SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Location to perform the business function
Alternate Site
Memory Management
Incident Response
Risk Assessment
2. A description of a database
Data Dictionary
Multiplexers
Processes are Isolated By
Surge Suppressor
3. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.
HTTP Response Splitting
Information Flow Model
Standalone Test
Business Continuity Steering Committee
4. Unauthorized wireless network access device.
Rogue Access Points
Mock Disaster
File Level Deletion
File Extension
5. A subnetwork with storage devices servicing all servers on the attached network.
Hot Site
Storage Area Network (SAN)
Cross-Site Scripting
Access Control Lists
6. Descrambling the encrypted message with the corresponding key
Strategic
File Shadowing
Masked/Interruptible
Decipher
7. Physical description on the exterior of an object that communicates the existence of a label
Consistency
Evidence
Marking
Burn
8. Control category- to discourage an adversary from attempting to access
Picking
Cookie
Tapping
Deterrent
9. Malware that makes small random changes to many data points
Data Backup Strategies
Hard Disk
Data Diddler
Code
10. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists
Source Routing Exploitation
Business Records
Total Risk
File Server
11. Vehicle or tool that exploits a weakness
Analysis
Restoration
Threats
Information Technology Security Evaluation Criteria - ITSEC
12. Planning for the delegation of authority required when decisions must be made without the normal chain of command
File
Executive Succession
MOM
Parallel Test
13. A test conducted on multiple components of a plan - in conjunction with each other - typically under simulated operating conditions
Certification
Examples of non-technical security components
Integrated Test
Threats
14. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements
TNI (Red Book)
Least Privilege
Mitigate
Central Processing Unit (CPU)
15. Review of data
Analysis
Concentrator
Alarm Filtering
Checklist Test
16. Mediates communication between un-trusted hosts on behalf of the hosts that it protects.
Data Dictionary
Exercise
Proxies
Denial Of Service
17. Policy or stated actions
Cryptology
Due Care
Multilevel Security System
Surveillance
18. A planned or unplanned interruption in system availability.
Access Control Matrix
Full-Interruption test
Consistency
System Downtime
19. Converts source code to an executable
Transients
Multiplexers
Compiler
Brownout
20. Searching for wireless networks in a moving car.
Common Law
War Driving
Investigation
Checklist Test
21. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner
Life Cycle of Evidence
Central Processing Unit (CPU)
Degauss
Permutation /Transposition
22. Eavesdropping on network communications by a third party.
Sniffing
EMI
Asymmetric
Disaster Recovery Teams (Business Recovery Teams)
23. Hiding the fact that communication has occurred
Coaxial Cable
Steganography
Data Hiding
Data Custodian
24. An alert or alarm that is triggered when no actual attack has taken place
Workaround Procedures
Application Programming Interface
False (False Positive)
Buffer Overflow
25. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities
Information Risk Management (IRM)
Storage Area Network (SAN)
BCP Testing Drills and Exercises
Fiber Optics
26. The study of cryptography and cryptanalysis
Honeypot
Interception
Cryptology
Interpreter
27. Information about a particular data set
Debriefing/Feedback
Metadata
Backup
Kerckhoff's Principle
28. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions
Multi-Processor
Orange Book D Classification
Injection
Total Risk
29. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?
Honeypot
Moore's Law
Walk Though
Permutation /Transposition
30. Someone who wants to cause harm
Kernel
Attacker (Black hat - Hacker)
Recovery
Ring Protection
31. Of a system without prior knowledge by the tester or the tested
Double Blind Testing
Processes are Isolated By
Orange Book B2 Classification
Plain Text
32. Most granular organization of controls
Deterrent
Control Category
Symmetric
Uninterruptible Power Supply (UPS)
33. Mediation of covert channels must be addressed
Incident Response
Information Flow Model
Process Isolation
Encipher
34. The chance that something negative will occur
Risk
Criminal Law
Tactical
Preemptive
35. An opportunity for a threat to cause loss. (terminology that encompasses many recent risk terms)
Exposure
Targeted Testing
False Attack Stimulus
Exercise
36. Encryption system using a pair of mathematically related unequal keys
Asymmetric
Threat Agent
Metadata
Full-Interruption test
37. Robust project management process of new systems with at least the following phases: design and development - production - distribution - operation - maintenance - retirement - and disposal
Critical Records
Business Continuity Steering Committee
Desk Check Test
System Life Cycle
38. Recording activities at the keyboard level
Information Technology Security Evaluation Criteria - ITSEC
Keystroke Logging
Relocation
Multi-Tasking
39. Calculation encompassing threats - vulnerabilities and assets
Routers
Total Risk
Critical Functions
Identification
40. Heavily populated areas - particularly susceptible to high-intensity earthquakes - floods - tsunamis - or other disasters - for which emergency response may be necessary in the event of a disaster.
Storage Area Network (SAN)
Common Law
Access Control
High-Risk Areas
41. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data
Vital Record
Criminal Law
Byte Level Deletion
Notification
42. Maintenance procedures outline the process for the review and update of business continuity plans.
Preemptive
Plan Maintenance Procedures
Cryptology
Total Risk
43. An asymmetric cryptography mechanism that provides authentication.
Active Data
Proprietary
Radio Frequency Interference (RFI)
Digital Signature
44. Periodic - automatic and transparent backup of data in bulk.
Electronic Vaulting
Class
Cold Site
Proxies
45. Notification that a potential disaster situation exists or has occurred; direction for recipient to stand by for possible activation of disaster recovery plan.
Exposure
Fault
Alert
Redundant Servers
46. Intellectual property protection for an invention
Patent
Recovery Point Objective (RPO)
ISO/IEC 27002
Job Rotation
47. A test conducted on one or more components of a plan under actual operating conditions.
Operational
Call Tree
Operational Test
Residual Data
48. A choice in risk management - to implement a control that limits or lessens negative effects
Permutation /Transposition
Remote Journaling
Mitigate
Notification
49. Impossibility of denying authenticity and identity
Control
Administrative Laws
Moore's Law
Non-Repudiation
50. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.
Codec
Time Of Check/Time Of Use
Brownout
Plaintext
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests