SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Impossibility of denying authenticity and identity
Business Continuity Program
Disaster Recovery Teams (Business Recovery Teams)
Total Risk
Non-Repudiation
2. Third party processes used to organize the implementation of an architecture
Digital Signature
Civil Or Code Law
Framework
Countermeasure
3. Standard for the establishment - implementation - control - and improvement of the Information Security Management System
ISO/IEC 27001
Cross-Site Scripting
CobiT
Restoration
4. Summary of a communication for the purpose of integrity
Data Hiding
Message Digest
Public Key Infrastructure (PKI)
Recovery
5. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals
Non-Discretionary Access Control
Targeted Testing
Masked/Interruptible
Fire Classes
6. Mediates communication between un-trusted hosts on behalf of the hosts that it protects.
Proxies
Packet Filtering
Fire Prevention
Framework
7. A test conducted on one or more components of a plan under actual operating conditions.
UPS
Risk
Keyed-Hashing For Message Authentication
Operational Test
8. Memory management technique that allows two processes to run concurrently without interaction
Protection
Information Technology Security Evaluation Criteria - ITSEC
Orange Book C Classification
Identification
9. Long term knowledge building
Highly Confidential
Education
Redundant Array Of Independent Drives (RAID)
Primary Storage
10. System of law based upon what is good for society
Civil Or Code Law
Collisions
5 Rules Of Evidence
Control Category
11. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.
Microwave
Algorithm
Emergency Operations Center (EOC)
Security Clearance
12. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists
Criminal Law
Business Records
Patent
Object Reuse
13. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives
Injection
Total Risk
Memory Management
Encipher
14. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.
Boot (V.)
Checkpoint
Radio Frequency Interference (RFI)
Business Recovery Timeline
15. To break a business process into separate functions and assign to different people
Hijacking
Administrative
HTTP Response Splitting
Separation Of Duties
16. Define the way in which the organization operates.
Total Risk
Proprietary
Critical Infrastructure
Tracking
17. For PKI - to have more than one person in charge of a sensitive function
Executive Succession
Voice Over IP (VOIP)
Multi-Party Control
Operating
18. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.
Worldwide Interoperability for Microwave Access (WI-MAX )
Public Key Infrastructure (PKI)
Cryptanalysis
Multi-Tasking
19. Control category- to record an adversary's actions
Mandatory Vacations
Common Criteria
Detective
Checkpoint
20. Uncleared buffers or media
Work Factor
Operational Test
Object Reuse
Identification
21. Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).
Degauss
Transients
Discretionary
TEMPEST
22. A world-wide wireless technology
One Time Pad
Wireless Fidelity (Wi-Fi )
Architecture
Due Diligence
23. An attack involving the hijacking of a TCP session by predicting a sequence number.
Sequence Attacks
Non-Discretionary Access Control
Coaxial Cable
Hearsay Evidence
24. To assert or claim credentialing to an authentication system
Debriefing/Feedback
Identification
Stopped
Recovery Time Objectives
25. A perpetrator leaves something behind or takes something with them at the scene of a crime
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
26. Requirement to take time off
Mandatory Vacations
Masquerading
Archival Data
Electromagnetic Interference (EMI)
27. A program that waits for a condition or time to occur that executes an inappropriate activity
Surge
Analysis
Cache
Logic Bomb
28. Tool which mediates access
Bridge
Control
Multi-Processor
Primary Storage
29. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.
Decipher
Spam
Cryptanalysis
Pervasive Computing and Mobile Computing Devices
30. To know more than one job
Access Point
Cross Training
Plain Text
Reference Monitor
31. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.
Elements of Negligence
Firmware
Encryption
Service Bureau
32. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.
Guidelines
Burn
Inrush Current
Orange Book B2 Classification
33. OOP concept of a template that consist of attributes and behaviors
Class
TIFF (Tagged Image File Format)
Waterfall
Coaxial Cable
34. Mediation of covert channels must be addressed
Tactical
War Driving
Birthday Attack
Information Flow Model
35. Eavesdropping on network communications by a third party.
Sniffing
Elements of Negligence
Coaxial Cable
Log
36. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.
Hard Disk
Recovery Strategy
Data Marts
Civil Law
37. Recovery alternative - a building only with sufficient power - and HVAC
Cold Site
Polymorphism
Orange Book B2 Classification
Certification Authority
38. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).
Discretionary Access Control (DAC)
Reciprocal Agreement
Encryption
One Time Pad
39. Outputs within a given function are the same result
Checkpoint
Fault Tolerance
Collisions
File Shadowing
40. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.
Business Recovery Team
Basics Of Secure Design
Discretionary
Data Custodian
41. A program with an inappropriate second purpose
Spyware
Trojan Horse
Moore's Law
Durability
42. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.
Twisted Pair
Patent
Hacker
Method
43. Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.
Fragmented Data
High-Risk Areas
Keyed-Hashing For Message Authentication
Security Kernel
44. Communicate to stakeholders
Rollback
Analysis
Debriefing/Feedback
Protection
45. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.
Internal Use Only
Data Backup Strategies
Business Continuity Steering Committee
Trade Secret
46. Cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components
Access Control
Running
Masked/Interruptible
Administrative Access Controls
47. Program that inappropriately collects private data or activity
Byte Level Deletion
Spyware
Quantitative
Examples of non-technical security components
48. Recording the Who What When Where How of evidence
Chain Of Custody
Emergency
Crisis
Dictionary Attack
49. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing
Mandatory
Polymorphism
Technical Access Controls
Basics Of Secure Design
50. A shield against leakage of electromagnetic signals.
Faraday Cage/ Shield
Site Policy Awareness
Cryptanalysis
Investigation