SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Moving letters around
Permutation /Transposition
Full-Interruption test
Incident Response
Multi-Processor
2. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities
Evidence
BCP Testing Drills and Exercises
Recovery Strategy
Burn
3. To collect many small pieces of data
Pointer
Aggregation
ISO/IEC 27002
Information Technology Security Evaluation Criteria - ITSEC
4. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.
Mandatory Vacations
Eavesdropping
File Extension
Redundant Array Of Independent Drives (RAID)
5. Return to a normal state
Recovery
Computer System Evidence
Hot Spares
Operational
6. The core logic engine of an operating system which almost never changes
Binary
Liability
Cookie
Kernel
7. System of law based upon precedence - with major divisions of criminal - tort - and administrative
Common Law
Multi-Party Control
Corrective
Archival Data
8. A choice in risk management - to convince another to assume risk - typically by payment
Transfer
Monitor
Mobile Site
Rogue Access Points
9. An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business - as well as legal or regulatory impacts.
Remanence
Service Bureau
Mission-Critical Application
Remote Journaling
10. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing
Technical Access Controls
Damage Assessment
Source Routing Exploitation
Codec
11. Another subject cannot see an ongoing or pending update until it is complete
Cross Certification
Information Risk Management (IRM)
Slack Space
Isolation
12. Controls for logging and alerting
Forensic Copy
Cold Site
Reference Monitor
Intrusion Detection Systems
13. Planning for the delegation of authority required when decisions must be made without the normal chain of command
Labeling
Permutation /Transposition
Executive Succession
UPS
14. The level and label given to an individual for the purpose of compartmentalization
Security Clearance
Proxies
Hacker
Admissible
15. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.
Inrush Current
Emergency Operations Center (EOC)
Worldwide Interoperability for Microwave Access (WI-MAX )
Restoration
16. Interception of a communication session by an attacker.
Hijacking
Critical Functions
5 Rules Of Evidence
Analysis
17. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.
Consistency
File Shadowing
Kerberos
Authorization
18. Define the way in which the organization operates.
MOM
Critical Infrastructure
Teardrop
Proprietary
19. System mediation of access with the focus on the context of the request
Key Space
Content Dependent Access Control
Alternate Site
Brownout
20. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.
Bollard
Encipher
Checklist Test
Recovery Point Objective (RPO)
21. A trusted issuer of digital certificates
Structured Walk-Through Test
Slack Space
Pointer
Certification Authority
22. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions
Orange Book D Classification
Birthday Attack
Checkpoint
Encryption
23. Control category - more than one control on a single asset
EMI
Compensating
Multi-Core
Pointer
24. The chance that something negative will occur
Databases
Information Owner
DR Or BC Coordinator
Risk
25. Tool which mediates access
Chain Of Custody
True Attack Stimulus
Control
Checklist Test (desk check)
26. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.
Emergency
Exercise
Storage Area Network (SAN)
Byte
27. A mail server that improperly allows inbound SMTP connections for domains it does not serve.
Open Mail Relay Servers
ff Site
Capability Tables
Data Dictionary
28. Intellectual property management technique for identifying after distribution
Operating
Watermarking
Sniffing
Metadata
29. Review of data
Copyright
Interception
Masquerading
Analysis
30. To ensure that evidence will be admissible in court by showing it was properly controlled and handled before being presented in court
Structured Walk-Through Test
Checklist Test
Remote Journaling
Chain of Custody
31. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.
Encryption
Examples of technical security components
Trojan Horse
Databases
32. One entity with two competing allegiances
Triage
Conflict Of Interest
Information Risk Management (IRM)
Mandatory
33. More than one process in the middle of executing at a time
Classification Scheme
Substitution
Multi-Tasking
Operational
34. A basic level of network access control that is based upon information contained in the IP packet header.
Data Warehouse
Data Recovery
Firewall
Packet Filtering
35. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).
Discretionary Access Control (DAC)
Multi-Programming
Activation
Job Rotation
36. The problems solving state - the opposite of supervisor mode
Generator
User Mode (problem or program state)
Fire Suppression
Key Clustering
37. Searching for wireless networks in a moving car.
Containment
Separation Of Duties
Content Dependent Access Control
War Driving
38. Moving the alphabet intact a certain number spaces
Time Of Check/Time Of Use
Data Dictionary
Shift Cipher (Caesar)
Kerckhoff's Principle
39. The process of identifying - accessing - reducing risk to an acceptable level - and implementing the right countermeasure to maintain that level of risk
Switches
Restoration
Information Risk Management (IRM)
Patch Panels
40. To move from location to location - keeping the same function
File
File Sharing
Job Rotation
Mandatory Vacations
41. Quantity of risk remaining after a control is applied
Residual Risk
Logic Bomb
Orange Book C Classification
Collisions
42. Sudden rise in voltage in the power supply.
Interception
Salami
Total Risk
Surge
43. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity
Interpreter
Checkpoint
Object Oriented Programming (OOP)
Site Policy Awareness
44. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems
Criminal Law
Concentrator
Acronym for American Standard Code for Information Interchange (ASCII)
Identification
45. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.
Burn
Legacy Data
Data Dictionary
Fire Prevention
46. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.
Business Recovery Team
File Server
Parallel Test
Honeynet
47. Transaction controls for a database - a return to a previous state
Central Processing Unit (CPU)
Security Clearance
Strategic
Rollback
48. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.
Quantitative
Code
Fiber Optics
Polyalphabetic
49. Momentary loss of power
Operational Exercise
Content Dependent Access Control
Fault
Lattice
50. Induces a crime - tricks a person - and is illegal
Technical Access Controls
Byte Level Deletion
Entrapment
Firmware