SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.
Reference Monitor
Detection
Analysis
Collisions
2. Natural or human-readable form of message
Content Dependent Access Control
Plain Text
Proxies
ff Site
3. A process state - to be executing a process on the CPU
Information Flow Model
Patch Panels
Running
Algorithm
4. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.
Examples of technical security components
Basics Of Secure Design
Forensic Copy
Operational Impact Analysis
5. Intellectual property protection for an confidential and critical process
Trade Secret
Fire Suppression
Remote Journaling
Authentic
6. A design methodology which executes in a linear one way fashion
Brownout
Waterfall
Databases
Redundant Servers
7. Scrambled form of the message or data
Access Control Attacks
Threat Agent
Patch Panels
Cipher Text
8. The core of a computer that calculates
HTTP Response Splitting
Mission-Critical Application
Central Processing Unit (CPU)
Risk Mitigation
9. The level and label given to an individual for the purpose of compartmentalization
Security Clearance
Targeted Testing
Firewalls
Privacy Laws
10. Communication of a security incident to stakeholders and data owners.
Control
Interception
Steganography
Notification
11. Review of data
Analysis
Business Impact Assessment (BIA)
Consistency
MOM
12. After being seized - the investigator should make a bit mirror image copy of the storage media before doing anything else.
Computer System Evidence
Assembler
Examples of technical security components
On-Site
13. Summary of a communication for the purpose of integrity
Message Digest
Due Diligence
Operating
Custodian
14. Maximum tolerance for loss of certain business function - basis of strategy
Recovery Time Objectives
3 Types of harm Addressed in computer crime laws
Twisted Pair
Decipher
15. Independent malware that requires user interaction to execute
Access Point
Operational Test
Virus
Injection
16. A risk assessment method - measurable real money cost
Coaxial Cable
Quantitative
Highly Confidential
Exposure
17. Small data warehouse
Data Marts
Policy
Business Impact Analysis
Incident Handling
18. Program instructions based upon the CPU's specific architecture
Procedure
Machine Language (Machine Code)
Authorization
Switches
19. Record history of incident
Hearsay Evidence
Object Oriented Programming (OOP)
Multi-Tasking
Tracking
20. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.
File Sharing
Object Oriented Programming (OOP)
Concentrator
Emergency
21. Encryption system using a pair of mathematically related unequal keys
Checklist Test (desk check)
Asymmetric
Emergency Operations Center (EOC)
Qualitative
22. Eavesdropping on network communications by a third party.
Fragmented Data
Hash Function
Operational
Tapping
23. The core logic engine of an operating system which almost never changes
Machine Language (Machine Code)
Deleted File
Kernel
Codec
24. Code breaking - practice of defeating the protective properties of cryptography.
Bollard
Compensating
Tracking
Cryptanalysis
25. The partial or full duplication of data from a source database to one or more destination databases.
Domain
Life Cycle of Evidence
Electronic Vaulting
Database Replication
26. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.
Capability Tables
Satellite
System Downtime
Crisis
27. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.
Phishing
War Driving
Privacy Laws
Transfer
28. A choice in risk management - to convince another to assume risk - typically by payment
Transfer
Classification
Admissible
TCSEC (Orange Book)
29. The time period between a disaster and a return to normal functions - during which the disaster recovery plan is employed.
Waterfall
Recovery Period
Rollback
Directive
30. Power surge
Electrostatic Discharge
Isolation
Walk Though
Keyed-Hashing For Message Authentication
31. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions
Object Oriented Programming (OOP)
Resumption
JPEG (Joint Photographic Experts Group)
Detection
32. A collection of information designed to reduce duplication and increase integrity
File Extension
Coaxial Cable
Certification
Databases
33. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.
Data Leakage
Compensating
Technical Access Controls
Sharing
34. May be responsible for overall recovery of an organization or unit(s).
DR Or BC Coordinator
Keystroke Logging
Structured Walkthrough
Cryptanalysis
35. To stop damage from spreading
File
Containment
Workaround Procedures
Tactical
36. Use of specialized techniques for recovery - authentication - and analysis of electronic data
HTTP Response Splitting
Masked/Interruptible
Computer Forensics
Alert/Alarm
37. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources
Workaround Procedures
Twisted Pair
Hot Site
Hot Spares
38. To smooth out reductions or increases in power
Checkpoint
UPS
ITSEC
Decipher
39. Specific format of technical and physical controls that support the chosen framework and the architecture
Residual Risk
Physical Tampering
Infrastructure
Warm Site
40. To segregate for the purposes of labeling
Classification Scheme
Proprietary
Cryptovariable
Compartmentalize
41. Impossibility of denying authenticity and identity
Recovery Strategy
Fragmented Data
Non-Repudiation
Civil Law
42. To collect many small pieces of data
Aggregation
Sequence Attacks
TCSEC (Orange Book)
Fault Tolerance
43. A protocol for the efficient transmission of voice over the Internet
Salami
Logic Bomb
Voice Over IP (VOIP)
Sniffing
44. Cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components
File
MOM
Masked/Interruptible
Archival Data
45. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.
Decipher
Metadata
Multi-Tasking
Call Tree
46. The problems solving state - the opposite of supervisor mode
Instance
Monitor
Moore's Law
User Mode (problem or program state)
47. Actions measured against either a policy or what a reasonable person would do
Due Diligence
Forensic Copy
Coaxial Cable
Spiral
48. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.
Parallel Test
Hacker
Governance
Simulation Test
49. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements
Damage Assessment
Coaxial Cable
TCSEC (Orange Book)
Entrapment
50. A codename that refers to the study and mitigation of information disclosure via electromagnetic emanations from electronic equipment.
Hearsay
Alternate Site
Isolation
TEMPEST
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests