SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Review of data
Analysis
Processes are Isolated By
Logic Bomb
Full Test (Full Interruption)
2. The managerial approval to operate a system based upon knowledge of risk to operate
Archival Data
Strategic
Surge Suppressor
Accreditation
3. To stop damage from spreading
Substitution
Mobile Recovery
One Time Pad
Containment
4. Control category - more than one control on a single asset
Non-Discretionary Access Control
Compensating
Residual Risk
Computer Forensics
5. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities
Application Programming Interface
BCP Testing Drills and Exercises
Hot Site
Object
6. Intellectual property protection for an confidential and critical process
Fire Detection
Polyalphabetic
Discretionary Access Control (DAC)
Trade Secret
7. Sudden rise in voltage in the power supply.
Classification Scheme
Surge
Birthday Attack
Masquerading
8. Written step-by-step actions
Distributed Denial Of Service
Procedure
Data Leakage
Distributed Processing
9. Independent malware that requires user interaction to execute
Intrusion Detection Systems
Virus
Disaster Recovery Plan
Fraggle
10. Renders the file inaccessible to the operating system - available to reuse for data storage.
Tracking
Cross-Site Scripting
Brownout
File Level Deletion
11. The problems solving state - the opposite of supervisor mode
Object
Polyalphabetic
User Mode (problem or program state)
Information Technology Security Evaluation Criteria - ITSEC
12. A technology that reduces the size of a file.
Risk Assessment / Analysis
Entrapment
Compression
Coaxial Cable
13. Real-time data backup ( Data Mirroring)
Decipher
Database Shadowing
Primary Storage
Multi-Core
14. Method for determine functions - identifying function failure - assessing it - and were failure is most likely to occur
Emergency Operations Center (EOC)
Failure Modes and Effect Analysis (FEMA)
Virus
File Sharing
15. A temporary public file to inform others of a compromised digital certificate
Certificate Revocation List (CRL)
Vulnerability
Tactical
Analysis
16. Joining two pieces of text
Cryptography
Concatenation
Worldwide Interoperability for Microwave Access (WI-MAX )
Test Plan
17. The risk that remains after management implements internal controls - or some other response to risk - (Threats x Vulnerability x Asset Value) x Controls Gap = Residual Risk
Structured Walk-Through Test
Orange Book B1 Classification
Executive Succession
Residual Risk
18. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?
Running
Criminal Law
High-Risk Areas
Desk Check Test
19. Process whereby data is removed from active files and other data storage structures
Trademark
Multi-Programming
Copyright
Deletion
20. Unchecked data which spills into another location in memory
Cross Certification
Trade Secret
Buffer Overflow
Emergency Procedures
21. Some systems are actually run at the alternate site
Parallel Test
Inheritance
Digital Signature
Sag/Dip
22. Sphere of influence
Data Diddler
5 Rules Of Evidence
Data Recovery
Domain
23. To ensure that evidence will be admissible in court by showing it was properly controlled and handled before being presented in court
Buffer Overflow
Chain of Custody
Business Impact Analysis
Bit
24. The study of cryptography and cryptanalysis
Cryptology
Work Factor
Forward Recovery
User
25. System of law based upon precedence - with major divisions of criminal - tort - and administrative
Gateway
Backup
Orange Book C2 Classification
Common Law
26. Business activities or information that could not be interrupted or unavailable for several business days without significantly jeopardizing operation of the organization.
Patent
Ethics
Critical Functions
Business Records
27. An unintended communication path
Satellite
Byte
Monitor
Covert Channel
28. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a hub).
Concentrator
Electronic Vaulting
Polyalphabetic
Business Continuity Steering Committee
29. To load the first piece of software that starts a computer.
Boot (V.)
Detection
Virus
Certification Authority
30. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner
Deterrent
Structured Walk-Through Test
Denial Of Service
Life Cycle of Evidence
31. An activity that is performed for the purpose of training and conditioning team members - and improving their performance.
Sequence Attacks
Exercise
Administrative Access Controls
Trusted Computing Base
32. Guidelines within an organization that control the rules and configurations of an IDS
Site Policy
Liability
Hard Disk
False Attack Stimulus
33. Controls for logging and alerting
Intrusion Detection Systems
Information Flow Model
3 Types of harm Addressed in computer crime laws
Fraggle
34. A form of data hiding which protects running threads of execution from using each other's memory
DR Or BC Coordinator
Process Isolation
Access Control
Evidence
35. Cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components
Tracking
Exercise
Masked/Interruptible
Rollback
36. Something that happened
Keyed-Hashing For Message Authentication
Data Custodian
Event
TNI (Red Book)
37. Tool which mediates access
Control
Content Dependent Access Control
Uninterruptible Power Supply (UPS)
Substitution
38. For PKI - to store another copy of a key
Internal Use Only
Key Escrow
Complete
Examples of technical security components
39. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.
Remote Journaling
Radio Frequency Interference (RFI)
Discretionary
Processes are Isolated By
40. Control category- to restore to a previous state by removing the adversary and or the results of their actions
Mantrap (Double Door System)
Corrective
Firewall
Access Control Attacks
41. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.
Least Privilege
ff Site
Emergency
Redundant Array Of Independent Drives (RAID)
42. Is secondhand and usually not admissible in court
EMI
War Dialing
Safeguard
Hearsay Evidence
43. A hash that has been further encrypted with a symmetric algorithm
Honeynet
Keyed-Hashing For Message Authentication
Elements of Negligence
Keystroke Logging
44. Inappropriate data
Malformed Input
Business Continuity Steering Committee
Governance
Keystroke Logging
45. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.
Twisted Pair
Strong Authentication
TCSEC (Orange Book)
Distributed Processing
46. When two or more computers are networked together in a LAN situation - one computer may be utilized as a storage location for files for the group.
Overlapping Fragment Attack
Criminal Law
Honeypot
File Server
47. Communicate to stakeholders
Maximum Tolerable Downtime (MTD)
Physical Tampering
Debriefing/Feedback
Database Replication
48. The chance that something negative will occur
Transfer
Risk
Mirrored Site
Modification
49. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals
Fire Classes
Covert Channel
Modems
Containment
50. Uncheck data input which results in redirection
Threat Agent
HTTP Response Splitting
Structured Walk-Through Test
Data Dictionary