SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A mathematical tool for verifying no unintentional changes have been made
Decipher
Identification
5 Rules Of Evidence
Checksum
2. The study of cryptography and cryptanalysis
Access Point
Walk Though
Cryptology
Corrective
3. To move from location to location - keeping the same function
Compression
Locard's Principle
Job Rotation
Database Shadowing
4. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.
Metadata
Physical Tampering
Call Tree
Access Point
5. A collection of data or information that has a name
Boot (V.)
File
Fire Detection
Eavesdropping
6. Record history of incident
Multi-Processor
Tracking
Multi-Processing
Service Bureau
7. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.
Operational Impact Analysis
Distributed Processing
Chain Of Custody
Critical Infrastructure
8. A value an organization places on an IDS based on past performance and analysis to help determine its ability to effectively identify an attack
Confidence Value
Radio Frequency Interference (RFI)
Intrusion Detection Systems
Recovery
9. Objects or programming that looks the different but act same
Masked/Interruptible
Polymorphism
Infrastructure
UPS
10. Alerts personnel to the presence of a fire
User Mode (problem or program state)
Fire Detection
Mixed Law System
Symmetric
11. To load the first piece of software that starts a computer.
Boot (V.)
Trade Secret
Mission-Critical Application
Virtual Memory
12. Evaluation of a system without prior knowledge by the tester
Orange Book A Classification
Initialization Vector
Blind Testing
Exercise
13. An asymmetric cryptography mechanism that provides authentication.
Analysis
Accountability
Security Clearance
Digital Signature
14. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives
Memory Management
Qualitative
Mobile Recovery
TIFF (Tagged Image File Format)
15. A trusted issuer of digital certificates
Inrush Current
False Negative
Simulation
Certification Authority
16. Organization way of classifying data by factors such as criticality - sensitivity and ownership.
Mock Disaster
Digital Certificate
Operational Impact Analysis
Classification Scheme
17. A back up type - where the organization has excess capacity in another location.
Distributed Processing
Architecture
Due Diligence
Accreditation
18. A layer 2 device that used to connect two or more network segments and regulate traffic.
Risk Assessment
Switches
Forensic Copy
Redundant Servers
19. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.
Keystroke Logging
Job Rotation
Structured Walkthrough
Fault
20. Disruption of operation of an electronic device due to a competing electromagnetic field.
EMI
Information Owner
Concatenation
Workaround Procedures
21. A failure of an IDS to detect an actual attack
Highly Confidential
Recovery Time Objectives
Job Rotation
False Negative
22. Joining two pieces of text
Object Reuse
Mantrap (Double Door System)
Digital Signature
Concatenation
23. Representatives from each functional area or department get together and walk through the plan from beginning to end.
Structured Walk-Through Test
Multiplexers
War Driving
Business Recovery Team
24. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.
Disaster Recovery Plan
Multi-Processor
Open Mail Relay Servers
Business Interruption
25. A risk assessment method - intrinsic value
Qualitative
Slack Space
Threats
Encipher
26. Part of a transaction control for a database which informs the database of the last recorded transaction
Kerckhoff's Principle
Checkpoint
Common Criteria
Ethics
27. Control category- to give instructions or inform
Restoration
Spyware
Directive
Recovery Period
28. Use of specialized techniques for recovery - authentication - and analysis of electronic data
Computer Forensics
Operating
Attacker (Black hat - Hacker)
Alternate Site
29. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions
Data Diddler
Orange Book D Classification
Business Continuity Steering Committee
Rogue Access Points
30. Eavesdropping on network communications by a third party.
Sniffing
CPU Cache
Mandatory
Overlapping Fragment Attack
31. The core of a computer that calculates
Central Processing Unit (CPU)
Certification
Contingency Plan
IP Address Spoofing
32. Authentication protocol which only uses symmetric session keys between principals distributed by a 3rd party using different preshared symmetric keys
Routers
Cross-Site Scripting
Fault Tolerance
Kerberos
33. The principles a person sets for themselves to follow
Overlapping Fragment Attack
Cryptology
Ethics
Shielding
34. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.
Site Policy Awareness
Analysis
Fire Classes
Disk Mirroring
35. Memory management technique which allows data to be moved from one memory address to another
High-Risk Areas
Operational
Relocation
Liability
36. Server optimized for providing file-based data storage to the network. Unlike a File Server - a NAS unit has no input or output devices - and the OS is dedicated for providing storage services.
Network Attached Storage (NAS)
Data Leakage
Inheritance
Instance
37. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.
Threats
Business Recovery Team
On-Site
Bridge
38. Mediation of covert channels must be addressed
CPU Cache
Confidence Value
Information Flow Model
Patent
39. A Denial of Service attack initiated by sending spoofed UDP echo request to IP broadcast addresses. (See Smurf)
Packet Filtering
Information Technology Security Evaluation Criteria - ITSEC
Fraggle
Authorization
40. Identification and notification of an unauthorized and/or undesired action
Bollard
Crisis
Detection
Data Recovery
41. Memory management technique which allows subjects to use the same resource
Least Privilege
Discretionary
Sharing
Trade Secret
42. To reduce sudden rises in current
Disk Mirroring
Certificate Revocation List (CRL)
Mobile Recovery
Surge Suppressor
43. A programming design concept which abstracts one set of functions from another in a serialized fashion
Data Custodian
Trapdoors (Backdoors) (Maintenance Hooks)
Layering
EMI
44. To break a business process into separate functions and assign to different people
Modification
Separation Of Duties
Chain Of Custody
Spyware
45. Responsibility of a user for the actions taken by their account which requires unique identification
Object Reuse
Sampling
Accountability
Codec
46. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.
Data Custodian
Twisted Pair
Certification Authority
Deadlock
47. A form of data hiding which protects running threads of execution from using each other's memory
Firewalls
Process Isolation
Interception
Authentication
48. Need to understand both the assets that need to be protected and management's priorities - Also be prepared to adjust the design over time - and verify the design has been implemented correctly - need to be good negotiator - artist and analyst.
TEMPEST
DR Or BC Coordinator
Basics Of Secure Design
Key Escrow
49. A database backup type which records at the transaction level
Transients
Man-In-The-Middle Attack
Failure Modes and Effect Analysis (FEMA)
Remote Journaling
50. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions
Resumption
Revocation
Containment
Monitor
