SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A template for the designing the architecture
Certification Authority
Trojan Horse
Due Diligence
Security Blueprint
2. An image compression standard for photographs
JPEG (Joint Photographic Experts Group)
Radio Frequency Interference (RFI)
Byte
Storage Area Network (SAN)
3. A layer 3 device that used to connect two or more network segments and regulate traffic.
Data Diddler
Routers
Electronic Vaulting
Spam
4. To reduce sudden rises in current
Mixed Law System
Surge Suppressor
Electronic Vaulting
Plain Text
5. To start business continuity processes
Activation
Databases
Recovery
3 Types of harm Addressed in computer crime laws
6. A technology that reduces the size of a file.
Forensic Copy
Compression
Business Continuity Steering Committee
Legacy Data
7. Requirement to take time off
Strong Authentication
Metadata
Standalone Test
Mandatory Vacations
8. A basic level of network access control that is based upon information contained in the IP packet header.
Mandatory
Codec
Virus
Packet Filtering
9. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.
Keyed-Hashing For Message Authentication
Noise
Twisted Pair
ff Site
10. Of a system without prior knowledge by the tester or the tested
Picking
Certificate Revocation List (CRL)
Domain
Double Blind Testing
11. Unchecked data which spills into another location in memory
Hash Function
Buffer Overflow
Substitution
Directive
12. Is secondhand and usually not admissible in court
Intrusion Detection Systems
Criminal Law
Hearsay Evidence
Job Training
13. An access policy that uses a security label system. Users have clearances - and resources have security labels that contain data classifications. MAC compares these two attributes to determine access control capabilies - most commonly used in governm
Labeling
Mandatory Access Control (MAC)
Digital Certificate
Sniffing
14. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements
Quantitative
Hard Disk
ISO/IEC 27002
TCSEC (Orange Book)
15. An event which stops business from continuing.
Forward Recovery
Accreditation
Certificate Revocation List (CRL)
Disaster
16. Copies of the plan are handed out to each functional area to ensure the plan properly deals with the area's needs and vulnerabilities
Picking
Inference
Checklist Test
Tort
17. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.
Data Integrity
Disk Mirroring
Burn
Electrostatic Discharge
18. A running key using a random key that is never used again
Operational Impact Analysis
Multi-Processing
Alarm Filtering
One Time Pad
19. Mathematical function that determines the cryptographic operations
Attacker (Black hat - Hacker)
Parallel Test
Algorithm
Distributed Processing
20. Identification and notification of an unauthorized and/or undesired action
Access Control Lists
Incident Response
Multilevel Security System
Detection
21. Potentially retrievable data residue that remains following intended erasure of data.
File Sharing
Databases
Access Control Lists
Remanence
22. Forgery of the sender's email address in an email header.
Interpreter
Policy
E-Mail Spoofing
Education
23. An activity that is performed for the purpose of training and conditioning team members - and improving their performance.
Sharing
Exercise
Active Data
Trade Secret
24. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.
Call Tree
Legacy Data
Quantitative Risk Analysis
Denial Of Service
25. A system that enforces an access control policy between two networks.
Mock Disaster
Vulnerability
Business Continuity Program
Firewalls
26. A control before attack
Structured Walk-Through Test
Conflict Of Interest
Data Leakage
Safeguard
27. A process state - (blocked) needing input before continuing
Supervisor Mode (monitor - system - privileged)
Centralized Access Control Technologies
Wait
Object Oriented Programming (OOP)
28. Recovery alternative which includes cold site and some equipment and infrastructure is available
Critical Functions
Emanations
Warm Site
Asymmetric
29. The process of identifying - accessing - reducing risk to an acceptable level - and implementing the right countermeasure to maintain that level of risk
Information Risk Management (IRM)
Full-Interruption test
Routers
Cipher Text
30. Actions measured against either a policy or what a reasonable person would do
Due Diligence
ISO/IEC 27001
Authorization
Metadata
31. A form of data hiding which protects running threads of execution from using each other's memory
High-Risk Areas
Running Key
Faraday Cage/ Shield
Process Isolation
32. A protocol for the efficient transmission of voice over the Internet
Bridge
Voice Over IP (VOIP)
Compression
Test Plan
33. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.
Business Continuity Program
Administrative Access Controls
Plaintext
Labeling
34. Mitigate damage by isolating compromised systems from the network.
Site Policy Awareness
Eavesdropping
Blind Testing
Containment
35. A signal suggesting a system has been or is being attacked.
Debriefing/Feedback
Contingency Plan
Alert/Alarm
Pointer
36. Recovery alternative - complete duplication of services including personnel
Mirrored Site
Application Programming Interface
Revocation
Reciprocal Agreement
37. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid
Acronym for American Standard Code for Information Interchange (ASCII)
Remote Journaling
Fraggle
Civil Law
38. Malware that makes many small changes over time to a single data point or system
Salami
Dangling Pointer
Accreditation
Hard Disk
39. One of the most important first steps in the planning development. Qualitative and quantitative data needs to be gathered - analyzed - interpreted and presented to management
Examples of technical security components
Mantrap (Double Door System)
Business Impact Analysis
Operating
40. For PKI - decertify an entities certificate
Revocation
Elements of Negligence
Examples of technical security components
Instance
41. Threats x Vulnerability x Asset Value = Total Risk
IP Fragmentation
Total Risk
Security Clearance
Process Isolation
42. A covert storage channel on the file attribute
Fault
Public Key Infrastructure (PKI)
Alternate Data Streams (File System Forks)
Code
43. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).
Multi-Processor
Analysis
Discretionary Access Control (DAC)
Stopped
44. An availability attack - to consume resources to the point of exhaustion from multiple vectors
Protection
Crisis
Access Point
Distributed Denial Of Service
45. Deals with discretionary protection
Reciprocal Agreement
Worm
Electronic Vaulting
Orange Book C Classification
46. Try a list of words in passwords or encryption keys
Moore's Law
Corrective
Dictionary Attack
Kerckhoff's Principle
47. An unintended communication path
Critical Functions
Covert Channel
Architecture
Executive Succession
48. A choice in risk management - to convince another to assume risk - typically by payment
Discretionary Access Control (DAC)
Transfer
Substitution
Multi-Processor
49. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.
Forward Recovery
Criminal Law
One Time Pad
Walk Though
50. Responsibility of a user for the actions taken by their account which requires unique identification
Identification
Accountability
Voice Over IP (VOIP)
Risk Mitigation
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests