SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Joining two pieces of text
Cold Site
Processes are Isolated By
Business Records
Concatenation
2. For PKI - decertify an entities certificate
Corrective
Attacker (Black hat - Hacker)
Revocation
Interception
3. High level design or model with a goal of consistency - integrity - and balance
Vulnerability
Job Training
Masquerading
Architecture
4. Individuals and departments responsible for the storage and safeguarding of computerized data.
Mobile Recovery
Walk Though
Data Custodian
Classification
5. Narrow scope examination of a system
Recovery
Targeted Testing
User
Radio Frequency Interference (RFI)
6. Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).
Degauss
False (False Positive)
Countermeasure
Alert/Alarm
7. A type a computer memory that temporarily stores frequently used information for quick access.
Embedded Systems
Cache
Orange Book C2 Classification
Hard Disk
8. Someone who want to know how something works - typically by taking it apart
Hacker
Simulation
Authorization
Data Dictionary
9. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress
Recovery Period
TNI (Red Book)
Maximum Tolerable Downtime (MTD)
True Attack Stimulus
10. Wrong against society
Containment
Criminal Law
Computer System Evidence
Critical Functions
11. Memory management technique which allows subjects to use the same resource
Basics Of Secure Design
Non-Interference
Sharing
Spyware
12. Weak evidence
Hearsay
Processes are Isolated By
Worldwide Interoperability for Microwave Access (WI-MAX )
File Shadowing
13. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists
Business Records
Radio Frequency Interference (RFI)
Security Domain
Fire Suppression
14. Information which has retained its importance - but which has been created or stored by software/hardware that has been rendered obsolete.
Legacy Data
Crisis
Risk
Remote Journaling
15. A collection of information designed to reduce duplication and increase integrity
Security Domain
Incident Manager
Databases
Site Policy Awareness
16. Creation distribution update and deletion
Archival Data
Structured Walk-Through Test
Moore's Law
Key Management
17. RADIUS - TACACS+ - Diameter
Virus
Keystroke Logging
Activation
Centralized Access Control Technologies
18. Record history of incident
Blackout
Tracking
File Extension
File Level Deletion
19. Can be statistical (monitor behavior) or signature based (watch for known attacks)
ff Site
Wireless Fidelity (Wi-Fi )
IDS Intrusion Detection System
Fragmented Data
20. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.
Compiler
Operational Impact Analysis
Targeted Testing
Polyalphabetic
21. Third party processes used to organize the implementation of an architecture
Class
Authentication
Framework
Checklist Test (desk check)
22. Organization way of classifying data by factors such as criticality - sensitivity and ownership.
Classification Scheme
Separation Of Duties
Life Cycle of Evidence
Birthday Attack
23. A disturbance that degrades performance of electronic devices and electronic communications.
Masquerading
5 Rules Of Evidence
Orange Book C2 Classification
Radio Frequency Interference (RFI)
24. A telephone exchange for a specific office or business.
Policy
Multilevel Security System
Compression
Private Branch Exchange (PBX)
25. Cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components
Asymmetric
Access Control
Storage Area Network (SAN)
Masked/Interruptible
26. A temporary public file to inform others of a compromised digital certificate
Recovery Time Objectives
Highly Confidential
Certificate Revocation List (CRL)
Crisis
27. OOP concept of a taking attributes from the original or parent
Inheritance
Recovery
Call Tree
Kernel
28. The core logic engine of an operating system which almost never changes
Kernel
Covert Channel
Moore's Law
Watermarking
29. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.
Critical Functions
Key Space
War Dialing
Chain Of Custody
30. A form of data hiding which protects running threads of execution from using each other's memory
Process Isolation
Information Flow Model
Threats
3 Types of harm Addressed in computer crime laws
31. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.
Change Control
Voice Over IP (VOIP)
Initialization Vector
Cold Site
32. Trading one for another
Cryptanalysis
Substitution
Cache
Business Continuity Program
33. Subset of operating systems components dedicated to protection mechanisms
Job Rotation
Degauss
Orange Book C Classification
Security Kernel
34. Moving the alphabet intact a certain number spaces
Hearsay
Mandatory
Data Diddler
Shift Cipher (Caesar)
35. Controls for termination of attempt to access object
Picking
Inheritance
Storage Area Network (SAN)
Intrusion Prevention Systems
36. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.
Classification
Virtual Memory
Machine Language (Machine Code)
Operational Impact Analysis
37. Two certificate authorities that trust each other
Forensic Copy
Cross Certification
Wait
Policy
38. A backup type which creates a complete copy
Common Criteria
Near Site
Replication
Ring Protection
39. A planned or unplanned interruption in system availability.
System Downtime
Cryptanalysis
Data Marts
Supervisor Mode (monitor - system - privileged)
40. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."
Disaster Recovery Tape
Hacker
Due Diligence
Tort
41. Information that - if made public or even shared around the organization - could seriously impede the organization's operations
Highly Confidential
Emanations
Trade Secret
Orange Book B1 Classification
42. Business and technical process of applying security software updates in a regulated periodic way
Electrostatic Discharge
Fault
Patch Management
Accurate
43. Evidence must be: admissible - authentic - complete - accurate - and convincing
Incident Handling
Primary Storage
Access Control Matrix
5 Rules Of Evidence
44. System mediation of access with the focus on the context of the request
Brute Force
Content Dependent Access Control
Distributed Processing
Multi-Tasking
45. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements
TNI (Red Book)
Sniffing
Criminal Law
Polymorphism
46. Recognition of an individual's assertion of identity.
Identification
Control Type
Sniffing
Redundant Servers
47. To know more than one job
War Driving
Classification Scheme
Cross Training
Education
48. A layer 2 device that used to connect two or more network segments and regulate traffic.
Full-Interruption test
Degauss
IP Fragmentation
Switches
49. A device that provides the functions of both a bridge and a router.
Brouter
Worm
Relocation
Common Criteria
50. The one person responsible for data - its classification and control setting
Information Owner
SYN Flooding
Directive
Deterrent