SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Requires two of the three user authentication attributes (knows - is or has) - e.g. you have an ATM card and enter a PIN
Quantitative
Strong Authentication
Orange Book B2 Classification
Distributed Processing
2. Real-time data backup ( Data Mirroring)
Database Shadowing
Layering
Identification
Job Rotation
3. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?
Risk Assessment
Side Channel Attack
Walk Though
Damage Assessment
4. OOP concept of a distinct copy of the class
Race Condition
Archival Data
Surveillance
Object
5. To execute more than one instruction at an instant in time
Payload
Consistency
Multi-Processing
Concentrator
6. A race condition where the security changes during the object's access
Time Of Check/Time Of Use
Spyware
Inheritance
Warm Site
7. Cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components
Emergency
Discretionary
Masked/Interruptible
Residual Risk
8. Two certificate authorities that trust each other
Business Impact Assessment (BIA)
Embedded
Cross Certification
Birthday Attack
9. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.
Access Control
Hard Disk
Intrusion Detection Systems
Hearsay
10. Written internalized or nationalized norms that are internal to an organization
Standard
CPU Cache
Sniffing
Orange Book C Classification
11. Hiding the fact that communication has occurred
Checklist Test
Steganography
Security Kernel
Data Leakage
12. An availability attack - to consume resources to the point of exhaustion from multiple vectors
Record Level Deletion
Blackout
Key Management
Distributed Denial Of Service
13. RADIUS - TACACS+ - Diameter
Data Custodian
ISO/IEC 27002
Fault Tolerance
Centralized Access Control Technologies
14. Descrambling the encrypted message with the corresponding key
Decipher
Trojan Horse
Activation
File Server
15. System of law based upon precedence - with major divisions of criminal - tort - and administrative
Adware
Common Law
Remote Access Trojan
Application Programming Interface
16. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.
Administrative Access Controls
Object Reuse
Time Of Check/Time Of Use
Forward Recovery
17. Recognition of an individual's assertion of identity.
Remanence
Object Reuse
Identification
Object
18. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources
Redundant Array Of Independent Drives (RAID)
Multi-Party Control
Workaround Procedures
Bridge
19. Potentially compromising leakage of electrical or acoustical signals.
Emanations
Physical Tampering
Fire Classes
Cold Site
20. Scrambled form of the message or data
Cipher Text
Keystroke Logging
Modification
Database Shadowing
21. High level design or model with a goal of consistency - integrity - and balance
Structured Walk-Through Test
Architecture
Operational Test
Computer Forensics
22. Control type- that is communication based - typically written or oral
Privacy Laws
Authentic
Administrative
Fault Tolerance
23. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.
Polymorphism
Burn
Governance
Orange Book D Classification
24. Recording the Who What When Where How of evidence
Classification
Degauss
Chain Of Custody
Labeling
25. To evaluate the current situation and make basic decisions as to what to do
Proxies
Denial Of Service
Business Recovery Timeline
Triage
26. Owner directed mediation of access
Monitor
Containment
File Sharing
Discretionary
27. Pertaining to law - lending it self to one side of an argument
Class
Convincing
Time Of Check/Time Of Use
High-Risk Areas
28. Define the way in which the organization operates.
Access Point
Microwave
Proprietary
Checklist Test
29. A world-wide wireless technology
Class
Kernel
Logic Bomb
Wireless Fidelity (Wi-Fi )
30. Information about a particular data set
Metadata
Bollard
Business Unit Recovery
Incident Manager
31. Specific format of technical and physical controls that support the chosen framework and the architecture
Infrastructure
Dictionary Attack
Parallel Test
Operational Impact Analysis
32. A temporary public file to inform others of a compromised digital certificate
Content Dependent Access Control
Certificate Revocation List (CRL)
Data Leakage
Network Attached Storage (NAS)
33. An alert or alarm that is triggered when no actual attack has taken place
Business Unit Recovery
Plaintext
False (False Positive)
Total Risk
34. A group or network of honeypots
Infrastructure
Honeynet
3 Types of harm Addressed in computer crime laws
Aggregation
35. The response of an organization to a disaster or other significant event that may significantly impact the organization - its people - or its ability to function productively.
Examples of non-technical security components
Incident Response
Noise
Sampling
36. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.
Business Recovery Timeline
Data Dictionary
Administrative
Disk Mirroring
37. Transaction controls for a database - a return to a previous state
Supervisor Mode (monitor - system - privileged)
Rollback
File Level Deletion
Change Control
38. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.
Phishing
Deleted File
High-Risk Areas
Masquerading
39. A practice execution of the plan takes place. A specific scenario is established - and the simulation continues up to the point of actual relocation to the alternate site.
Simulation Test
Information Risk Management (IRM)
TIFF (Tagged Image File Format)
Machine Language (Machine Code)
40. Weakness or flaw in an asset
Vulnerability
Public Key Infrastructure (PKI)
Triage
Waterfall
41. Planning for the delegation of authority required when decisions must be made without the normal chain of command
Executive Succession
Stopped
Tapping
Salami
42. Reprogrammable basic startup instructions
Firmware
Risk Assessment / Analysis
Cross-Site Scripting
Data Diddler
43. A disturbance that degrades performance of electronic devices and electronic communications.
Kernel
Attacker (Black hat - Hacker)
Fiber Optics
Radio Frequency Interference (RFI)
44. Record history of incident
Confidence Value
Operational
Tracking
Running
45. Threats x Vulnerability x Asset Value = Total Risk
Digital Signature
Total Risk
Virus
Mobile Site
46. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a hub).
Hub
State Machine Model
Full Test (Full Interruption)
Concentrator
47. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.
Object Oriented Programming (OOP)
Buffer Overflow
File Shadowing
On-Site
48. Searching for wireless networks in a moving car.
Brute Force
War Driving
Data Diddler
Virus
49. Intellectual property protection for the expression of an idea
Copyright
Data Dictionary
Orange Book B1 Classification
Redundant Servers
50. Actions measured against either a policy or what a reasonable person would do
Business Unit Recovery
Vulnerability
Due Diligence
Alternate Data Streams (File System Forks)
