SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To evaluate the current situation and make basic decisions as to what to do
Triage
Governance
Business Records
On-Site
2. Potentially compromising leakage of electrical or acoustical signals.
Relocation
Emanations
Redundant Servers
Critical Functions
3. Something that happened
Rollback
Site Policy Awareness
Territoriality
Event
4. Transaction controls for a database - a return to a previous state
Recovery Period
Rollback
Sharing
Asymmetric
5. A form of data hiding which protects running threads of execution from using each other's memory
Process Isolation
Certification
Checksum
Capability Tables
6. Of a system without prior knowledge by the tester or the tested
Deadlock
Double Blind Testing
Identification
Access Control Attacks
7. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity
Hearsay
Mobile Recovery
Technical Access Controls
Site Policy Awareness
8. The current internationally accepted set of standards and processes for information security products evaluation and assurance - which joins function and assurance requirements
Separation Of Duties
Administrative Law
Directive
Common Criteria
9. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.
Safeguard
Sampling
Data Owner
System Downtime
10. A description of a database
Checklist Test (desk check)
Mandatory Vacations
Data Dictionary
Examples of technical security components
11. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.
Chain Of Custody
Hacker
Site Policy Awareness
Governance
12. Code breaking - practice of defeating the protective properties of cryptography.
SQL Injection
Threats
Cryptanalysis
Change Control
13. Code making
Blackout
Content Dependent Access Control
Labeling
Cryptography
14. To stop damage from spreading
Containment
Technical Access Controls
Data Dictionary
Plain Text
15. Memory management technique which allows subjects to use the same resource
Data Marts
Microwave
Locard's Principle
Sharing
16. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.
Disk Mirroring
Cross Certification
Pervasive Computing and Mobile Computing Devices
Critical Infrastructure
17. Copies of the plan are handed out to each functional area to ensure the plan properly deals with the area's needs and vulnerabilities
Threats
Checklist Test
Due Diligence
Call Tree
18. Written step-by-step actions
Payload
Procedure
Certificate Revocation List (CRL)
Spam
19. Organization's prior arrangements made to maintain the functions and processes important to the existence of the organization
Pointer
Business Continuity Planning (BCP)
Governance
Data Integrity
20. A failure of an IDS to detect an actual attack
Firmware
Algorithm
False Negative
Non-Repudiation
21. Server optimized for providing file-based data storage to the network. Unlike a File Server - a NAS unit has no input or output devices - and the OS is dedicated for providing storage services.
Isolation
Bollard
Network Attached Storage (NAS)
Orange Book D Classification
22. High frequency noise
Message Digest
Electromagnetic Interference (EMI)
HTTP Response Splitting
Orange Book B1 Classification
23. The chance that something negative will occur
Risk
Metadata
Fragmented Data
Intrusion Detection Systems
24. Memory management technique which allows data to be moved from one memory address to another
Strategic
Recovery
Relocation
Site Policy
25. An attack technique that exploits systems that do not perform input validation by embedding partial SQL queries inside input.
Picking
Authentic
Framework
Injection
26. Only the key protects the encrypted information
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
27. Malware that makes small random changes to many data points
Identification
Business Continuity Steering Committee
Cryptanalysis
Data Diddler
28. Requires two of the three user authentication attributes (knows - is or has) - e.g. you have an ATM card and enter a PIN
Wireless Fidelity (Wi-Fi )
Strong Authentication
Interpreter
Site Policy Awareness
29. OOP concept of a distinct copy of the class
Mixed Law System
Object
Crisis
Instance
30. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.
Fire Detection
Active Data
Maximum Tolerable Downtime (MTD)
Compartmentalize
31. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.
Revocation
Custodian
Encryption
Steganography
32. A computer designed for the purpose of studying adversaries
Mixed Law System
Electrostatic Discharge
Honeypot
TIFF (Tagged Image File Format)
33. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid
Civil Law
Information Flow Model
Job Training
Recovery
34. The study of cryptography and cryptanalysis
Sag/Dip
Cryptology
Multi-Party Control
Remote Access Trojan
35. Pertaining to law - no omissions
Radio Frequency Interference (RFI)
Complete
Uninterruptible Power Supply (UPS)
Cold Site
36. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.
Open Mail Relay Servers
Business Continuity Program
Patent
Complete
37. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.
Marking
Patch Panels
Alert
Residual Data
38. For PKI - to have more than one person in charge of a sensitive function
Compartmentalize
Business Continuity Steering Committee
Threats
Multi-Party Control
39. More than one processor sharing same memory - also know as parallel systems
Incident Response
Object
On-Site
Multi-Processor
40. Subset of operating systems components dedicated to protection mechanisms
Security Kernel
Examples of technical security components
Digital Signature
Checksum
41. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.
Classification
Malformed Input
Checklist Test (desk check)
Prevention
42. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals
Ring Protection
Fire Classes
Sequence Attacks
Malformed Input
43. Descrambling the encrypted message with the corresponding key
Incident
Inrush Current
Checkpoint
Decipher
44. Information that - if made public or even shared around the organization - could seriously impede the organization's operations
Business Continuity Planning (BCP)
Content Dependent Access Control
CobiT
Highly Confidential
45. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.
Business Continuity Program
Lattice
System Downtime
Business Interruption Insurance
46. Highly sensitive internal documents that could seriously damage the organization if such information were lost or made public.
Top Secret
TNI (Red Book)
Process Isolation
Compensating
47. A signal suggesting a system has been or is being attacked.
Phishing
Targeted Testing
Standard
Alert/Alarm
48. A physical enclosure for verifying identity before entry to a facility
State Machine Model
Mantrap (Double Door System)
Hot Site
Authentication
49. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.
Declaration
Digital Signature
Civil Law
Electronic Vaulting
50. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.
Message Digest
Operational Exercise
Burn
File Extension