SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.
Digital Certificate
Restoration
Spyware
Forensic Copy
2. A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.
Record Level Deletion
Contact List
Class
Emergency Procedures
3. People protect their domain
Uninterruptible Power Supply (UPS)
Territoriality
Interference (Noise)
Blackout
4. More than one processor sharing same memory - also know as parallel systems
Hacker
Multi-Processor
Surge Suppressor
Computer Forensics
5. Potential danger to information or systems
Disaster
Parallel Test
Alert/Alarm
Threats
6. Weak evidence
Data Recovery
Hearsay
Substitution
Operational Test
7. One way encryption
Hash Function
Worm
Incident Response
Gateway
8. A Denial of Service attack that exploits packet filter firewalls that only inspect the initial fragment of a fragmented packet.
Structured Walkthrough
Binary
Compiler
Overlapping Fragment Attack
9. Review of data
Analysis
Accreditation
Binary
Administrative Access Controls
10. A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources (e.e workaround procedures - alternate work area - etc.)
Pointer
Contingency Plan
Satellite
Noise
11. Using many alphabets
Architecture
Polyalphabetic
Logic Bomb
Hot Site
12. More than one process in the middle of executing at a time
Least Privilege
Multi-Tasking
Forward Recovery
Denial Of Service
13. Redundant component that provides failover capability in the event of failure or interruption of a primary component.
Embedded
Repeaters
Kerckhoff's Principle
Hot Spares
14. Recovery alternative - everything needed for the business function - except people and last backup
Electronic Vaulting
Time Of Check/Time Of Use
Hot Site
Transients
15. An opportunity for a threat to cause loss. (terminology that encompasses many recent risk terms)
MOM
Birthday Attack
Disaster
Exposure
16. Memory management technique that allows two processes to run concurrently without interaction
Payload
Double Blind Testing
Dictionary Attack
Protection
17. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.
Brute Force
Critical Records
System Life Cycle
Triage
18. A system designed to prevent unauthorized access to or from a private network.
Journaling
Firewall
Side Channel Attack
Total Risk
19. Only the key protects the encrypted information
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
20. Standard for the establishment - implementation - control - and improvement of the Information Security Management System
Checkpoint
Byte Level Deletion
Adware
ISO/IEC 27001
21. A backup type which creates a complete copy
Replication
Compiler
Open Mail Relay Servers
Record Level Deletion
22. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.
Processes are Isolated By
Active Data
Key Clustering
Business Records
23. Implementation of operating system protection mechanism - where more sensitive built upon the layering concept
Site Policy Awareness
Custodian
Ring Protection
Plan Maintenance Procedures
24. High level - pertaining to planning
Orange Book D Classification
Moore's Law
Strategic
Processes are Isolated By
25. The technical and risk assesment of a system within the context of the operating environment
Certification
3 Types of harm Addressed in computer crime laws
Consistency
Codec
26. A process state - to be executing a process on the CPU
Symmetric
Running
Policy
Data Dictionary
27. To ensure that evidence will be admissible in court by showing it was properly controlled and handled before being presented in court
Dangling Pointer
Voice Over IP (VOIP)
Chain of Custody
Sharing
28. Pertaining to law - no omissions
Overlapping Fragment Attack
Side Channel Attack
Simulation
Complete
29. Communication of a security incident to stakeholders and data owners.
Notification
Interpreter
Infrastructure
Debriefing/Feedback
30. A test conducted on one or more components of a plan under actual operating conditions.
Framework
IP Address Spoofing
Operational Test
Firewalls
31. A Denial of Service attack that exploits systems that are not able to handle malicious - overlapping and oversized IP fragments.
Privacy Laws
ITSEC
Infrastructure
Teardrop
32. Written step-by-step actions
Machine Language (Machine Code)
Object
Encapsulation
Procedure
33. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.
Electronic Vaulting
Orange Book A Classification
Surveillance
Security Domain
34. An attack technique that exploits systems that do not perform input validation by embedding partial SQL queries inside input.
Liability
Multi-Processing
Cryptology
Injection
35. Interception of a communication session by an attacker.
Fault Tolerance
Denial Of Service
Hijacking
Packet Filtering
36. Maintenance procedures outline the process for the review and update of business continuity plans.
Surveillance
Plan Maintenance Procedures
Object Reuse
5 Rules Of Evidence
37. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.
Residual Data
Burn
Activation
Microwave
38. Is secondhand and usually not admissible in court
Wait
Double Blind Testing
Hearsay Evidence
Class
39. Line noise that is superimposed on the supply circuit.
Targeted Testing
Journaling
Transients
Evidence
40. Process whereby data is removed from active files and other data storage structures
False Attack Stimulus
Business Recovery Timeline
Deletion
Private Branch Exchange (PBX)
41. Low level - pertaining to planning
Mission-Critical Application
Data Recovery
Tactical
Control Category
42. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor
Concatenation
Information Technology Security Evaluation Criteria - ITSEC
Coaxial Cable
Uninterruptible Power Supply (UPS)
43. The process of categorizing attack alerts produced from an IDS in order to distinguish false positives from actual attacks
Running Key
War Driving
Alarm Filtering
Highly Confidential
44. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.
Operational Impact Analysis
Running Key
Radio Frequency Interference (RFI)
Checkpoint
45. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.
Countermeasure
Pervasive Computing and Mobile Computing Devices
Mirroring
Policy
46. Substitution at the word or phrase level
Tactical
Code
Reciprocal Agreement
Data Owner
47. An availability attack - to consume resources to the point of exhaustion from multiple vectors
Critical Records
Distributed Denial Of Service
Security Kernel
Simulation
48. An administrative unit or a group of objects and subjects controlled by one reference monitor
Concatenation
Multi-Processing
Security Domain
Secondary Storage
49. A race condition where the security changes during the object's access
Civil Law
Time Of Check/Time Of Use
Double Blind Testing
State Machine Model
50. Recovery alternative - complete duplication of services including personnel
Mirrored Site
Slack Space
Symmetric
Instance