Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Mediation of covert channels must be addressed
Detection
Deletion
Standard
Information Flow Model

2. A failure of an IDS to detect an actual attack
Workaround Procedures
Worm
Layering
False Negative

3. Renders the record inaccessible to the database management system
Multi-Core
Criminal Law
Record Level Deletion
Cold Site

4. Redundant component that provides failover capability in the event of failure or interruption of a primary component.
E-Mail Spoofing
Reciprocal Agreement
Supervisor Mode (monitor - system - privileged)
Hot Spares

5. Potentially retrievable data residue that remains following intended erasure of data.
Remanence
Multi-Programming
Strong Authentication
Administrative Laws

6. Intellectual property protection for marketing efforts
Rootkit
Trademark
Control Category
Isolation

7. Reprogrammable basic startup instructions
Firmware
Recovery
Internal Use Only
Control Type

8. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.
Side Channel Attack
Cache
Data Owner
Journaling

9. A condition in which neither party is willing to stop their activity for the other to complete
Deadlock
Residual Risk
User
Vital Record

10. Companies should have their own team - made up of ppl from management - IT leagal - HR - and public relations - security and other key areas
Plan Maintenance Procedures
Exposure
Multi-Core
Incident Response Team

11. A basic level of network access control that is based upon information contained in the IP packet header.
Method
Packet Filtering
Logic Bomb
Prevention

12. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress
Record Level Deletion
Debriefing/Feedback
True Attack Stimulus
Remanence

13. Pertaining to law - verified as real
Authentic
Data Warehouse
Site Policy
Disaster

14. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a hub).
Recovery Strategy
Distributed Processing
Durability
Concentrator

15. The chance that something negative will occur
Concatenation
Risk
Data Diddler
Fiber Optics

16. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.
Slack Space
Threat Agent
Pervasive Computing and Mobile Computing Devices
Quantitative Risk Analysis

17. Forgery of the sender's email address in an email header.
Central Processing Unit (CPU)
Trojan Horse
Disaster Recovery Plan
E-Mail Spoofing

18. One entity with two competing allegiances
Coaxial Cable
Collisions
Conflict Of Interest
War Driving

19. A device that provides the functions of both a bridge and a router.
Brouter
Metadata
Business Unit Recovery
Spam

20. Alerts personnel to the presence of a fire
Teardrop
Plain Text
Fire Detection
Data Hiding

21. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?
Byte Level Deletion
Walk Though
Data Leakage
Directive

22. Fault tolerance for power
Deleted File
MOM
Bumping
Generator

23. Copies of the plan are handed out to each functional area to ensure the plan properly deals with the area's needs and vulnerabilities
Business Interruption
Architecture
Cryptanalysis
Checklist Test

24. Intellectual property management technique for identifying after distribution
Data Dictionary
Watermarking
Intrusion Prevention Systems
Secondary Storage

25. A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.
Switches
Simulation Test
Bit
Protection

26. To move from location to location - keeping the same function
Adware
Investigation
Business Recovery Team
Job Rotation

27. Dedicated fast memory located on the same board as the CPU
CPU Cache
Asymmetric
Memory Management
Hot Spares

28. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.
Relocation
Redundant Servers
Multi-Processing
Embedded Systems

29. A running key using a random key that is never used again
Mandatory
Hash Function
Trade Secret
One Time Pad

30. Recording activities at the keyboard level
Keystroke Logging
Procedure
Off-Site Storage
Bumping

31. Representatives from each functional area or department get together and walk through the plan from beginning to end.
War Dialing
Payload
Structured Walk-Through Test
Information Risk Management (IRM)

32. A type a computer memory that temporarily stores frequently used information for quick access.
HTTP Response Splitting
Relocation
Threats
Cache

33. Interception of a communication session by an attacker.
Hijacking
Fire Classes
Activation
Decipher

34. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor
Coaxial Cable
Brute Force
Spyware
File

35. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.
Debriefing/Feedback
Instance
Emergency
Covert Channel

36. The property that data meet with a priority expectation of quality and that the data can be relied upon.
Teardrop
Business Impact Assessment (BIA)
Disaster Recovery Plan
Data Integrity

37. An availability attack - to consume resources to the point of exhaustion
Burn
Denial Of Service
Control Type
Sharing

38. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.
Active Data
Brownout
User
Polymorphism

39. Eavesdropping on network communications by a third party.
Containment
Sniffing
Embedded Systems
Mirrored Site

40. Line noise that is superimposed on the supply circuit.
Mandatory
Transients
Alert
Life Cycle of Evidence

41. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs
Data Diddler
Honeynet
Application Programming Interface
Acronym for American Standard Code for Information Interchange (ASCII)

42. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing
Recovery
Technical Access Controls
Brute Force
War Driving

43. Claiming another's identity at a physical level
Standard
Internal Use Only
Masquerading
Alarm Filtering

44. Of a system without prior knowledge by the tester or the tested
Firewalls
Honeypot
Double Blind Testing
Radio Frequency Interference (RFI)

45. Planning with a goal of returning to the normal business function
TEMPEST
Restoration
UPS
Polymorphism

46. Measures followed to restore critical functions following a security incident.
Compiler
Phishing
Recovery
Running

47. Joining two pieces of text
Data Leakage
Business Interruption Insurance
Payload
Concatenation

48. Object reuse protection and auditing
Denial Of Service
E-Mail Spoofing
Surveillance
Orange Book C2 Classification

49. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.
Kerckhoff's Principle
Side Channel Attack
Discretionary
Fiber Optics

50. Recovery alternative - complete duplication of services including personnel
Classification Scheme
Waterfall
Executive Succession
Mirrored Site