SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A race condition where the security changes during the object's access
Attacker (Black hat - Hacker)
Disaster Recovery Teams (Business Recovery Teams)
Time Of Check/Time Of Use
Message Digest
2. Autonomous malware that requires a flaw in a service
Worm
Firewalls
Ethics
Access Point
3. Memory management technique which allows subjects to use the same resource
Electronic Vaulting
Sharing
Race Condition
Mitigate
4. Using many alphabets
Recovery Strategy
Multi-Processing
Asymmetric
Polyalphabetic
5. System directed mediation of access with labels
Hearsay Evidence
Inference
Message Digest
Mandatory
6. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.
Digital Certificate
Active Data
Administrative Laws
Control Category
7. Mitigate damage by isolating compromised systems from the network.
Containment
Database Replication
Binary
Business Records
8. Those who initiate the attack
Relocation
Hearsay
EMI
Threat Agent
9. Process of statistically testing a data set for the likelihood of relevant information.
Vital Record
Polymorphism
Encapsulation
Sampling
10. A device that provides the functions of both a bridge and a router.
Change Control
Brouter
Phishing
Multi-Party Control
11. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.
Instance
Highly Confidential
Multilevel Security System
Prevention
12. Effort/time needed to overcome a protective measure
Fire Detection
Total Risk
Spam
Work Factor
13. Uncleared buffers or media
Object Reuse
Attacker (Black hat - Hacker)
Plan Maintenance Procedures
Codec
14. Recording the Who What When Where How of evidence
Chain Of Custody
Revocation
Side Channel Attack
Digital Signature
15. Intermediate level - pertaining to planning
Conflict Of Interest
Central Processing Unit (CPU)
Operational
IDS Intrusion Detection System
16. A disturbance that degrades performance of electronic devices and electronic communications.
Bit
Radio Frequency Interference (RFI)
Security Clearance
SYN Flooding
17. Substitution at the word or phrase level
Distributed Processing
Incident Response
Computer System Evidence
Code
18. More than one processor sharing same memory - also know as parallel systems
Strategic
Elements of Negligence
Critical Functions
Multi-Processor
19. A comprehensive set of controls comprising best practices in information security and provides guidelines on how to set up and maintain security programs.
Containment
ISO/IEC 27002
Risk Assessment / Analysis
Keyed-Hashing For Message Authentication
20. Mitigation of system or component loss or interruption through use of backup capability.
Security Clearance
Fault Tolerance
Mock Disaster
Kerckhoff's Principle
21. Organization's prior arrangements made to maintain the functions and processes important to the existence of the organization
Entrapment
Firmware
Cross-Site Scripting
Business Continuity Planning (BCP)
22. Forgery of the sender's email address in an email header.
Interception
Recovery
Resumption
E-Mail Spoofing
23. A mathematical tool for verifying no unintentional changes have been made
Checksum
Elements of Negligence
Information Technology Security Evaluation Criteria - ITSEC
Highly Confidential
24. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.
Covert Channel
Virus
Tracking
TIFF (Tagged Image File Format)
25. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements
TNI (Red Book)
Strategic
Convincing
Hot Site
26. False memory reference
Dangling Pointer
Discretionary
Message Digest
Warm Site
27. Requires two of the three user authentication attributes (knows - is or has) - e.g. you have an ATM card and enter a PIN
Convincing
Checksum
Strong Authentication
Sampling
28. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.
State Machine Model
Durability
Plaintext
Event
29. Recording activities at the keyboard level
Source Routing Exploitation
Keystroke Logging
Multi-Core
File Shadowing
30. Two certificate authorities that trust each other
Cross Certification
Distributed Processing
Faraday Cage/ Shield
Primary Storage
31. A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources (e.e workaround procedures - alternate work area - etc.)
Sequence Attacks
Interference (Noise)
Decipher
Contingency Plan
32. Potentially retrievable data residue that remains following intended erasure of data.
Disaster
Bridge
Remanence
Full-Interruption test
33. People who interact with assets
Cryptography
Administrative Law
User
Territoriality
34. Narrow scope examination of a system
Targeted Testing
Radio Frequency Interference (RFI)
TEMPEST
Fraggle
35. Of a system without prior knowledge by the tester or the tested
Double Blind Testing
Data Backups
Generator
Common Law
36. A subnetwork with storage devices servicing all servers on the attached network.
Encapsulation
Storage Area Network (SAN)
Source Routing Exploitation
Active Data
37. Object reuse protection and auditing
Structured Walk-Through Test
Orange Book C2 Classification
Aggregation
Multi-Tasking
38. Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).
Electronic Vaulting
Backup
Degauss
Containment
39. For PKI - decertify an entities certificate
Revocation
Man-In-The-Middle Attack
Need-To-Know
Bumping
40. Code making
Algorithm
Critical Functions
System Life Cycle
Cryptography
41. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.
Smurf
Side Channel Attack
Mixed Law System
Standalone Test
42. An image compression standard for photographs
Directive
Accountability
JPEG (Joint Photographic Experts Group)
Fragmented Data
43. Intellectual property protection for an confidential and critical process
Trade Secret
Triage
War Driving
Structured Walk-Through Test
44. OOP concept of an object's abilities - what it does
Quantitative
Databases
SYN Flooding
Method
45. Something that happened
Desk Check Test
Class
Event
User
46. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.
Critical Records
Non-Interference
Fault Tolerance
Spyware
47. Evidence must be: admissible - authentic - complete - accurate - and convincing
Cryptovariable
Multi-Core
5 Rules Of Evidence
Orange Book C2 Classification
48. Representatives from each functional area or department get together and walk through the plan from beginning to end.
Packet Filtering
Computer System Evidence
Structured Walk-Through Test
Switches
49. System mediation of access with the focus on the context of the request
Work Factor
Checkpoint
Running
Content Dependent Access Control
50. The chance that something negative will occur
Information Risk Management (IRM)
Vital Record
Risk
Lattice
