SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Periodic - automatic and transparent backup of data in bulk.
Maximum Tolerable Downtime (MTD)
Cryptanalysis
Electronic Vaulting
Certification Authority
2. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).
Inheritance
Redundant Array Of Independent Drives (RAID)
Repeaters
Administrative Laws
3. To know more than one job
Open Mail Relay Servers
Deterrent
BCP Testing Drills and Exercises
Cross Training
4. Recognition of an individual's assertion of identity.
Identification
Data Recovery
Burn
Blackout
5. The hard drive
Secondary Storage
File Extension
Business Continuity Steering Committee
Incident Manager
6. OOP concept of an object's abilities - what it does
Method
Multi-Tasking
Overlapping Fragment Attack
Surveillance
7. A layer 2 device that used to connect two or more network segments and regulate traffic.
Cryptography
Operational Impact Analysis
Switches
Compartmentalize
8. A mail server that improperly allows inbound SMTP connections for domains it does not serve.
Computer System Evidence
Capability Tables
Open Mail Relay Servers
Data Warehouse
9. OOP concept of a taking attributes from the original or parent
Patent
Inheritance
5 Rules Of Evidence
Encryption
10. Review of data
Data Recovery
Hijacking
Analysis
Acronym for American Standard Code for Information Interchange (ASCII)
11. An access policy that uses a security label system. Users have clearances - and resources have security labels that contain data classifications. MAC compares these two attributes to determine access control capabilies - most commonly used in governm
Data Recovery
Classification
CPU Cache
Mandatory Access Control (MAC)
12. An attack that breaks up malicious code into fragments - in an attempt to elude detection.
Authentic
Interference (Noise)
IP Fragmentation
Repeaters
13. Program that inappropriately collects private data or activity
Territoriality
Virtual Memory
Computer System Evidence
Spyware
14. Mathematical function that determines the cryptographic operations
Source Routing Exploitation
Algorithm
Inference
Residual Risk
15. Creation distribution update and deletion
Open Mail Relay Servers
Key Management
Supervisor Mode (monitor - system - privileged)
On-Site
16. To reduce fire
Kerckhoff's Principle
Recovery Period
Operational Test
Fire Suppression
17. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.
Denial Of Service
Embedded
Inrush Current
Tar Pits
18. The risk that remains after management implements internal controls - or some other response to risk - (Threats x Vulnerability x Asset Value) x Controls Gap = Residual Risk
Modification
Hearsay Evidence
Residual Risk
Supervisor Mode (monitor - system - privileged)
19. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.
Patch Panels
Acronym for American Standard Code for Information Interchange (ASCII)
Encryption
Operational Impact Analysis
20. Converts source code to an executable
Denial Of Service
Electronic Vaulting
Compiler
Restoration
21. For PKI - to store another copy of a key
Data Owner
Key Escrow
Emanations
Computer Forensics
22. For PKI - to have more than one person in charge of a sensitive function
Denial Of Service
Modification
DR Or BC Coordinator
Multi-Party Control
23. A type of attack involving attempted insertion - deletion or altering of data.
Business Continuity Steering Committee
Business Records
Database Replication
Modification
24. Evidence must be: admissible - authentic - complete - accurate - and convincing
Memory Management
Data Marts
5 Rules Of Evidence
Primary Storage
25. The core of a computer that calculates
Fault Tolerance
State Machine Model
Intrusion Detection Systems
Central Processing Unit (CPU)
26. Total number of keys available that may be selected by the user of a cryptosystem
Object
Key Space
Business Continuity Program
Declaration
27. A state for operating system tasks only
Permutation /Transposition
Supervisor Mode (monitor - system - privileged)
Copyright
Databases
28. To move from location to location - keeping the same function
Job Rotation
High-Risk Areas
Encipher
Key Space
29. Identification and notification of an unauthorized and/or undesired action
Highly Confidential
Incident Manager
Detection
Entrapment
30. Archival Data is information that is not directly accessible to the user of a computer system but that the organization maintains for long-term storage and record keeping purposes.
Data Marts
Archival Data
Job Rotation
Due Care
31. Eavesdropping on network communications by a third party.
Highly Confidential
Tapping
Certification Authority
Administrative Laws
32. A BCP testing type - a test that answers the question: Can the organization replicate the business process?
Simulation
Detection
Damage Assessment
Operating
33. Third party processes used to organize the implementation of an architecture
Reciprocal Agreement
Vulnerability
Framework
Deletion
34. Final purpose or result
Policy
Payload
Supervisor Mode (monitor - system - privileged)
Proprietary
35. A disturbance that degrades performance of electronic devices and electronic communications.
Radio Frequency Interference (RFI)
File Level Deletion
Examples of technical security components
Total Risk
36. A failure of an IDS to detect an actual attack
False Negative
Failure Modes and Effect Analysis (FEMA)
Key Space
Countermeasure
37. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing
Trojan Horse
Technical Access Controls
Microwave
Kerberos
38. Framework that defines goals for the controls that should be used to properly manage IT - consists of 4 domains: - Plan and Organize - - Acquire and Implement - Deliver and Support - Monitor and Evaluate
CobiT
Routers
Information Flow Model
Information Risk Management (IRM)
39. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code
3 Types of harm Addressed in computer crime laws
Proxies
Inference
Concentrator
40. Written suggestions that direct choice to a few alternatives
Guidelines
Exposure
Computer System Evidence
Network Attached Storage (NAS)
41. Scrambled form of the message or data
E-Mail Spoofing
Cipher Text
Containment
Electromagnetic Interference (EMI)
42. A protocol for the efficient transmission of voice over the Internet
Site Policy
Voice Over IP (VOIP)
Investigation
SYN Flooding
43. A Denial of Service attack initiated by sending spoofed UDP echo request to IP broadcast addresses. (See Smurf)
Fraggle
Hot Spares
Mixed Law System
Faraday Cage/ Shield
44. Computing power will double every 18 months
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
45. Property that data is represented in the same manner at all times
Service Bureau
Data Dictionary
Routers
Consistency
46. A collection of data or information that has a name
Smurf
Instance
Incident
File
47. Object based description of a single resource and the permission each subject
True Attack Stimulus
Access Control Lists
Reference Monitor
Business Interruption Insurance
48. An individuals conduct that violates government laws developed to protect the public
Cross Training
Criminal Law
Threads
Examples of technical security components
49. A set of best practices for programmers to seek in all application or data base design: Atomicity - Consistency - Isolation - Durability
State Machine Model
Mitigate
The ACID Test
Mobile Site
50. A planned or unplanned interruption in system availability.
Access Control Matrix
Residual Risk
System Downtime
Certification
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests