SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Only the key protects the encrypted information
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
2. Total number of keys available that may be selected by the user of a cryptosystem
Key Space
Denial Of Service
Access Control Attacks
Residual Risk
3. A device that converts between digital and analog representation of data.
Steganography
Modems
Spam
Rollback
4. Information about a particular data set
Electromagnetic Interference (EMI)
Metadata
Boot (V.)
Injection
5. A trusted issuer of digital certificates
CPU Cache
Certification Authority
Satellite
Distributed Processing
6. The core of a computer that calculates
Stopped
Central Processing Unit (CPU)
Education
Isolation
7. Cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components
Proprietary
Cipher Text
Due Care
Masked/Interruptible
8. An activity that is performed for the purpose of training and conditioning team members - and improving their performance.
Shift Cipher (Caesar)
Exercise
Workaround Procedures
Data Leakage
9. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.
Due Care
Payload
Business Unit Recovery
Concatenation
10. Malware that makes many small changes over time to a single data point or system
Application Programming Interface
Atomicity
Salami
Critical Infrastructure
11. Potentially retrievable data residue that remains following intended erasure of data.
Cookie
Remanence
Vital Record
Gateway
12. Maximum tolerance for loss of certain business function - basis of strategy
Acronym for American Standard Code for Information Interchange (ASCII)
Stopped
Recovery Time Objectives
Full-Interruption test
13. People who interact with assets
Restoration
Recovery Point Objective (RPO)
User
User Mode (problem or program state)
14. Sudden rise in voltage in the power supply.
Multi-Party Control
Surge
Site Policy Awareness
Blackout
15. Just enough access to do the job
Cross-Site Scripting
Information Risk Management (IRM)
Least Privilege
TIFF (Tagged Image File Format)
16. State of computer - to be running a process
State Machine Model
Microwave
Operating
Repeaters
17. Autonomous malware that requires a flaw in a service
Control Type
False (False Positive)
Worm
File Shadowing
18. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)
Interception
JPEG (Joint Photographic Experts Group)
Business Recovery Team
Threads
19. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code
3 Types of harm Addressed in computer crime laws
Electronic Vaulting
Critical Infrastructure
Certificate Revocation List (CRL)
20. A programming design concept which abstracts one set of functions from another in a serialized fashion
Layering
Investigation
Convincing
Sag/Dip
21. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.
Cross-Site Scripting
Emergency
Processes are Isolated By
Non-Interference
22. The property that data meet with a priority expectation of quality and that the data can be relied upon.
Data Integrity
Brownout
Method
Business Records
23. With enough computing power trying all possible combinations
Alternate Site
Brute Force
Encapsulation
Multi-Processor
24. Potential danger to information or systems
Plain Text
SYN Flooding
Databases
Threats
25. An image compression standard for photographs
Data Diddler
ISO/IEC 27002
Fraggle
JPEG (Joint Photographic Experts Group)
26. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.
Deletion
Qualitative
Pointer
Critical Records
27. Real-time data backup ( Data Mirroring)
Boot (V.)
Kerberos
Database Shadowing
Entrapment
28. A structured group of teams ready to take control of the recovery operations if a disaster should occur.
Disaster Recovery Teams (Business Recovery Teams)
Top Secret
Authentication
Multi-Processor
29. A one way - directed graph which indicates confidentiality or integrity flow
User Mode (problem or program state)
Lattice
Business Recovery Timeline
Salami
30. The chance that something negative will occur
Recovery
Risk
Brouter
High-Risk Areas
31. Planning with a goal of returning to the normal business function
Restoration
Business Impact Assessment (BIA)
Generator
TEMPEST
32. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.
Bumping
Polyalphabetic
Preemptive
Disk Mirroring
33. To reduce sudden rises in current
Memory Management
Surge Suppressor
Disaster
Access Point
34. Consume resources to a point of exhaustion - loss of availability
TNI (Red Book)
War Driving
Access Control
Denial Of Service
35. Reduces causes of fire
Full-Interruption test
Walk Though
Operational Impact Analysis
Fire Prevention
36. A BCP testing type - a test that answers the question: Can the organization replicate the business process?
Simulation
Resumption
Hearsay Evidence
Detection
37. Some systems are actually run at the alternate site
Security Kernel
Parallel Test
Analysis
Cryptology
38. Objects or programming that looks the different but act same
Polymorphism
Instance
Policy
Strong Authentication
39. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).
Discretionary Access Control (DAC)
Residual Risk
Accreditation
Secondary Storage
40. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress
Business Unit Recovery
Orange Book B2 Classification
True Attack Stimulus
Isolation
41. The core logic engine of an operating system which almost never changes
Safeguard
Moore's Law
Kernel
Bridge
42. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.
Pervasive Computing and Mobile Computing Devices
Security Domain
System Downtime
Security Blueprint
43. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities
Backup
BCP Testing Drills and Exercises
Teardrop
Proxies
44. A choice in risk management - to implement a control that limits or lessens negative effects
Incident Handling
Honeynet
Examples of technical security components
Mitigate
45. Most granular organization of controls
Control Category
Storage Area Network (SAN)
Worm
Information Owner
46. A process state - (blocked) needing input before continuing
Wait
Codec
Symmetric
File Sharing
47. Periodic - automatic and transparent backup of data in bulk.
Electronic Vaulting
Trojan Horse
Workaround Procedures
Surveillance
48. A computer designed for the purpose of studying adversaries
Decipher
Honeypot
Admissible
Boot (V.)
49. Wrong against society
Criminal Law
Brute Force
Capability Tables
Hash Function
50. Recovery alternative which includes cold site and some equipment and infrastructure is available
Mandatory
Consistency
Data Integrity
Warm Site