SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Organization way of classifying data by factors such as criticality - sensitivity and ownership.
Hearsay
Orange Book A Classification
Dictionary Attack
Classification Scheme
2. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.
Trademark
Deleted File
DR Or BC Coordinator
Orange Book A Classification
3. Forgery of the sender's email address in an email header.
Radio Frequency Interference (RFI)
Infrastructure
E-Mail Spoofing
Disaster Recovery Plan
4. Deals with discretionary protection
ISO/IEC 27001
Method
Hash Function
Orange Book C Classification
5. Pertaining to law - lending it self to one side of an argument
Access Control Attacks
Lattice
Convincing
Certificate Revocation List (CRL)
6. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements
Inrush Current
Electromagnetic Interference (EMI)
Accountability
ITSEC
7. A codename that refers to the study and mitigation of information disclosure via electromagnetic emanations from electronic equipment.
TEMPEST
Incident Response
Masquerading
Record Level Deletion
8. The event signaling an IDS to produce an alarm when no attack has taken place
False Attack Stimulus
Sampling
Backup
Fragmented Data
9. Communicate to stakeholders
Remanence
Key Management
Incident Response Team
Debriefing/Feedback
10. An event which stops business from continuing.
File Shadowing
Log
Inrush Current
Disaster
11. The current internationally accepted set of standards and processes for information security products evaluation and assurance - which joins function and assurance requirements
Degauss
File
Policy
Common Criteria
12. Just enough access to do the job
Security Domain
Least Privilege
Crisis
Botnet
13. Renders the record inaccessible to the database management system
Due Care
Custodian
Incident Response Team
Record Level Deletion
14. For PKI - to store another copy of a key
Least Privilege
Interpreter
Key Escrow
Security Clearance
15. Individuals and departments responsible for the storage and safeguarding of computerized data.
Administrative Law
Data Custodian
Information Technology Security Evaluation Criteria - ITSEC
Patent
16. Vehicle or tool that exploits a weakness
Threats
Replication
Hard Disk
Satellite
17. Most granular organization of controls
E-Mail Spoofing
Side Channel Attack
Control Category
Identification
18. Try a list of words in passwords or encryption keys
Dictionary Attack
Mobile Site
Consistency
Qualitative
19. Recovery alternative - complete duplication of services including personnel
Entrapment
Alert/Alarm
Mirrored Site
Brownout
20. Information about a particular data set
Supervisor Mode (monitor - system - privileged)
Metadata
Highly Confidential
Integrated Test
21. Adversary intercepts encrypted communications - decrypts - views - encrypts - and send along to the true destination
Recovery
Risk
Information Technology Security Evaluation Criteria - ITSEC
Man-In-The-Middle Attack
22. Converts source code to an executable
Compiler
Risk
Relocation
Total Risk
23. One method of exercising teams in which participants are challenged to determine the actions they would take in the event of a specific disaster scenario. Mock disasters usually involve all - or most - of the applicable teams.
Identification
Hub
Satellite
Mock Disaster
24. A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.
Bit
Databases
Voice Over IP (VOIP)
Trademark
25. When two or more computers are networked together in a LAN situation - one computer may be utilized as a storage location for files for the group.
Activation
File Server
Total Risk
Data Recovery
26. Moving letters around
Warm Site
Access Control Lists
Message Digest
Permutation /Transposition
27. Descrambling the encrypted message with the corresponding key
Decipher
Contingency Plan
Waterfall
Event
28. The collection and summation of risk data relating to a particular asset and controls for that asset
Secondary Storage
Processes are Isolated By
Risk Assessment
Smurf
29. Process of statistically testing a data set for the likelihood of relevant information.
Database Replication
Redundant Array Of Independent Drives (RAID)
Sampling
Keystroke Logging
30. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)
Key Escrow
Multi-Core
Interception
Plaintext
31. Line by line translation from a high level language to machine code
Interpreter
IP Address Spoofing
Emergency Procedures
Supervisor Mode (monitor - system - privileged)
32. With enough computing power trying all possible combinations
Firmware
Brute Force
Complete
Codec
33. A test that answers the questions: Does the organization have the documentation it needs? Can it be located?
HTTP Response Splitting
Intrusion Prevention Systems
Checklist Test (desk check)
Sampling
34. The managerial approval to operate a system based upon knowledge of risk to operate
Data Hiding
Mandatory
Tapping
Accreditation
35. Redundant component that provides failover capability in the event of failure or interruption of a primary component.
Elements of Negligence
Switches
Hot Spares
Codec
36. Lower frequency noise
Risk Assessment
Access Control
Restoration
Radio Frequency Interference (RFI)
37. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.
Open Mail Relay Servers
Tar Pits
Access Control Matrix
Standalone Test
38. A critical event - which - if not handled in an appropriate manner - may dramatically impact an organization's profitability - reputation - or ability to operate.
Distributed Processing
Control
Standard
Crisis
39. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.
Data Backup Strategies
Plain Text
Patent
Incident Response Team
40. Return to a normal state
Processes are Isolated By
Recovery
Stopped
Mock Disaster
41. Communication of a security incident to stakeholders and data owners.
Bollard
Logic Bomb
Notification
Labeling
42. More than one processor sharing same memory - also know as parallel systems
Digital Signature
Prevention
Qualitative
Multi-Processor
43. One of the most important first steps in the planning development. Qualitative and quantitative data needs to be gathered - analyzed - interpreted and presented to management
Sharing
Business Recovery Team
Business Impact Analysis
Triage
44. An encryption method that has a key as long as the message
Running Key
Policy
Spiral
Tactical
45. Tool which mediates access
Twisted Pair
Modification
Control
Hot Site
46. All of the protection mechanism in a computer system
Brownout
Architecture
Critical Functions
Trusted Computing Base
47. Small data files written to a user's hard drive by a web server.
Digital Certificate
File Level Deletion
Cookie
Conflict Of Interest
48. Requirement to take time off
Mandatory Vacations
Time Of Check/Time Of Use
Threats
Malformed Input
49. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code
Decipher
Disaster Recovery Tape
3 Types of harm Addressed in computer crime laws
Modification
50. Computing power will double every 18 months
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
