SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Sudden rise in voltage in the power supply.
Encryption
Call Tree
Surge
Tactical
2. To execute more than one instruction at an instant in time
Multi-Processing
Electromagnetic Interference (EMI)
Data Backups
Hard Disk
3. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.
Tar Pits
Debriefing/Feedback
Processes are Isolated By
Sharing
4. Recovery alternative - complete duplication of services including personnel
Checklist Test (desk check)
Hijacking
Mirrored Site
Honeynet
5. Mediation of subject and object interactions
Access Control
Rollback
Concentrator
Algorithm
6. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.
Central Processing Unit (CPU)
Deterrent
File Extension
Kernel
7. Property that data is represented in the same manner at all times
Substitution
Cross Training
Sag/Dip
Consistency
8. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.
Forward Recovery
SQL Injection
Exercise
Picking
9. Someone who wants to cause harm
Attacker (Black hat - Hacker)
Cross Certification
Contingency Plan
Rollback
10. Trading one for another
Boot (V.)
Substitution
Service Bureau
Denial Of Service
11. To reduce fire
Privacy Laws
Embedded
Generator
Fire Suppression
12. Potentially retrievable data residue that remains following intended erasure of data.
Remanence
Brute Force
Routers
Asymmetric
13. A running key using a random key that is never used again
BCP Testing Drills and Exercises
Kernel
One Time Pad
Object Oriented Programming (OOP)
14. Highly sensitive internal documents that could seriously damage the organization if such information were lost or made public.
Radio Frequency Interference (RFI)
Malformed Input
CobiT
Top Secret
15. Try a list of words in passwords or encryption keys
Forensic Copy
Machine Language (Machine Code)
Damage Assessment
Dictionary Attack
16. Pertaining to law - lending it self to one side of an argument
Procedure
Codec
Convincing
Mitigate
17. Two certificate authorities that trust each other
Disk Mirroring
Cross Certification
Concatenation
Trademark
18. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.
Electromagnetic Interference (EMI)
Central Processing Unit (CPU)
Moore's Law
Microwave
19. To load the first piece of software that starts a computer.
Masquerading
Boot (V.)
Storage Area Network (SAN)
Control Category
20. OOP concept of a taking attributes from the original or parent
Checklist Test (desk check)
Uninterruptible Power Supply (UPS)
Reciprocal Agreement
Inheritance
21. OOP concept of a template that consist of attributes and behaviors
Class
Aggregation
Detection
Payload
22. The core logic engine of an operating system which almost never changes
Kernel
3 Types of harm Addressed in computer crime laws
Remote Journaling
Slack Space
23. Malware that uses the trust on a website to redirect users to untrusted websites which captures data or installs more malware
Alternate Data Streams (File System Forks)
Cross-Site Scripting
Strategic
Lattice
24. A control after attack
Interception
Reference Monitor
Countermeasure
Orange Book C2 Classification
25. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner
Enticement
Residual Data
Life Cycle of Evidence
Hard Disk
26. A hash that has been further encrypted with a symmetric algorithm
Sequence Attacks
Deterrent
Keyed-Hashing For Message Authentication
Masked/Interruptible
27. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)
Access Control Matrix
Remanence
Interception
JPEG (Joint Photographic Experts Group)
28. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals
False Attack Stimulus
Acronym for American Standard Code for Information Interchange (ASCII)
Fire Classes
Smurf
29. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions
Mission-Critical Application
UPS
Resumption
Mirrored Site
30. Pertaining to law - high degree of veracity
Operational
Access Point
Accurate
Compiler
31. A Denial of Service attack that exploits systems that are not able to handle malicious - overlapping and oversized IP fragments.
War Dialing
Teardrop
Databases
Compensating
32. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.
Running
CobiT
Risk Assessment / Analysis
Keyed-Hashing For Message Authentication
33. Responsibility for actions
False (False Positive)
Ethics
Recovery Strategy
Liability
34. Intellectual property protection for an invention
Patent
Salami
Sampling
HTTP Response Splitting
35. A copy of transaction data - designed for querying and reporting
Fraggle
Work Factor
Data Warehouse
Worldwide Interoperability for Microwave Access (WI-MAX )
36. Object based description of a single resource and the permission each subject
Storage Area Network (SAN)
Microwave
Full-Interruption test
Access Control Lists
37. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated
Brouter
Initialization Vector
Cold Site
Rogue Access Points
38. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.
Data Backups
Method
Sequence Attacks
Side Channel Attack
39. Line noise that is superimposed on the supply circuit.
Business Continuity Program
Vital Record
Relocation
Transients
40. Claiming another's identity at a physical level
ITSEC
Masquerading
Notification
Faraday Cage/ Shield
41. Potentially compromising leakage of electrical or acoustical signals.
Total Risk
Emanations
Key Space
Test Plan
42. Actions measured against either a policy or what a reasonable person would do
Entrapment
Due Diligence
Supervisor Mode (monitor - system - privileged)
Cryptanalysis
43. The process of assessing damage - following a disaster - to computer hardware - vital records - office facilities - etc. And determining what can be salvaged or restored and what must be replaced.
Multi-Processing
Damage Assessment
Examples of non-technical security components
CobiT
44. A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources (e.e workaround procedures - alternate work area - etc.)
Contingency Plan
Damage Assessment
Stopped
Orange Book B2 Classification
45. More than one process in the middle of executing at a time
Mantrap (Double Door System)
Alternate Data Streams (File System Forks)
Electronic Vaulting
Multi-Tasking
46. The level and label given to an individual for the purpose of compartmentalization
Forensic Copy
Spyware
Transfer
Security Clearance
47. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing
Enticement
2-Phase Commit
Technical Access Controls
Radio Frequency Interference (RFI)
48. OOP concept of a class's details to be hidden from object
Encapsulation
Data Custodian
Threats
Data Marts
49. Consume resources to a point of exhaustion - loss of availability
Denial Of Service
Data Backup Strategies
Orange Book D Classification
Transfer
50. Reduction of voltage by the utility company for a prolonged period of time
Recovery Time Objectives
Message Digest
Keystroke Logging
Brownout
