SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The first rating that requires security labels
Orange Book B1 Classification
Chain Of Custody
Hub
Restoration
2. Requires two of the three user authentication attributes (knows - is or has) - e.g. you have an ATM card and enter a PIN
Strong Authentication
Data Dictionary
Fault Tolerance
Chain of Custody
3. Information about data or records
Hacker
Security Blueprint
Risk Mitigation
Metadata
4. The level and label given to an individual for the purpose of compartmentalization
Security Clearance
Inheritance
Mandatory Vacations
Safeguard
5. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated
Initialization Vector
Checklist Test (desk check)
User Mode (problem or program state)
Adware
6. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.
Orange Book C2 Classification
Residual Risk
Debriefing/Feedback
Risk Assessment / Analysis
7. OOP concept of a taking attributes from the original or parent
Emergency Procedures
Phishing
Inheritance
File Level Deletion
8. A risk assessment method - intrinsic value
Qualitative
Spam
Corrective
Hacker
9. Fault tolerance for power
Collisions
Key Management
Spam
Generator
10. The problems solving state - the opposite of supervisor mode
SQL Injection
Access Control
User Mode (problem or program state)
Multi-Tasking
11. Statistical probabilities of a collision are more likely than one thinks
Kernel
Salami
Threads
Birthday Attack
12. Written core statements that rarely change
Assembler
Business Impact Assessment (BIA)
Need-To-Know
Policy
13. Control category- to give instructions or inform
TIFF (Tagged Image File Format)
Multi-Core
Threats
Directive
14. Security policy - procedures - and compliance enforcement
Examples of non-technical security components
Top Secret
Inference
Virtual Memory
15. Object based description of a single resource and the permission each subject
Data Diddler
Inheritance
Access Control Lists
Aggregation
16. Key
Cryptovariable
Non-Interference
Parallel Test
Twisted Pair
17. For PKI - decertify an entities certificate
Revocation
Analysis
Physical Tampering
Symmetric
18. Real-time - automatic and transparent backup of data.
Cipher Text
Business Continuity Steering Committee
Remote Journaling
Code
19. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.
Substitution
Masked/Interruptible
Active Data
SQL Injection
20. A signal suggesting a system has been or is being attacked.
Computer System Evidence
Alert/Alarm
Transfer
Tactical
21. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions
Running Key
Memory Management
Resumption
Embedded Systems
22. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.
Memory Management
Satellite
Cryptovariable
Noise
23. Communicate to stakeholders
Debriefing/Feedback
Embedded Systems
Phishing
Declaration
24. A type a computer memory that temporarily stores frequently used information for quick access.
Cache
Fault
Reciprocal Agreement
Accurate
25. Organized group of compromised computers
Security Blueprint
TNI (Red Book)
Blind Testing
Botnet
26. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.
Analysis
Deleted File
Analysis
Revocation
27. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.
Threat Agent
Physical Tampering
Data Leakage
Authorization
28. The document that defines the resources - actions - tasks and data required to manage the business recovery process in the event of a business interruption within the stated disaster recovery goals.
Disaster Recovery Plan
Orange Book B1 Classification
Certification
Generator
29. A distributed system's transaction control that requires updates to complete or rollback
2-Phase Commit
Trojan Horse
Security Clearance
Algorithm
30. Measures followed to restore critical functions following a security incident.
Executive Succession
Ring Protection
Waterfall
Recovery
31. An availability attack - to consume resources to the point of exhaustion from multiple vectors
Separation Of Duties
Distributed Denial Of Service
Vital Record
Corrective
32. Converts source code to an executable
Hub
Common Law
Compiler
Routers
33. A device that converts between digital and analog representation of data.
Backup
Repeaters
Remanence
Modems
34. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.
Civil Law
Data Leakage
Restoration
Fault
35. Claiming another's identity at a physical level
Data Backup Strategies
Compartmentalize
The ACID Test
Masquerading
36. Eavesdropping on network communications by a third party.
Alert
Stopped
Tapping
Safeguard
37. A shield against leakage of electromagnetic signals.
Mobile Site
Faraday Cage/ Shield
Residual Data
Bridge
38. Loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.
Stopped
Full-Interruption test
Buffer Overflow
Internal Use Only
39. Control category- to record an adversary's actions
Detective
Transients
Common Criteria
Multi-Tasking
40. A perpetrator leaves something behind or takes something with them at the scene of a crime
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
41. Natural or human-readable form of message
Plain Text
Repeaters
Policy
Operational Impact Analysis
42. Interception of a communication session by an attacker.
Checkpoint
Quantitative Risk Analysis
System Life Cycle
Hijacking
43. A critical event - which - if not handled in an appropriate manner - may dramatically impact an organization's profitability - reputation - or ability to operate.
Safeguard
Crisis
Alarm Filtering
Walk Though
44. Methodical research of an incident with the purpose of finding the root cause
Investigation
Mandatory
Job Rotation
Information Flow Model
45. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services
Entrapment
Acronym for American Standard Code for Information Interchange (ASCII)
Access Control Lists
Disaster Recovery Tape
46. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.
Reference Monitor
Orange Book A Classification
Domain
Bollard
47. A layer 3 device that used to connect two or more network segments and regulate traffic.
Certificate Revocation List (CRL)
Routers
Detection
3 Types of harm Addressed in computer crime laws
48. A device that sequentially switches multiple analog inputs to the output.
Reciprocal Agreement
Distributed Processing
Multiplexers
Digital Signature
49. Can be statistical (monitor behavior) or signature based (watch for known attacks)
Disaster Recovery Tape
Plaintext
Aggregation
IDS Intrusion Detection System
50. An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business - as well as legal or regulatory impacts.
Mission-Critical Application
Separation Of Duties
Wireless Fidelity (Wi-Fi )
Certification