SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).
Disaster
Burn
Detective
Hub
2. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data
Byte Level Deletion
Sag/Dip
Multilevel Security System
Activation
3. Notification that a potential disaster situation exists or has occurred; direction for recipient to stand by for possible activation of disaster recovery plan.
Alert
Hacker
Full Test (Full Interruption)
Honeynet
4. Collection of data on business functions which determines the strategy of resiliency
Data Marts
Remote Journaling
Business Impact Assessment (BIA)
Business Impact Analysis
5. A failure of an IDS to detect an actual attack
Orange Book C2 Classification
Domain
False Negative
Mandatory Vacations
6. Malware that subverts the detective controls of an operating system
Cold Site
Rootkit
Bumping
Checklist Test
7. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions
Orange Book D Classification
Concentrator
Examples of non-technical security components
Embedded
8. A state for operating system tasks only
Walk Though
Network Attached Storage (NAS)
Proxies
Supervisor Mode (monitor - system - privileged)
9. Periodic - automatic and transparent backup of data in bulk.
Memory Management
Multi-Core
Electronic Vaulting
Database Replication
10. Code making
Quantitative
Cryptography
E-Mail Spoofing
Education
11. Moving letters around
Permutation /Transposition
BCP Testing Drills and Exercises
File
On-Site
12. An availability attack - to consume resources to the point of exhaustion
Directive
Multi-Processor
Multi-Party Control
Denial Of Service
13. Short period of low voltage.
Sag/Dip
Countermeasure
Quantitative Risk Analysis
Confidence Value
14. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems
Code
Test Plan
Acronym for American Standard Code for Information Interchange (ASCII)
Targeted Testing
15. Controls deployed to avert unauthorized and/or undesired actions.
Worldwide Interoperability for Microwave Access (WI-MAX )
Prevention
Emergency Procedures
Call Tree
16. Policy or stated actions
File Sharing
Open Mail Relay Servers
Degauss
Due Care
17. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.
Packet Filtering
Side Channel Attack
Critical Records
TCSEC (Orange Book)
18. Code breaking - practice of defeating the protective properties of cryptography.
Cryptanalysis
Mantrap (Double Door System)
Conflict Of Interest
Centralized Access Control Technologies
19. A one way - directed graph which indicates confidentiality or integrity flow
Voice Over IP (VOIP)
Change Control
Lattice
Patent
20. OOP concept of a class's details to be hidden from object
Binary
Packet Filtering
Encapsulation
Brute Force
21. A Denial of Service attack that exploits systems that are not able to handle malicious - overlapping and oversized IP fragments.
Proxies
SYN Flooding
Multiplexers
Teardrop
22. Security policy - procedures - and compliance enforcement
Conflict Of Interest
Examples of non-technical security components
Compensating
Call Tree
23. Wrong against society
Alternate Data Streams (File System Forks)
Criminal Law
Marking
Due Care
24. Unauthorized access of network devices.
Repeaters
Centralized Access Control Technologies
Proxies
Physical Tampering
25. The response of an organization to a disaster or other significant event that may significantly impact the organization - its people - or its ability to function productively.
Pointer
Non-Discretionary Access Control
Patch Management
Incident Response
26. Calculation encompassing threats - vulnerabilities and assets
Trademark
Service Bureau
Multiplexers
Total Risk
27. Binary decision by a system of permitting or denying access to the entire system
Embedded
Failure Modes and Effect Analysis (FEMA)
Authentication
Ring Protection
28. Maximum tolerance for loss of certain business function - basis of strategy
Discretionary
Recovery Time Objectives
Threats
Message Digest
29. Subject based description of a system or a collection of resources
Remote Journaling
Capability Tables
Remanence
Surge
30. The hard drive
Legacy Data
Application Programming Interface
Running
Secondary Storage
31. Transaction controls for a database - a return to a previous state
Overlapping Fragment Attack
Rollback
Emanations
Smurf
32. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.
Inrush Current
Uninterruptible Power Supply (UPS)
Modems
Steganography
33. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.
Classification
Civil Law
Sharing
Cipher Text
34. Use of specialized techniques for recovery - authentication - and analysis of electronic data
User
Computer Forensics
Marking
Orange Book B2 Classification
35. Record of system activity - which provides for monitoring and detection.
Log
Crisis
Process Isolation
Territoriality
36. Creation distribution update and deletion
Running
Intrusion Prevention Systems
Key Management
Civil Law
37. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.
Satellite
Activation
Trademark
Remote Journaling
38. Malware that uses the trust on a website to redirect users to untrusted websites which captures data or installs more malware
Cross-Site Scripting
Cross Training
Worldwide Interoperability for Microwave Access (WI-MAX )
ISO/IEC 27002
39. Recovery alternative which includes cold site and some equipment and infrastructure is available
Data Dictionary
Fault
Warm Site
Covert Channel
40. A race condition where the security changes during the object's access
Firmware
Time Of Check/Time Of Use
Internal Use Only
Locard's Principle
41. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress
Criminal Law
True Attack Stimulus
Basics Of Secure Design
System Downtime
42. High level design or model with a goal of consistency - integrity - and balance
Architecture
Hot Spares
Detection
Mandatory
43. The first rating that requires security labels
Orange Book B1 Classification
Data Dictionary
Bit
Standard
44. Not fulfilling legally recognized obligation - failure to conform to a standard of care that results in injury or damage - and proximate causation - not practicing due diligence - or due care - not following prudent person (doing due diligence in due
Elements of Negligence
Rollback
Access Control Lists
Uninterruptible Power Supply (UPS)
45. Mitigation of system or component loss or interruption through use of backup capability.
Forensic Copy
Shielding
Fault Tolerance
Burn
46. Searching for wireless networks in a moving car.
War Driving
Algorithm
Operating
Private Branch Exchange (PBX)
47. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.
Plaintext
Architecture
Symmetric
Checkpoint
48. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.
Encryption
Burn
Directive
Multi-Tasking
49. Implementation of operating system protection mechanism - where more sensitive built upon the layering concept
Faraday Cage/ Shield
Interference (Noise)
Firmware
Ring Protection
50. Controls for logging and alerting
Machine Language (Machine Code)
Intrusion Detection Systems
Administrative Access Controls
Race Condition
