SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Unchecked data which spills into another location in memory
Metadata
Least Privilege
Monitor
Buffer Overflow
2. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives
Fire Detection
Concatenation
Business Continuity Steering Committee
Memory Management
3. Try a list of words in passwords or encryption keys
The ACID Test
Picking
Dictionary Attack
Hacker
4. A passive network attack involving monitoring of traffic.
Multi-Tasking
Complete
Reference Monitor
Eavesdropping
5. Server optimized for providing file-based data storage to the network. Unlike a File Server - a NAS unit has no input or output devices - and the OS is dedicated for providing storage services.
Data Hiding
Application Programming Interface
Hearsay Evidence
Network Attached Storage (NAS)
6. A system designed to prevent unauthorized access to or from a private network.
Orange Book B1 Classification
On-Site
Firewall
Tactical
7. Companies should have their own team - made up of ppl from management - IT leagal - HR - and public relations - security and other key areas
Incident Response Team
Compartmentalize
Modems
Business Recovery Team
8. A template for the designing the architecture
Content Dependent Access Control
Assembler
Security Blueprint
Isolation
9. Authentication protocol which only uses symmetric session keys between principals distributed by a 3rd party using different preshared symmetric keys
Operational Exercise
Kerberos
Storage Area Network (SAN)
Encapsulation
10. Outputs within a given function are the same result
Mandatory Vacations
Collisions
False Negative
Countermeasure
11. Memory management technique which allows data to be moved from one memory address to another
Relocation
Examples of non-technical security components
Shadowing (file shadowing)
Business Interruption
12. An availability attack - to consume resources to the point of exhaustion
Denial Of Service
Worldwide Interoperability for Microwave Access (WI-MAX )
Recovery
SYN Flooding
13. The level and label given to an individual for the purpose of compartmentalization
Symmetric
Security Clearance
System Downtime
Ring Protection
14. RADIUS - TACACS+ - Diameter
Centralized Access Control Technologies
Standalone Test
Business Unit Recovery
Slack Space
15. Written step-by-step actions
Electromagnetic Interference (EMI)
Encapsulation
Procedure
Total Risk
16. System of law based upon what is good for society
Civil Or Code Law
Risk Mitigation
Machine Language (Machine Code)
Near Site
17. Effort/time needed to overcome a protective measure
Lattice
Object Reuse
Wait
Work Factor
18. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.
Data Leakage
Event
Business Continuity Program
Strategic
19. Some systems are actually run at the alternate site
Exposure
Containment
Parallel Test
Chain Of Custody
20. Reduces causes of fire
Spam
Covert Channel
Fire Prevention
Entrapment
21. To know more than one job
Fraggle
Multilevel Security System
Threats
Cross Training
22. To segregate for the purposes of labeling
Rollback
Burn
Compartmentalize
Multiplexers
23. Claiming another's identity at a physical level
Work Factor
Reference Monitor
Failure Modes and Effect Analysis (FEMA)
Masquerading
24. Mediates communication between un-trusted hosts on behalf of the hosts that it protects.
Inrush Current
Concentrator
Faraday Cage/ Shield
Proxies
25. A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.
Corrective
Processes are Isolated By
Emergency Procedures
Parallel Test
26. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.
Exercise
Control Category
Trojan Horse
Critical Records
27. Mediation of subject and object interactions
Access Control
Top Secret
Open Mail Relay Servers
Containment
28. Requirement to take time off
Mandatory Vacations
File
Double Blind Testing
Top Secret
29. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.
Life Cycle of Evidence
Ring Protection
Privacy Laws
Firewall
30. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid
Civil Law
Packet Filtering
Replication
Qualitative
31. OOP concept of an object at runtime
Instance
Data Dictionary
Residual Risk
Emanations
32. A type of attack involving attempted insertion - deletion or altering of data.
Moore's Law
Least Privilege
Modification
Chain of Custody
33. A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the security policy
Hacker
Codec
Assembler
SQL Injection
34. An activity that is performed for the purpose of training and conditioning team members - and improving their performance.
SYN Flooding
File Extension
Exercise
Reciprocal Agreement
35. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.
Active Data
File Shadowing
Hearsay Evidence
Multi-Core
36. A programming design concept which abstracts one set of functions from another in a serialized fashion
Layering
Directive
Contingency Plan
Polyalphabetic
37. A database that contains the name - type - range of values - source and authorization for access for each data element
Exposure
Data Dictionary
Administrative Law
Access Control
38. A perpetrator leaves something behind or takes something with them at the scene of a crime
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
39. Searching for wireless networks in a moving car.
Debriefing/Feedback
Recovery Strategy
War Driving
Data Integrity
40. Firewalls - encryption - and access control lists
Business Unit Recovery
Examples of technical security components
Hash Function
File Level Deletion
41. To ensure that evidence will be admissible in court by showing it was properly controlled and handled before being presented in court
Atomicity
Chain of Custody
Race Condition
Corrective
42. A risk assessment method - intrinsic value
Full-Interruption test
Full Test (Full Interruption)
Qualitative
Kerberos
43. What is will remain - persistence
Asymmetric
Access Control Matrix
Trojan Horse
Durability
44. Consume resources to a point of exhaustion - loss of availability
Incident Handling
Denial Of Service
Threats
Waterfall
45. One method of exercising teams in which participants are challenged to determine the actions they would take in the event of a specific disaster scenario. Mock disasters usually involve all - or most - of the applicable teams.
Object
Mock Disaster
Information Risk Management (IRM)
Labeling
46. May be responsible for overall recovery of an organization or unit(s).
Mixed Law System
Data Owner
DR Or BC Coordinator
Multi-Tasking
47. A state where two subjects can access the same object without proper mediation
Redundant Array Of Independent Drives (RAID)
Countermeasure
Symmetric
Race Condition
48. Adversary intercepts encrypted communications - decrypts - views - encrypts - and send along to the true destination
Man-In-The-Middle Attack
Disk Mirroring
Databases
Qualitative
49. A Denial of Service attack that exploits systems that are not able to handle malicious - overlapping and oversized IP fragments.
Tactical
UPS
Teardrop
Classification
50. Rapid switching back and forth between programs from the computer's perspective and appearing to do more that one thing at a time from the user's perspective
Sag/Dip
Framework
Multi-Programming
Buffer Overflow