SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Pertaining to law - verified as real
Algorithm
Alarm Filtering
Authentic
Journaling
2. Act of luring an intruder and is legal.
Enticement
Virtual Memory
Deletion
Double Blind Testing
3. System of law based upon precedence - with major divisions of criminal - tort - and administrative
Chain Of Custody
Mission-Critical Application
Modification
Common Law
4. Control category- to give instructions or inform
Directive
Picking
Standard
Business Impact Assessment (BIA)
5. An attack that breaks up malicious code into fragments - in an attempt to elude detection.
Buffer Overflow
IP Fragmentation
Kerberos
Emanations
6. Substitution at the word or phrase level
Encapsulation
Deterrent
Chain of Custody
Code
7. Another subject cannot see an ongoing or pending update until it is complete
Fragmented Data
Bollard
Multiplexers
Isolation
8. To break a business process into separate functions and assign to different people
Identification
Transfer
Complete
Separation Of Duties
9. To segregate for the purposes of labeling
File
Compartmentalize
Due Diligence
Access Control Attacks
10. System of law based upon what is good for society
Education
Microwave
Civil Or Code Law
Criminal Law
11. A Denial of Service attack that exploits packet filter firewalls that only inspect the initial fragment of a fragmented packet.
Accountability
Multiplexers
Overlapping Fragment Attack
Vital Record
12. Recording the Who What When Where How of evidence
Chain Of Custody
Botnet
BCP Testing Drills and Exercises
True Attack Stimulus
13. Fault tolerance for power
Symmetric
Central Processing Unit (CPU)
Hard Disk
Generator
14. Line by line translation from a high level language to machine code
Covert Channel
Interpreter
UPS
Fault Tolerance
15. Unauthorized wireless network access device.
Twisted Pair
Cookie
Data Hiding
Rogue Access Points
16. A type of attack involving attempted insertion - deletion or altering of data.
Shift Cipher (Caesar)
Multiplexers
Modification
Business Continuity Planning (BCP)
17. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.
Time Of Check/Time Of Use
Kernel
Reference Monitor
ff Site
18. Try a list of words in passwords or encryption keys
Legacy Data
Replication
Dictionary Attack
Initialization Vector
19. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.
Key Escrow
Journaling
Hot Spares
Wait
20. To reduce fire
Fire Suppression
Symmetric
Mixed Law System
Storage Area Network (SAN)
21. A world-wide wireless technology
Wireless Fidelity (Wi-Fi )
Risk Assessment / Analysis
Fire Suppression
Sag/Dip
22. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.
Quantitative Risk Analysis
Hard Disk
Deterrent
Evidence
23. Outputs within a given function are the same result
Operational
Full Test (Full Interruption)
Open Mail Relay Servers
Collisions
24. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor
Coaxial Cable
Threads
Bridge
On-Site
25. OOP concept of a template that consist of attributes and behaviors
Orange Book C2 Classification
Class
Countermeasure
E-Mail Spoofing
26. To set the clearance of a subject or the classification of an object
Labeling
Repeaters
Firewalls
Business Records
27. Evidence must be: admissible - authentic - complete - accurate - and convincing
Forward Recovery
5 Rules Of Evidence
Business Continuity Planning (BCP)
File Sharing
28. Uncheck data input which results in redirection
Architecture
Threats
HTTP Response Splitting
DR Or BC Coordinator
29. Key
Cryptovariable
Watermarking
Rootkit
Trademark
30. Reduces causes of fire
Running Key
Fire Prevention
Symmetric
Complete
31. Amount of time for restoring a business process or function to normal operations without major loss
Pervasive Computing and Mobile Computing Devices
Maximum Tolerable Downtime (MTD)
Machine Language (Machine Code)
Payload
32. Lower frequency noise
Radio Frequency Interference (RFI)
Tactical
Threat Agent
Multi-Party Control
33. A device that sequentially switches multiple analog inputs to the output.
Kernel
Multiplexers
State Machine Model
Fault
34. Effort/time needed to overcome a protective measure
Emergency Procedures
Critical Records
Disaster Recovery Plan
Work Factor
35. Ertaining to a number system that has just two unique digits.
Binary
Plan Maintenance Procedures
Man-In-The-Middle Attack
Interpreter
36. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.
Logic Bomb
Multilevel Security System
Interpreter
Classification Scheme
37. Object based description of a single resource and the permission each subject
Restoration
Access Control Lists
Notification
Patent
38. A failure of an IDS to detect an actual attack
Highly Confidential
False Negative
Recovery
False (False Positive)
39. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.
Trojan Horse
Plaintext
Assembler
Call Tree
40. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists
Time Of Check/Time Of Use
Business Records
Application Programming Interface
Mandatory Vacations
41. Collection of data on business functions which determines the strategy of resiliency
Database Replication
Business Impact Assessment (BIA)
Accreditation
Data Backups
42. Alerts personnel to the presence of a fire
Enticement
Steganography
Privacy Laws
Fire Detection
43. A process state - (blocked) needing input before continuing
Replication
Internal Use Only
Confidence Value
Wait
44. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.
Teardrop
Business Unit Recovery
Detection
Phishing
45. Independent malware that requires user interaction to execute
Sniffing
Uninterruptible Power Supply (UPS)
Virus
Discretionary Access Control (DAC)
46. Actions measured against either a policy or what a reasonable person would do
Due Diligence
Enticement
System Life Cycle
Cryptovariable
47. Recovery alternative - short-term - high cost movable processing location
Near Site
Security Kernel
Mobile Site
System Downtime
48. Moving letters around
Reciprocal Agreement
Permutation /Transposition
Multilevel Security System
ff Site
49. Review of data
Information Risk Management (IRM)
TCSEC (Orange Book)
Incident Response
Analysis
50. Guidelines within an organization that control the rules and configurations of an IDS
Authentic
Bollard
Site Policy
Eavesdropping
