SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. One entity with two competing allegiances
TEMPEST
Bumping
Conflict Of Interest
Business Recovery Team
2. The connection between a wireless and wired network.
Firewall
Botnet
Access Point
Test Plan
3. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)
Forensic Copy
Metadata
Faraday Cage/ Shield
Smurf
4. May be responsible for overall recovery of an organization or unit(s).
Incident Handling
DR Or BC Coordinator
File Sharing
Brownout
5. Data or interference that can trigger a false positive
Directive
Machine Language (Machine Code)
Multi-Programming
Noise
6. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?
Enticement
False (False Positive)
Due Diligence
Desk Check Test
7. OOP concept of a class's details to be hidden from object
Hacker
Patent
Encapsulation
Denial Of Service
8. Information which has retained its importance - but which has been created or stored by software/hardware that has been rendered obsolete.
Electrostatic Discharge
Legacy Data
Cipher Text
DR Or BC Coordinator
9. Collection of data on business functions which determines the strategy of resiliency
Accurate
Risk
Disaster Recovery Plan
Business Impact Assessment (BIA)
10. An individuals conduct that violates government laws developed to protect the public
Criminal Law
Residual Data
Recovery Time Objectives
Strong Authentication
11. Hitting a filed down key in a lock with a hammer to open without real key
Bumping
Alternate Data Streams (File System Forks)
Work Factor
Compensating
12. A computer designed for the purpose of studying adversaries
Data Owner
Multi-Processing
Denial Of Service
Honeypot
13. Define the way in which the organization operates.
Method
Proprietary
High-Risk Areas
Fiber Optics
14. A program that waits for a condition or time to occur that executes an inappropriate activity
File Shadowing
TEMPEST
Fault Tolerance
Logic Bomb
15. A type of multitasking that allows for more even distribution of computing time among competing request
False (False Positive)
Preemptive
Call Tree
Faraday Cage/ Shield
16. Creation distribution update and deletion
Incident Response
Key Management
Classification Scheme
Polyalphabetic
17. Two different keys decrypt the same cipher text
Substitution
DR Or BC Coordinator
Key Clustering
Cross Certification
18. Reprogrammable basic startup instructions
Operational Exercise
Elements of Negligence
Firmware
Cross Certification
19. A electronic attestation of identity by a certificate authority
Smurf
Digital Certificate
Shadowing (file shadowing)
Acronym for American Standard Code for Information Interchange (ASCII)
20. For PKI - decertify an entities certificate
Job Rotation
Revocation
Key Clustering
Alternate Data Streams (File System Forks)
21. A running key using a random key that is never used again
CobiT
File Level Deletion
One Time Pad
Warm Site
22. A design methodology which executes in a linear one way fashion
Radio Frequency Interference (RFI)
Twisted Pair
Waterfall
Risk Assessment
23. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.
War Dialing
Compression
Business Recovery Team
Separation Of Duties
24. Information that - if made public or even shared around the organization - could seriously impede the organization's operations
Shielding
Encipher
Databases
Highly Confidential
25. Intellectual property protection for an confidential and critical process
Trade Secret
Common Law
Separation Of Duties
Memory Management
26. Subset of operating systems components dedicated to protection mechanisms
Business Recovery Timeline
Object Oriented Programming (OOP)
Standalone Test
Security Kernel
27. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements
Central Processing Unit (CPU)
ITSEC
Recovery Period
Restoration
28. To start business continuity processes
Multiplexers
Durability
Activation
Emergency
29. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor
Coaxial Cable
Distributed Denial Of Service
Incident
Transients
30. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).
File
Inference
Microwave
Hub
31. A codename that refers to the study and mitigation of information disclosure via electromagnetic emanations from electronic equipment.
Certification Authority
TEMPEST
Multi-Processing
Non-Interference
32. Just enough access to do the job
Least Privilege
Analysis
Life Cycle of Evidence
Business Continuity Program
33. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.
Encryption
Forward Recovery
Threats
Common Law
34. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)
Business Impact Analysis
Resumption
Interception
Source Routing Exploitation
35. Final purpose or result
Sniffing
Concatenation
Kerckhoff's Principle
Payload
36. A test conducted on multiple components of a plan - in conjunction with each other - typically under simulated operating conditions
Business Records
IDS Intrusion Detection System
Transfer
Integrated Test
37. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a hub).
Collisions
Concentrator
Object Oriented Programming (OOP)
Blind Testing
38. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.
Reciprocal Agreement
Orange Book B1 Classification
Storage Area Network (SAN)
Critical Records
39. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.
BCP Testing Drills and Exercises
Radio Frequency Interference (RFI)
Reciprocal Agreement
Rollback
40. Highly sensitive internal documents that could seriously damage the organization if such information were lost or made public.
Top Secret
Total Risk
Discretionary Access Control (DAC)
Business Recovery Timeline
41. An unintended communication path
Hot Spares
Covert Channel
Atomicity
Integrated Test
42. To stop damage from spreading
Business Interruption Insurance
Containment
Kerberos
Radio Frequency Interference (RFI)
43. Malware that uses the trust on a website to redirect users to untrusted websites which captures data or installs more malware
File
Cross-Site Scripting
Layering
Microwave
44. Enclosure of electronic communication devices to prevent leakage of electromagnetic signals.
Qualitative
Cryptography
Private Branch Exchange (PBX)
Shielding
45. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.
Business Recovery Timeline
Microwave
Trapdoors (Backdoors) (Maintenance Hooks)
Slack Space
46. Control category- to give instructions or inform
Capability Tables
Blind Testing
Directive
Cross Training
47. A race condition where the security changes during the object's access
Central Processing Unit (CPU)
Electromagnetic Interference (EMI)
Time Of Check/Time Of Use
Contact List
48. Converts a high level language into machine language
Non-Repudiation
State Machine Model
Assembler
Cryptanalysis
49. Momentary loss of power
Keystroke Logging
Tapping
Access Point
Fault
50. A basic level of network access control that is based upon information contained in the IP packet header.
Business Unit Recovery
Activation
Packet Filtering
Worm
