SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Outputs within a given function are the same result
Job Training
Critical Records
Trusted Computing Base
Collisions
2. Need to understand both the assets that need to be protected and management's priorities - Also be prepared to adjust the design over time - and verify the design has been implemented correctly - need to be good negotiator - artist and analyst.
E-Mail Spoofing
Basics Of Secure Design
Shielding
Salami
3. Can be statistical (monitor behavior) or signature based (watch for known attacks)
Transients
IDS Intrusion Detection System
Identification
Education
4. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.
Business Recovery Timeline
Twisted Pair
Total Risk
TEMPEST
5. Summary of a communication for the purpose of integrity
Message Digest
Deadlock
Object Reuse
Intrusion Prevention Systems
6. Scrambled form of the message or data
Maximum Tolerable Downtime (MTD)
Open Mail Relay Servers
Bit
Cipher Text
7. Act of scrambling the cleartext message by using a key.
Data Dictionary
Byte
Encipher
Source Routing Exploitation
8. Eavesdropping on network communications by a third party.
Dictionary Attack
Eavesdropping
Structured Walkthrough
Sniffing
9. Using small special tools all tumblers of the lock are aligned - opening the door
Mitigate
Electronic Vaulting
Business Continuity Planning (BCP)
Picking
10. A condition in which neither party is willing to stop their activity for the other to complete
Deletion
Trusted Computing Base
Deadlock
Payload
11. High frequency noise
Preemptive
Electromagnetic Interference (EMI)
Multi-Processor
Administrative
12. A back up type - where the organization has excess capacity in another location.
Distributed Processing
Machine Language (Machine Code)
Hub
Due Diligence
13. RADIUS - TACACS+ - Diameter
Centralized Access Control Technologies
Emergency
Rootkit
Logic Bomb
14. More than one CPU on a single board
Civil Or Code Law
Workaround Procedures
Bumping
Multi-Core
15. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.
Virtual Memory
Guidelines
Secondary Storage
Worldwide Interoperability for Microwave Access (WI-MAX )
16. A BCP testing type - a test that answers the question: Can the organization replicate the business process?
3 Types of harm Addressed in computer crime laws
Labeling
Mirroring
Simulation
17. Pertaining to law - no omissions
Fraggle
Complete
Infrastructure
Simulation Test
18. Moving the alphabet intact a certain number spaces
Shift Cipher (Caesar)
Shadowing (file shadowing)
Mobile Recovery
Vital Record
19. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.
Strong Authentication
Acronym for American Standard Code for Information Interchange (ASCII)
Ring Protection
Operational Impact Analysis
20. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).
Chain Of Custody
Bumping
Discretionary Access Control (DAC)
Deadlock
21. Forging of an IP address.
IP Address Spoofing
Business Continuity Steering Committee
Control Type
2-Phase Commit
22. Identification and notification of an unauthorized and/or undesired action
Detection
Mobile Site
Emergency Procedures
Control Category
23. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data
Hacker
Byte Level Deletion
Transfer
Classification
24. Organized group of compromised computers
Time Of Check/Time Of Use
Botnet
Trademark
Discretionary Access Control (DAC)
25. The principles a person sets for themselves to follow
Education
Identification
Durability
Ethics
26. System directed mediation of access with labels
Mandatory
Contingency Plan
Cryptography
Data Warehouse
27. For PKI - to store another copy of a key
Identification
Fragmented Data
Key Escrow
Inrush Current
28. A BCP testing type - a test that answers the question: Can the organization operate at the alternate location only?
Physical Tampering
Mirrored Site
Security Blueprint
Full Test (Full Interruption)
29. A documented battle plan for coordinating response to incidents.
Incident Handling
Data Diddler
IP Fragmentation
Incident
30. Moving letters around
Data Backup Strategies
Orange Book C Classification
Gateway
Permutation /Transposition
31. An unintended communication path
Covert Channel
Legacy Data
Prevention
Disaster Recovery Teams (Business Recovery Teams)
32. A template for the designing the architecture
IP Address Spoofing
Civil Law
Virus
Security Blueprint
33. A covert storage channel on the file attribute
Mobile Site
Vulnerability
Remote Access Trojan
Alternate Data Streams (File System Forks)
34. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.
Emergency
ff Site
Embedded Systems
Total Risk
35. A world-wide wireless technology
Wireless Fidelity (Wi-Fi )
Mandatory Access Control (MAC)
Executive Succession
Technical Access Controls
36. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.
Accurate
Mobile Recovery
Cryptanalysis
Reference Monitor
37. A signal suggesting a system has been or is being attacked.
System Downtime
Alert/Alarm
Deleted File
Substitution
38. Review of data
Guidelines
Analysis
Revocation
Residual Risk
39. An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business - as well as legal or regulatory impacts.
Symmetric
Business Recovery Team
Mission-Critical Application
File Shadowing
40. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.
Machine Language (Machine Code)
Data Custodian
Complete
Business Continuity Program
41. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.
Data Warehouse
Critical Records
Data Hiding
ITSEC
42. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.
Data Backups
Switches
Change Control
Acronym for American Standard Code for Information Interchange (ASCII)
43. A telephone exchange for a specific office or business.
Interception
Interpreter
Private Branch Exchange (PBX)
Access Control
44. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor
Coaxial Cable
Preemptive
Structured Walkthrough
Multiplexers
45. A comprehensive set of controls comprising best practices in information security and provides guidelines on how to set up and maintain security programs.
Alert
Architecture
ISO/IEC 27002
Detective
46. A set of laws that the organization agrees to be bound by
Processes are Isolated By
Information Owner
Administrative Law
Complete
47. Recording the Who What When Where How of evidence
Man-In-The-Middle Attack
Business Continuity Program
Warm Site
Chain Of Custody
48. With enough computing power trying all possible combinations
Ethics
Convincing
Brute Force
Residual Risk
49. The chance that something negative will occur
Instance
Risk
Code
Mitigate
50. Mathematical function that determines the cryptographic operations
Waterfall
Surveillance
Framework
Algorithm