SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.
Noise
Masked/Interruptible
Operational Impact Analysis
IP Fragmentation
2. State of computer - to be running a process
Safeguard
Operating
Electronic Vaulting
Forensic Copy
3. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives
Memory Management
Electrostatic Discharge
Generator
Emergency
4. Responsibility of a user for the actions taken by their account which requires unique identification
Patch Management
Faraday Cage/ Shield
Alternate Site
Accountability
5. Two certificate authorities that trust each other
Cross Certification
Digital Signature
Faraday Cage/ Shield
Noise
6. A device that provides the functions of both a bridge and a router.
Brouter
Admissible
Content Dependent Access Control
Data Backup Strategies
7. May be responsible for overall recovery of an organization or unit(s).
Encryption
DR Or BC Coordinator
Central Processing Unit (CPU)
Bollard
8. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.
Cross-Site Scripting
Processes are Isolated By
Privacy Laws
Firewall
9. Weakness or flaw in an asset
Brownout
Risk Mitigation
Recovery Period
Vulnerability
10. Subset of operating systems components dedicated to protection mechanisms
Recovery Time Objectives
Mobile Recovery
Electromagnetic Interference (EMI)
Security Kernel
11. OOP concept of a class's details to be hidden from object
Encapsulation
Civil Law
Inheritance
Threats
12. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems
Checklist Test
Acronym for American Standard Code for Information Interchange (ASCII)
Disaster Recovery Tape
Alternate Data Streams (File System Forks)
13. Summary of a communication for the purpose of integrity
Message Digest
Transfer
Journaling
Mandatory
14. Hitting a filed down key in a lock with a hammer to open without real key
HTTP Response Splitting
Exposure
Rootkit
Bumping
15. Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).
Incident Response Team
Disaster Recovery Tape
Digital Signature
Degauss
16. Someone who wants to cause harm
Recovery Period
Attacker (Black hat - Hacker)
Total Risk
Deletion
17. An attack involving the hijacking of a TCP session by predicting a sequence number.
Sequence Attacks
Security Kernel
Symmetric
Log
18. Ertaining to a number system that has just two unique digits.
Binary
Access Control Lists
Sequence Attacks
TIFF (Tagged Image File Format)
19. Potentially retrievable data residue that remains following intended erasure of data.
Central Processing Unit (CPU)
Administrative Laws
Layering
Remanence
20. Recovery alternative - short-term - high cost movable processing location
Mobile Site
Byte
Accreditation
Source Routing Exploitation
21. Reduction of voltage by the utility company for a prolonged period of time
Standard
Brownout
Work Factor
Classification
22. Physical description on the exterior of an object that communicates the existence of a label
Encapsulation
Control
Non-Discretionary Access Control
Marking
23. Planning with a goal of returning to the normal business function
Restoration
File
Inheritance
Security Kernel
24. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.
Business Recovery Timeline
Wireless Fidelity (Wi-Fi )
Computer Forensics
Vulnerability
25. A hash that has been further encrypted with a symmetric algorithm
Keyed-Hashing For Message Authentication
High-Risk Areas
Risk Assessment
System Life Cycle
26. A document designed to periodically exercise specific action tasks and procedures to ensure viability in a real disaster or severe outage situation.
Mandatory
Test Plan
Business Impact Analysis
Protection
27. Vehicle stopping object
Certificate Revocation List (CRL)
Custodian
Bollard
Concatenation
28. After being seized - the investigator should make a bit mirror image copy of the storage media before doing anything else.
Isolation
Wait
Computer System Evidence
Kernel
29. System mediation of access with the focus on the context of the request
Key Management
User
Business Impact Assessment (BIA)
Content Dependent Access Control
30. Evidence must be: admissible - authentic - complete - accurate - and convincing
5 Rules Of Evidence
TIFF (Tagged Image File Format)
SQL Injection
Plain Text
31. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.
Malformed Input
Cryptology
Fault
Active Data
32. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.
TIFF (Tagged Image File Format)
Framework
Isolation
Cross-Site Scripting
33. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.
Call Tree
Due Care
Disaster Recovery Teams (Business Recovery Teams)
Incident
34. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).
Framework
Repeaters
Algorithm
Complete
35. A Denial of Service attack that exploits packet filter firewalls that only inspect the initial fragment of a fragmented packet.
Interception
Contingency Plan
Emergency Operations Center (EOC)
Overlapping Fragment Attack
36. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid
Entrapment
Civil Law
Security Blueprint
Exercise
37. Unsolicited commercial email
Spam
Metadata
Hash Function
Central Processing Unit (CPU)
38. Joining two pieces of text
Concatenation
Firewall
Relocation
Wireless Fidelity (Wi-Fi )
39. A backup of data located where staff can gain access immediately
Checklist Test (desk check)
Bridge
On-Site
Incident Response Team
40. Pertaining to law - verified as real
Multi-Processing
Cipher Text
Authentic
Mission-Critical Application
41. Provides a physical cross connect point for devices.
Desk Check Test
Patch Panels
CPU Cache
Embedded
42. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor
DR Or BC Coordinator
Slack Space
State Machine Model
Coaxial Cable
43. People protect their domain
Twisted Pair
Coaxial Cable
Territoriality
Race Condition
44. Converts a high level language into machine language
Assembler
Tapping
Voice Over IP (VOIP)
Activation
45. Loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.
Internal Use Only
ISO/IEC 27002
Data Diddler
Mission-Critical Application
46. OOP concept of a taking attributes from the original or parent
Inheritance
Information Flow Model
Identification
Alarm Filtering
47. Memory management technique which allows subjects to use the same resource
Data Marts
Sharing
Repeaters
Processes are Isolated By
48. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.
Worldwide Interoperability for Microwave Access (WI-MAX )
Data Diddler
Data Custodian
System Downtime
49. A device that converts between digital and analog representation of data.
Modems
DR Or BC Coordinator
File Sharing
Residual Data
50. Amount of time for restoring a business process or function to normal operations without major loss
The ACID Test
Maximum Tolerable Downtime (MTD)
Cross Certification
SYN Flooding