SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Calculation encompassing threats - vulnerabilities and assets
Total Risk
Structured Walk-Through Test
Executive Succession
Surge Suppressor
2. Searching for wireless networks in a moving car.
Containment
Disaster Recovery Tape
Kerberos
War Driving
3. A control before attack
Disaster Recovery Teams (Business Recovery Teams)
False Attack Stimulus
Virtual Memory
Safeguard
4. OOP concept of a template that consist of attributes and behaviors
Class
DR Or BC Coordinator
Recovery Point Objective (RPO)
Business Impact Assessment (BIA)
5. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.
Recovery
Digital Signature
War Dialing
Cross-Site Scripting
6. A planned or unplanned interruption in system availability.
Mantrap (Double Door System)
Spyware
Processes are Isolated By
System Downtime
7. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.
Prevention
Shadowing (file shadowing)
Mobile Site
Data Owner
8. To evaluate the current situation and make basic decisions as to what to do
Triage
Emergency
Common Law
One Time Pad
9. A computer designed for the purpose of studying adversaries
Honeypot
Fault Tolerance
Physical Tampering
Hub
10. Converts source code to an executable
Compiler
Key Space
Security Domain
Virus
11. Organization way of classifying data by factors such as criticality - sensitivity and ownership.
Classification Scheme
DR Or BC Coordinator
Mission-Critical Application
Code
12. One way encryption
Hash Function
5 Rules Of Evidence
Polyalphabetic
Test Plan
13. Hardware or software that is part of a larger system
Strong Authentication
Voice Over IP (VOIP)
Embedded
Orange Book A Classification
14. A type of multitasking that allows for more even distribution of computing time among competing request
Protection
Proprietary
Preemptive
Embedded Systems
15. Method for determine functions - identifying function failure - assessing it - and were failure is most likely to occur
Compression
Custodian
Failure Modes and Effect Analysis (FEMA)
Orange Book D Classification
16. Reduction of voltage by the utility company for a prolonged period of time
Entrapment
Examples of technical security components
Kernel
Brownout
17. Communicate to stakeholders
Debriefing/Feedback
Strong Authentication
Distributed Processing
Mobile Site
18. Evidence must be: admissible - authentic - complete - accurate - and convincing
Permutation /Transposition
Safeguard
5 Rules Of Evidence
Full-Interruption test
19. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.
Security Domain
Rogue Access Points
Operational Impact Analysis
Separation Of Duties
20. Line by line translation from a high level language to machine code
Critical Records
Operational Test
Interpreter
Birthday Attack
21. Amount of time for restoring a business process or function to normal operations without major loss
Mirrored Site
Maximum Tolerable Downtime (MTD)
Data Warehouse
Identification
22. A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.
Method
Bit
Business Interruption Insurance
Noise
23. To load the first piece of software that starts a computer.
Boot (V.)
Patch Panels
Recovery Period
False Negative
24. Memory management technique which allows data to be moved from one memory address to another
Risk Assessment
Executive Succession
Relocation
Wait
25. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.
Reference Monitor
Business Interruption
Worldwide Interoperability for Microwave Access (WI-MAX )
Information Risk Management (IRM)
26. Requirement to take time off
Threats
Mandatory Vacations
Infrastructure
Incident Response Team
27. Recognition of an individual's assertion of identity.
Layering
Alert
Integrated Test
Identification
28. A system that enforces an access control policy between two networks.
Source Routing Exploitation
Access Control
MOM
Firewalls
29. A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.
Boot (V.)
Fire Prevention
Tracking
Emergency Procedures
30. The guardian of asset(s) - a maintenance activity
Business Continuity Steering Committee
Custodian
Site Policy
Database Shadowing
31. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.
Privacy Laws
Time Of Check/Time Of Use
Legacy Data
Secondary Storage
32. An asymmetric cryptography mechanism that provides authentication.
Digital Signature
Double Blind Testing
Data Marts
Forward Recovery
33. Use of specialized techniques for recovery - authentication - and analysis of electronic data
Business Continuity Planning (BCP)
ff Site
Computer Forensics
Machine Language (Machine Code)
34. A device that provides the functions of both a bridge and a router.
Botnet
Brouter
Business Unit Recovery
Trapdoors (Backdoors) (Maintenance Hooks)
35. Rapid switching back and forth between programs from the computer's perspective and appearing to do more that one thing at a time from the user's perspective
Multi-Programming
Education
Guidelines
Quantitative
36. To segregate for the purposes of labeling
Administrative Law
CobiT
Quantitative
Compartmentalize
37. Weakness or flaw in an asset
Birthday Attack
Vulnerability
Patch Management
Multi-Core
38. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)
Least Privilege
Remote Journaling
Smurf
Class
39. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.
Risk Assessment / Analysis
Consistency
Digital Signature
Job Rotation
40. Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization - community - nation - etc
Access Point
Compression
Critical Infrastructure
Targeted Testing
41. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.
Shadowing (file shadowing)
Consistency
Forensic Copy
Authentication
42. OOP concept of an object at runtime
MOM
Surge Suppressor
Instance
Recovery Strategy
43. Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.
Orange Book B2 Classification
Fragmented Data
Degauss
Private Branch Exchange (PBX)
44. A database backup type which records at the transaction level
Cryptology
Contingency Plan
Remote Journaling
Identification
45. Joining two pieces of text
Concatenation
Encapsulation
2-Phase Commit
Job Rotation
46. One method of exercising teams in which participants are challenged to determine the actions they would take in the event of a specific disaster scenario. Mock disasters usually involve all - or most - of the applicable teams.
Multi-Tasking
File
Orange Book B1 Classification
Mock Disaster
47. A backup type - for databases at a point in time
Data Owner
Qualitative
Shadowing (file shadowing)
Processes are Isolated By
48. Mediation of subject and object interactions
Access Control
Due Diligence
Picking
Recovery Period
49. A backup type which creates a complete copy
Strategic
Replication
Accreditation
Key Management
50. A codename that refers to the study and mitigation of information disclosure via electromagnetic emanations from electronic equipment.
Firmware
Electronic Vaulting
TEMPEST
Strong Authentication