point or system
Salami
Certification
Honeynet
Layering
20. A planned or unplanned interruption in system availability.
Mock Disaster
System Downtime
Evidence
Mirroring
21. An availability attack - to consume resources to the point of exhaustion
Civil Law
Revocation
Denial Of Service
Mobile Recovery
22. Intellectual property protection for marketing efforts
Microwave
Security Blueprint
Trademark
Masquerading
23. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.
Analysis
Algorithm
Hash Function
Compensating
24. Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).
Alarm Filtering
Full-Interruption test
System Downtime
Degauss
25. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals
Fire Classes
Time Of Check/Time Of Use
Concentrator
Disaster
26. Key
Business Continuity Planning (BCP)
Cryptovariable
State Machine Model
On-Site
27. Hardware or software that is part of a larger system
Embedded
Mantrap (Double Door System)
Data Leakage
Reciprocal Agreement
28. An attack technique that exploits systems that do not perform input validation by embedding partial SQL queries inside input.
Mirrored Site
Injection
Picking
Compiler
29. A temporary public file to inform others of a compromised digital certificate
Triage
Recovery Time Objectives
Certificate Revocation List (CRL)
Dictionary Attack
30. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?
TIFF (Tagged Image File Format)
Hearsay Evidence
Walk Though
Countermeasure
31. A programming design concept which abstracts one set of functions from another in a serialized fashion
Sniffing
Contact List
Layering
Databases
32. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.
Trojan Horse
Non-Discretionary Access Control
Detection
Restoration
33. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.
Certification Authority
Accurate
Classification
Operational Test
34. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.
Business Impact Assessment (BIA)
Blackout
Key Escrow
Privacy Laws
35. Program that inappropriately collects private data or activity
Covert Channel
Spyware
Checklist Test (desk check)
Wait
36. A race condition where the security changes during the object's access
Time Of Check/Time Of Use
Copyright
Physical Tampering
Damage Assessment
37. Maximum tolerance for loss of certain business function - basis of strategy
Log
Call Tree
Total Risk
Recovery Time Objectives
38. A layer 2 device that used to connect two network segments and regulate traffic.
Business Recovery Timeline
Key Space
Territoriality
Bridge
39. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.
Class
Distributed Denial Of Service
Orange Book A Classification
Disaster Recovery Teams (Business Recovery Teams)
40. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner
Business Continuity Program
Prevention
Network Attached Storage (NAS)
Life Cycle of Evidence
41. A Trojan horse with the express underlying purpose of controlling host from a distance
Encapsulation
Application Programming Interface
Remote Access Trojan
Labeling
42. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements
Masked/Interruptible
Rootkit
Procedure
TNI (Red Book)
43. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.
Pointer
2-Phase Commit
Business Interruption Insurance
Encipher
44. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.
Source Routing Exploitation
Vital Record
File Server
Containment
45. Pertaining to law - lending it self to one side of an argument
Data Integrity
Tactical
Convincing
Governance
46. Impossibility of denying authenticity and identity
Payload
ISO/IEC 27001
Monitor
Non-Repudiation
47. Written internalized or nationalized norms that are internal to an organization
Standard
War Dialing
Administrative Laws
Workaround Procedures
48. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.
Common Law
Digital Signature
Teardrop
Deleted File
49. After being seized - the investigator should make a bit mirror image copy of the storage media before doing anything else.
Computer System Evidence
Civil Law
Bollard
Burn
50. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.
Civil Law
Change Control
Data Hiding
Consistency
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests