SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."
Incident Response Team
Mock Disaster
Digital Signature
Disaster Recovery Tape
2. Small data files written to a user's hard drive by a web server.
TIFF (Tagged Image File Format)
Accountability
Cookie
Information Flow Model
3. Malware that makes many small changes over time to a single data point or system
Infrastructure
Access Control Lists
Salami
Collisions
4. A planned or unplanned interruption in system availability.
Spam
Secondary Storage
System Downtime
Directive
5. A collection of information designed to reduce duplication and increase integrity
Bridge
Assembler
Coaxial Cable
Databases
6. Granular decision by a system of permitting or denying access to a particular resource on the system
Journaling
Authorization
Custodian
Private Branch Exchange (PBX)
7. Less granular organization of controls -
Control Type
Application Programming Interface
Cross Training
Firewall
8. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.
Network Attached Storage (NAS)
File Level Deletion
Instance
Risk Assessment / Analysis
9. A mobilized resource purchased or contracted for the purpose of business recovery.
Checksum
Mobile Recovery
Operational
Memory Management
10. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.
DR Or BC Coordinator
Vital Record
Business Recovery Team
Threat Agent
11. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.
Near Site
Change Control
Technical Access Controls
2-Phase Commit
12. Most granular organization of controls
Layering
Control Category
Investigation
TIFF (Tagged Image File Format)
13. Recording activities at the keyboard level
Picking
Keystroke Logging
Botnet
Object
14. A layer 2 device that used to connect two network segments and regulate traffic.
Corrective
Active Data
Certificate Revocation List (CRL)
Bridge
15. Control category- to restore to a previous state by removing the adversary and or the results of their actions
Trojan Horse
JPEG (Joint Photographic Experts Group)
Corrective
Mandatory Vacations
16. Record history of incident
Tracking
War Dialing
Disaster Recovery Plan
Message Digest
17. To create a copy of data as a precaution against the loss or damage of the original data.
Redundant Array Of Independent Drives (RAID)
Structured Walkthrough
Backup
State Machine Model
18. Memory management technique which allows data to be moved from one memory address to another
Databases
Relocation
Critical Infrastructure
Structured Walk-Through Test
19. A device that converts between digital and analog representation of data.
War Driving
Revocation
Payload
Modems
20. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.
Administrative Laws
State Machine Model
Custodian
Analysis
21. A control before attack
Hot Site
Administrative Laws
Safeguard
Forward Recovery
22. A covert storage channel on the file attribute
Alternate Data Streams (File System Forks)
Strategic
Privacy Laws
Intrusion Prevention Systems
23. Key
Redundant Array Of Independent Drives (RAID)
Cryptovariable
File Server
Multi-Party Control
24. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.
The ACID Test
Incident Manager
Recovery Point Objective (RPO)
Inrush Current
25. To jump to a conclusion
Botnet
Privacy Laws
Inference
Process Isolation
26. Notification that a potential disaster situation exists or has occurred; direction for recipient to stand by for possible activation of disaster recovery plan.
Spiral
Critical Infrastructure
Alert
Orange Book B1 Classification
27. For PKI - to have more than one person in charge of a sensitive function
Recovery Time Objectives
Chain Of Custody
Access Control Lists
Multi-Party Control
28. Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization - community - nation - etc
Codec
Fire Classes
Critical Infrastructure
Need-To-Know
29. Outputs within a given function are the same result
Transfer
Criminal Law
Collisions
Fire Detection
30. Quantity of risk remaining after a control is applied
Residual Risk
Marking
Capability Tables
Sag/Dip
31. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.
Checkpoint
Copyright
Security Kernel
Forward Recovery
32. Requirement of access to data for a clearly defined purpose
Generator
Running Key
Multi-Processing
Need-To-Know
33. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.
TIFF (Tagged Image File Format)
File Extension
Smurf
IP Address Spoofing
34. Creation distribution update and deletion
Key Management
Uninterruptible Power Supply (UPS)
Firewalls
Key Space
35. Third party processes used to organize the implementation of an architecture
Procedure
Framework
Hearsay Evidence
Identification
36. A document designed to periodically exercise specific action tasks and procedures to ensure viability in a real disaster or severe outage situation.
Test Plan
Cipher Text
Steganography
Remote Journaling
37. High level design or model with a goal of consistency - integrity - and balance
Wireless Fidelity (Wi-Fi )
High-Risk Areas
Security Kernel
Architecture
38. A committee of decision makers - business owners - technology experts and continuity professionals - tasked with making strategic recovery and continuity planning decisions for the organization.
Authentic
Access Control Lists
Business Continuity Steering Committee
Radio Frequency Interference (RFI)
39. Forgery of the sender's email address in an email header.
Electronic Vaulting
Mission-Critical Application
Spam
E-Mail Spoofing
40. Ertaining to a number system that has just two unique digits.
Access Control Matrix
Service Bureau
Binary
Threats
41. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.
Parallel Test
Control
Twisted Pair
Access Control Attacks
42. High degree of visual control
Surveillance
Disaster Recovery Teams (Business Recovery Teams)
Identification
Chain Of Custody
43. Amount of time for restoring a business process or function to normal operations without major loss
Security Kernel
File Server
Civil Or Code Law
Maximum Tolerable Downtime (MTD)
44. Consume resources to a point of exhaustion - loss of availability
Denial Of Service
Disaster Recovery Teams (Business Recovery Teams)
Noise
Change Control
45. Uses two or more legal systems
Patch Management
Fault
Mixed Law System
Firewall
46. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.
Restoration
Business Interruption Insurance
Interference (Noise)
Alert/Alarm
47. Collection of data on business functions which determines the strategy of resiliency
Business Continuity Planning (BCP)
Preemptive
Business Impact Assessment (BIA)
False Attack Stimulus
48. Provides a physical cross connect point for devices.
Disaster Recovery Plan
Masquerading
Remote Journaling
Patch Panels
49. An image compression standard for photographs
The ACID Test
JPEG (Joint Photographic Experts Group)
Fault
Authentic
50. Joining two pieces of text
Sharing
Slack Space
Business Unit Recovery
Concatenation
