SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Reprogrammable basic startup instructions
Gateway
Multi-Core
Simulation
Firmware
2. A mobilized resource purchased or contracted for the purpose of business recovery.
Compensating
Business Interruption Insurance
Mobile Recovery
Convincing
3. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.
Convincing
Orange Book C2 Classification
Administrative Laws
Plaintext
4. A subnetwork with storage devices servicing all servers on the attached network.
Recovery
Cookie
Storage Area Network (SAN)
Marking
5. Program instructions based upon the CPU's specific architecture
E-Mail Spoofing
Mantrap (Double Door System)
Covert Channel
Machine Language (Machine Code)
6. A collection of data or information that has a name
Durability
File
Worm
ISO/IEC 27002
7. Recording the Who What When Where How of evidence
Business Interruption
Cryptovariable
Chain Of Custody
Digital Signature
8. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives
Shift Cipher (Caesar)
Memory Management
User Mode (problem or program state)
Disaster Recovery Tape
9. A mathematical tool for verifying no unintentional changes have been made
Checksum
Noise
System Life Cycle
3 Types of harm Addressed in computer crime laws
10. Measures followed to restore critical functions following a security incident.
Orange Book A Classification
Burn
Recovery
Territoriality
11. A programming device use in development to circumvent controls
Trapdoors (Backdoors) (Maintenance Hooks)
Tracking
Compression
Redundant Array Of Independent Drives (RAID)
12. A social engineering attack that uses spoofed email or websites to persuade people to divulge information.
False (False Positive)
Alert
Phishing
Firmware
13. Intellectual property protection for an confidential and critical process
Orange Book D Classification
Trade Secret
Disaster Recovery Plan
Job Rotation
14. System of law based upon precedence - with major divisions of criminal - tort - and administrative
Common Law
Pervasive Computing and Mobile Computing Devices
Satellite
Redundant Servers
15. Standard for the establishment - implementation - control - and improvement of the Information Security Management System
Maximum Tolerable Downtime (MTD)
Worldwide Interoperability for Microwave Access (WI-MAX )
ISO/IEC 27001
On-Site
16. Written suggestions that direct choice to a few alternatives
Spyware
Brownout
Data Backup Strategies
Guidelines
17. A group or network of honeypots
Due Diligence
Hub
Common Law
Honeynet
18. Summary of a communication for the purpose of integrity
Noise
Message Digest
Adware
CobiT
19. Continuous surveillance - to provide for detection and response of any failure in preventive controls.
Cryptology
Monitor
Restoration
Digital Signature
20. The partial or full duplication of data from a source database to one or more destination databases.
Elements of Negligence
Storage Area Network (SAN)
Mobile Site
Database Replication
21. Some systems are actually run at the alternate site
Quantitative Risk Analysis
Due Care
3 Types of harm Addressed in computer crime laws
Parallel Test
22. OOP concept of a distinct copy of the class
Instance
Object
Plain Text
Recovery Strategy
23. A control before attack
Safeguard
Hash Function
Authentic
Rogue Access Points
24. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.
Multi-Core
Race Condition
Residual Data
Confidence Value
25. With enough computing power trying all possible combinations
Brute Force
Business Continuity Planning (BCP)
Warm Site
Checkpoint
26. Unauthorized wireless network access device.
Certificate Revocation List (CRL)
Information Risk Management (IRM)
Hearsay Evidence
Rogue Access Points
27. Code making
Walk Though
Code
Cryptography
Man-In-The-Middle Attack
28. Quantity of risk remaining after a control is applied
Residual Risk
Data Backups
Authentic
Interference (Noise)
29. Policy or stated actions
Due Care
Information Risk Management (IRM)
Conflict Of Interest
Integrated Test
30. Security policy - procedures - and compliance enforcement
Operational Test
MOM
Examples of non-technical security components
Distributed Processing
31. Transaction controls for a database - a return to a previous state
Rollback
Cipher Text
Remote Journaling
Asymmetric
32. Planning for the delegation of authority required when decisions must be made without the normal chain of command
Multilevel Security System
Executive Succession
Polyalphabetic
Quantitative Risk Analysis
33. Scrambled form of the message or data
Protection
Cipher Text
Business Recovery Team
Simulation Test
34. A software design technique for abstraction of a process
Key Clustering
Business Recovery Timeline
Data Hiding
Exercise
35. The risk that remains after management implements internal controls - or some other response to risk - (Threats x Vulnerability x Asset Value) x Controls Gap = Residual Risk
Residual Risk
Kernel
Physical Tampering
Discretionary Access Control (DAC)
36. Converts a high level language into machine language
Compensating
Assembler
Database Replication
Accreditation
37. A system that enforces an access control policy between two networks.
Privacy Laws
JPEG (Joint Photographic Experts Group)
Firewalls
Operational Exercise
38. OOP concept of a class's details to be hidden from object
Strategic
Encapsulation
Spiral
Capability Tables
39. Requires two of the three user authentication attributes (knows - is or has) - e.g. you have an ATM card and enter a PIN
Security Kernel
Bollard
Strong Authentication
Concentrator
40. Information about data or records
Elements of Negligence
Territoriality
Deadlock
Metadata
41. Eight bits.
Byte
Multi-Programming
Multi-Tasking
Data Owner
42. A description of a database
Hacker
Data Dictionary
Security Clearance
Discretionary
43. The core logic engine of an operating system which almost never changes
Desk Check Test
Business Interruption
Business Impact Analysis
Kernel
44. A process state - to be either be unable to run waiting for an external event or terminated
Proprietary
Job Training
Territoriality
Stopped
45. Pertaining to law - verified as real
Authentic
ISO/IEC 27002
Central Processing Unit (CPU)
Job Training
46. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.
Strong Authentication
Standalone Test
Forward Recovery
Hacker
47. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.
Threat Agent
Brownout
Critical Records
Burn
48. Process of statistically testing a data set for the likelihood of relevant information.
Keyed-Hashing For Message Authentication
Sampling
Multi-Core
Stopped
49. To segregate for the purposes of labeling
5 Rules Of Evidence
Contact List
Compartmentalize
Checklist Test (desk check)
50. Malware that makes many small changes over time to a single data point or system
Salami
Pervasive Computing and Mobile Computing Devices
CPU Cache
Relocation