SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Line by line translation from a high level language to machine code
Initialization Vector
Interpreter
Durability
Acronym for American Standard Code for Information Interchange (ASCII)
2. Specific format of technical and physical controls that support the chosen framework and the architecture
Non-Repudiation
Infrastructure
Total Risk
Keyed-Hashing For Message Authentication
3. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data
Residual Risk
Identification
Byte Level Deletion
Embedded Systems
4. Archival Data is information that is not directly accessible to the user of a computer system but that the organization maintains for long-term storage and record keeping purposes.
Archival Data
Content Dependent Access Control
Machine Language (Machine Code)
Life Cycle of Evidence
5. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements
Exposure
Initialization Vector
Interpreter
TNI (Red Book)
6. Someone who wants to cause harm
Attacker (Black hat - Hacker)
Disaster Recovery Plan
Cache
Patch Panels
7. Recovery alternative - everything needed for the business function - except people and last backup
Policy
Hot Site
Databases
Kernel
8. Business and technical process of applying security software updates in a regulated periodic way
Supervisor Mode (monitor - system - privileged)
Trojan Horse
Patch Management
Cross Training
9. A secure connection to another network.
Overlapping Fragment Attack
2-Phase Commit
Gateway
Access Control Lists
10. Statistical probabilities of a collision are more likely than one thinks
Operational Impact Analysis
Centralized Access Control Technologies
Total Risk
Birthday Attack
11. Using many alphabets
Polyalphabetic
Object Reuse
Control Type
Logic Bomb
12. A set of laws that the organization agrees to be bound by
Fire Prevention
Administrative Law
Forensic Copy
Data Owner
13. The managerial approval to operate a system based upon knowledge of risk to operate
Restoration
Information Technology Security Evaluation Criteria - ITSEC
Accreditation
Decipher
14. Impossibility of denying authenticity and identity
Off-Site Storage
Non-Repudiation
Marking
Residual Risk
15. Creation distribution update and deletion
Firewall
Debriefing/Feedback
Open Mail Relay Servers
Key Management
16. Final purpose or result
Embedded
Digital Certificate
Payload
Basics Of Secure Design
17. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements
Picking
Recovery Point Objective (RPO)
ITSEC
Isolation
18. To collect many small pieces of data
Shielding
Shadowing (file shadowing)
Aggregation
Data Dictionary
19. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."
Disaster Recovery Tape
Forward Recovery
Job Training
Time Of Check/Time Of Use
20. Inappropriate data
Malformed Input
Authorization
Emergency Procedures
Packet Filtering
21. Most granular organization of controls
Cache
Control Category
Blind Testing
Access Control Attacks
22. Not fulfilling legally recognized obligation - failure to conform to a standard of care that results in injury or damage - and proximate causation - not practicing due diligence - or due care - not following prudent person (doing due diligence in due
Isolation
Pointer
Electronic Vaulting
Elements of Negligence
23. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.
Tar Pits
Residual Risk
Code
Digital Signature
24. Something that happened
Business Interruption
Event
Examples of technical security components
Cookie
25. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.
Surge Suppressor
Multilevel Security System
Sequence Attacks
Surge
26. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.
Teardrop
Walk Though
Evidence
False Negative
27. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements
TCSEC (Orange Book)
2-Phase Commit
EMI
Shielding
28. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).
Discretionary Access Control (DAC)
Qualitative
Information Technology Security Evaluation Criteria - ITSEC
Object Oriented Programming (OOP)
29. A hash that has been further encrypted with a symmetric algorithm
Keyed-Hashing For Message Authentication
Trapdoors (Backdoors) (Maintenance Hooks)
SYN Flooding
Sharing
30. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid
Key Management
Civil Law
Information Owner
Warm Site
31. A back up type - where the organization has excess capacity in another location.
Bumping
Business Interruption
Common Criteria
Distributed Processing
32. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.
Trojan Horse
Mobile Recovery
Remote Journaling
Source Routing Exploitation
33. System of law based upon precedence - with major divisions of criminal - tort - and administrative
Common Law
Double Blind Testing
Data Backups
Binary
34. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.
Monitor
TIFF (Tagged Image File Format)
Encapsulation
Concatenation
35. A disturbance that degrades performance of electronic devices and electronic communications.
Fire Classes
Due Diligence
Near Site
Radio Frequency Interference (RFI)
36. Control category- to record an adversary's actions
Capability Tables
Detective
Disaster Recovery Teams (Business Recovery Teams)
Complete
37. Recovery alternative which outsources a business function at a cost
Service Bureau
Cross Certification
Simulation
Salami
38. Copies of the plan are handed out to each functional area to ensure the plan properly deals with the area's needs and vulnerabilities
Recovery
Common Law
Checklist Test
File Shadowing
39. The restoration of computer files from backup media to restore programs and production data to the state that existed at the time of the last safe backup.
Exposure
Security Clearance
Data Recovery
Hearsay
40. The event signaling an IDS to produce an alarm when no attack has taken place
False Attack Stimulus
Relocation
Masked/Interruptible
Isolation
41. A copy of transaction data - designed for querying and reporting
Central Processing Unit (CPU)
Data Warehouse
Birthday Attack
Alternate Data Streams (File System Forks)
42. An unintended communication path
Quantitative Risk Analysis
Symmetric
Malformed Input
Covert Channel
43. Actions measured against either a policy or what a reasonable person would do
Due Diligence
Critical Functions
Firmware
Centralized Access Control Technologies
44. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services
Access Control Lists
Network Attached Storage (NAS)
Cryptography
Restoration
45. Outputs within a given function are the same result
Binary
Collisions
Labeling
Legacy Data
46. Malware that makes small random changes to many data points
Compensating
Proxies
Data Diddler
Business Continuity Steering Committee
47. A process state - to be either be unable to run waiting for an external event or terminated
Checkpoint
Instance
Stopped
Maximum Tolerable Downtime (MTD)
48. Some systems are actually run at the alternate site
Basics Of Secure Design
Parallel Test
False (False Positive)
The ACID Test
49. A layer 2 device that used to connect two network segments and regulate traffic.
Intrusion Detection Systems
Honeynet
Bridge
Decipher
50. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.
Plaintext
Control
Orange Book C2 Classification
Data Warehouse
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests
