SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Written suggestions that direct choice to a few alternatives
Trojan Horse
Guidelines
Twisted Pair
Disaster Recovery Teams (Business Recovery Teams)
2. Authentication protocol which only uses symmetric session keys between principals distributed by a 3rd party using different preshared symmetric keys
Bumping
Open Mail Relay Servers
Kerberos
Record Level Deletion
3. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.
Threat Agent
Evidence
Reciprocal Agreement
Electromagnetic Interference (EMI)
4. An unintended communication path
Adware
Trade Secret
Covert Channel
Admissible
5. For PKI - decertify an entities certificate
Revocation
Data Backup Strategies
Hard Disk
Exposure
6. Computing power will double every 18 months
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
7. A mobilized resource purchased or contracted for the purpose of business recovery.
Deleted File
Bit
Investigation
Mobile Recovery
8. Requires two of the three user authentication attributes (knows - is or has) - e.g. you have an ATM card and enter a PIN
Cache
Integrated Test
Hot Spares
Strong Authentication
9. Review of data
Stopped
Control Category
Analysis
Cookie
10. Natural or human-readable form of message
File Extension
Labeling
On-Site
Plain Text
11. A disturbance that degrades performance of electronic devices and electronic communications.
Cross Certification
Civil Or Code Law
Radio Frequency Interference (RFI)
Plaintext
12. More than one process in the middle of executing at a time
Multi-Tasking
Residual Data
Mantrap (Double Door System)
Recovery Strategy
13. Intellectual property management technique for identifying after distribution
Patch Panels
Watermarking
Side Channel Attack
Legacy Data
14. Control category- to record an adversary's actions
Object Oriented Programming (OOP)
Detective
Mandatory Vacations
Masquerading
15. Regular operations are stopped and where processing is moved to the alternate site.
Operational
Full-Interruption test
Interception
Tar Pits
16. The restoration of computer files from backup media to restore programs and production data to the state that existed at the time of the last safe backup.
Forward Recovery
Aggregation
Data Recovery
SQL Injection
17. A mathematical tool for verifying no unintentional changes have been made
Recovery Period
Investigation
Digital Signature
Checksum
18. Objects or programming that looks the different but act same
Conflict Of Interest
Emergency
Polymorphism
Hash Function
19. Asymmetric encryption of a hash of message
Mobile Recovery
Territoriality
File Sharing
Digital Signature
20. Two certificate authorities that trust each other
Procedure
Cross Certification
Orange Book C2 Classification
File Shadowing
21. Substitution at the word or phrase level
Information Flow Model
Code
Containment
Restoration
22. Short period of low voltage.
Maximum Tolerable Downtime (MTD)
Safeguard
Disaster Recovery Tape
Sag/Dip
23. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.
Redundant Array Of Independent Drives (RAID)
IDS Intrusion Detection System
Concentrator
Hard Disk
24. Narrow scope examination of a system
Fault Tolerance
Hijacking
Targeted Testing
Time Of Check/Time Of Use
25. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.
High-Risk Areas
Plain Text
Restoration
Classification
26. Standard for the establishment - implementation - control - and improvement of the Information Security Management System
Sniffing
Exercise
Patent
ISO/IEC 27001
27. OOP concept of an object's abilities - what it does
Security Kernel
Spiral
Evidence
Method
28. Abstract and mathematical in nature - defining all possible states - transitions and operations
Protection
Remote Journaling
State Machine Model
Sharing
29. Creation distribution update and deletion
Key Management
Archival Data
File Shadowing
Total Risk
30. The document that defines the resources - actions - tasks and data required to manage the business recovery process in the event of a business interruption within the stated disaster recovery goals.
Multi-Core
Attacker (Black hat - Hacker)
Disaster Recovery Plan
Information Technology Security Evaluation Criteria - ITSEC
31. Act of luring an intruder and is legal.
Spam
Enticement
Remote Access Trojan
BCP Testing Drills and Exercises
32. Used to code/decode a digital data stream.
Codec
Recovery
Private Branch Exchange (PBX)
Multi-Tasking
33. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.
Encryption
Binary
Framework
Checklist Test (desk check)
34. A system that enforces an access control policy between two networks.
Hearsay Evidence
Keyed-Hashing For Message Authentication
Firewalls
Storage Area Network (SAN)
35. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.
Analysis
Pervasive Computing and Mobile Computing Devices
Access Point
Data Custodian
36. The event signaling an IDS to produce an alarm when no attack has taken place
Keystroke Logging
Mirroring
Electrostatic Discharge
False Attack Stimulus
37. A form of data hiding which protects running threads of execution from using each other's memory
Alarm Filtering
Analysis
Cipher Text
Process Isolation
38. Something that happened
Event
Remanence
Service Bureau
Access Point
39. A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the security policy
False (False Positive)
Firmware
Restoration
SQL Injection
40. Written core statements that rarely change
Policy
System Downtime
Isolation
BCP Testing Drills and Exercises
41. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.
Strong Authentication
Multi-Party Control
One Time Pad
Object Oriented Programming (OOP)
42. A group or network of honeypots
Honeynet
Operational
Off-Site Storage
Interpreter
43. A program that waits for a condition or time to occur that executes an inappropriate activity
Guidelines
Data Diddler
Prevention
Logic Bomb
44. A layer 2 device that used to connect two or more network segments and regulate traffic.
Switches
Non-Discretionary Access Control
Administrative Laws
Computer System Evidence
45. Specific format of technical and physical controls that support the chosen framework and the architecture
Alternate Data Streams (File System Forks)
CobiT
Recovery
Infrastructure
46. A documented battle plan for coordinating response to incidents.
Data Warehouse
Alternate Data Streams (File System Forks)
Incident Handling
Hacker
47. A test conducted on one or more components of a plan under actual operating conditions.
Admissible
DR Or BC Coordinator
Remanence
Operational Test
48. Use of specialized techniques for recovery - authentication - and analysis of electronic data
Computer Forensics
Embedded Systems
Trusted Computing Base
Key Escrow
49. Define the way in which the organization operates.
Cross Training
Control Category
Proprietary
ISO/IEC 27002
50. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.
Substitution
Shift Cipher (Caesar)
Disk Mirroring
Critical Records