SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Objects or programming that looks the different but act same
Discretionary Access Control (DAC)
Running
TIFF (Tagged Image File Format)
Polymorphism
2. A collection of information designed to reduce duplication and increase integrity
Incident Response
Databases
Mobile Site
Blind Testing
3. Organization way of classifying data by factors such as criticality - sensitivity and ownership.
Operational Test
Risk Mitigation
Surge Suppressor
Classification Scheme
4. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.
Radio Frequency Interference (RFI)
Electronic Vaulting
Recovery Time Objectives
Admissible
5. Amount of time for restoring a business process or function to normal operations without major loss
Maximum Tolerable Downtime (MTD)
Algorithm
Debriefing/Feedback
Critical Infrastructure
6. A trusted issuer of digital certificates
Emanations
Certification Authority
Alarm Filtering
Modems
7. Business and technical process of applying security software updates in a regulated periodic way
Non-Discretionary Access Control
Patch Management
Multilevel Security System
Threats
8. Recovery alternative - everything needed for the business function - except people and last backup
Code
Hot Site
Administrative Access Controls
Business Unit Recovery
9. Independent malware that requires user interaction to execute
Business Continuity Steering Committee
Virus
Burn
Parallel Test
10. Key
Cryptovariable
Job Training
Integrated Test
Internal Use Only
11. Define the way in which the organization operates.
Safeguard
Proprietary
Accountability
Deadlock
12. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity
Access Control Matrix
Satellite
Site Policy Awareness
High-Risk Areas
13. Policy or stated actions
Due Care
Redundant Array Of Independent Drives (RAID)
Electronic Vaulting
Log
14. Vehicle stopping object
Structured Walkthrough
Codec
Bollard
Method
15. A program with an inappropriate second purpose
Durability
One Time Pad
Modification
Trojan Horse
16. Inappropriate data
Mitigate
Security Blueprint
Malformed Input
Call Tree
17. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.
Preemptive
Cryptanalysis
Forward Recovery
Basics Of Secure Design
18. More than one process in the middle of executing at a time
Identification
Multi-Tasking
Interference (Noise)
IP Fragmentation
19. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.
Plan Maintenance Procedures
Patch Management
Trusted Computing Base
Forensic Copy
20. The managerial approval to operate a system based upon knowledge of risk to operate
Mixed Law System
Active Data
CobiT
Accreditation
21. An access policy that uses a security label system. Users have clearances - and resources have security labels that contain data classifications. MAC compares these two attributes to determine access control capabilies - most commonly used in governm
Near Site
Mandatory Access Control (MAC)
Hijacking
Risk Assessment / Analysis
22. Subset of operating systems components dedicated to protection mechanisms
Security Kernel
Data Integrity
Framework
Mitigate
23. Recovery alternative - complete duplication of services including personnel
Crisis
Incident
Mirrored Site
Burn
24. OOP concept of an object's abilities - what it does
Method
Integrated Test
Brute Force
Workaround Procedures
25. Object based description of a single resource and the permission each subject
Data Custodian
Denial Of Service
Access Control Lists
Primary Storage
26. A protocol for the efficient transmission of voice over the Internet
Targeted Testing
Brouter
Voice Over IP (VOIP)
Radio Frequency Interference (RFI)
27. Effort/time needed to overcome a protective measure
Work Factor
Capability Tables
Quantitative Risk Analysis
State Machine Model
28. A choice in risk management - to convince another to assume risk - typically by payment
CobiT
Birthday Attack
Chain of Custody
Transfer
29. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.
Distributed Processing
Watermarking
Key Management
Burn
30. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.
Threads
Metadata
Remote Journaling
Satellite
31. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements
Object Oriented Programming (OOP)
TNI (Red Book)
Aggregation
Multiplexers
32. One entity with two competing allegiances
Initialization Vector
Conflict Of Interest
Orange Book C Classification
Spam
33. The restoration of computer files from backup media to restore programs and production data to the state that existed at the time of the last safe backup.
Business Unit Recovery
Cryptovariable
Tort
Data Recovery
34. Planning for the delegation of authority required when decisions must be made without the normal chain of command
Business Continuity Planning (BCP)
Executive Succession
CPU Cache
Packet Filtering
35. The level and label given to an individual for the purpose of compartmentalization
Security Clearance
Detective
Remote Journaling
Cryptology
36. Return to a normal state
Botnet
Complete
Education
Recovery
37. To start business continuity processes
Legacy Data
Tactical
Archival Data
Activation
38. A covert storage channel on the file attribute
Remote Journaling
Evidence
Declaration
Alternate Data Streams (File System Forks)
39. For PKI - decertify an entities certificate
Running Key
Revocation
Covert Channel
Compartmentalize
40. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).
Standard
Containment
Data Recovery
Discretionary Access Control (DAC)
41. Summary of a communication for the purpose of integrity
Message Digest
Cryptanalysis
Off-Site Storage
Due Care
42. Interception of a communication session by an attacker.
Hijacking
Information Flow Model
Hot Spares
Patent
43. Substitution at the word or phrase level
Multi-Tasking
Code
Spam
Cache
44. The core of a computer that calculates
Simulation
Radio Frequency Interference (RFI)
Highly Confidential
Central Processing Unit (CPU)
45. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives
Memory Management
Cryptology
Admissible
Transfer
46. A layer 2 device that used to connect two network segments and regulate traffic.
Inheritance
Site Policy Awareness
Bridge
Due Care
47. Granular decision by a system of permitting or denying access to a particular resource on the system
Authorization
Secondary Storage
CobiT
Multi-Core
48. A software design technique for abstraction of a process
Mirroring
SQL Injection
Routers
Data Hiding
49. Real-time data backup ( Data Mirroring)
Trade Secret
Modification
Database Shadowing
File Level Deletion
50. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities
Initialization Vector
Orange Book B1 Classification
BCP Testing Drills and Exercises
Multi-Party Control