SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Memory management technique which allows subjects to use the same resource
Keyed-Hashing For Message Authentication
Digital Certificate
Sharing
Smurf
2. Is secondhand and usually not admissible in court
Bumping
Hearsay Evidence
Cross-Site Scripting
Salami
3. Reduction of voltage by the utility company for a prolonged period of time
User
Call Tree
Brownout
E-Mail Spoofing
4. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.
Disk Mirroring
Multi-Core
Time Of Check/Time Of Use
Electrostatic Discharge
5. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services
Access Control Lists
Fiber Optics
IP Fragmentation
Business Interruption Insurance
6. Potentially compromising leakage of electrical or acoustical signals.
Attacker (Black hat - Hacker)
Instance
Administrative Law
Emanations
7. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions
Acronym for American Standard Code for Information Interchange (ASCII)
Electromagnetic Interference (EMI)
Cryptography
Resumption
8. OOP concept of a taking attributes from the original or parent
Standard
Degauss
Inheritance
Algorithm
9. Creation distribution update and deletion
Key Management
Key Clustering
Firmware
Mission-Critical Application
10. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.
Monitor
Multilevel Security System
Redundant Servers
Business Continuity Steering Committee
11. People protect their domain
Preemptive
Territoriality
Data Dictionary
Transfer
12. Business activities or information that could not be interrupted or unavailable for several business days without significantly jeopardizing operation of the organization.
Digital Signature
Critical Functions
Cold Site
Faraday Cage/ Shield
13. Inference about encrypted communications
Business Impact Analysis
Enticement
Side Channel Attack
Secondary Storage
14. Location where coordination and execution of BCP or DRP is directed
Rogue Access Points
Emergency Operations Center (EOC)
Disaster Recovery Teams (Business Recovery Teams)
Workaround Procedures
15. The principles a person sets for themselves to follow
Ethics
Analysis
Interception
Labeling
16. Pertaining to law - high degree of veracity
Hearsay Evidence
Accurate
Operational Test
Cross Training
17. The study of cryptography and cryptanalysis
Race Condition
Discretionary
Cryptology
Metadata
18. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).
Repeaters
Domain
Business Continuity Planning (BCP)
Logic Bomb
19. A program with an inappropriate second purpose
TEMPEST
Maximum Tolerable Downtime (MTD)
Trojan Horse
Education
20. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive
Concatenation
Virtual Memory
Security Kernel
Race Condition
21. To move from location to location - keeping the same function
Plaintext
Electronic Vaulting
Damage Assessment
Job Rotation
22. A type of attack involving attempted insertion - deletion or altering of data.
Repeaters
Packet Filtering
Modification
Phishing
23. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.
Redundant Array Of Independent Drives (RAID)
Mirroring
Workaround Procedures
Asymmetric
24. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.
Authentication
Critical Records
Alarm Filtering
Capability Tables
25. More than one CPU on a single board
Inference
Inrush Current
Multi-Core
Multi-Tasking
26. Recovery alternative - a building only with sufficient power - and HVAC
Reciprocal Agreement
Mandatory
Cold Site
Data Marts
27. A choice in risk management - to convince another to assume risk - typically by payment
Restoration
Degauss
Reference Monitor
Transfer
28. A trusted issuer of digital certificates
Salami
Certification Authority
Control
TNI (Red Book)
29. False memory reference
Security Kernel
Encryption
File Level Deletion
Dangling Pointer
30. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.
Recovery Period
Codec
SYN Flooding
Worldwide Interoperability for Microwave Access (WI-MAX )
31. Deals with discretionary protection
Orange Book C Classification
Active Data
Teardrop
Alert
32. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.
File Server
Change Control
Security Kernel
File Shadowing
33. Summary of a communication for the purpose of integrity
Exposure
Authentication
Message Digest
Discretionary
34. Mediation of covert channels must be addressed
Attacker (Black hat - Hacker)
Hacker
Noise
Information Flow Model
35. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity
Hijacking
Site Policy Awareness
CobiT
Layering
36. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.
Ethics
Evidence
Privacy Laws
False Attack Stimulus
37. Requirement of access to data for a clearly defined purpose
Need-To-Know
Access Point
Multi-Processor
Enticement
38. Line by line translation from a high level language to machine code
Locard's Principle
Incident
Interpreter
TEMPEST
39. Information which has retained its importance - but which has been created or stored by software/hardware that has been rendered obsolete.
Key Clustering
Chain Of Custody
Legacy Data
Concatenation
40. Record of system activity - which provides for monitoring and detection.
Key Management
Alternate Data Streams (File System Forks)
Central Processing Unit (CPU)
Log
41. High degree of visual control
Shielding
Mitigate
Surveillance
Security Domain
42. For PKI - to store another copy of a key
Polymorphism
Key Escrow
Bridge
Worldwide Interoperability for Microwave Access (WI-MAX )
43. An administrative unit or a group of objects and subjects controlled by one reference monitor
Fraggle
Embedded Systems
Security Domain
Hard Disk
44. Security policy - procedures - and compliance enforcement
Reference Monitor
Access Control Matrix
Examples of non-technical security components
Revocation
45. Methodical research of an incident with the purpose of finding the root cause
Executive Succession
Protection
Investigation
Disk Mirroring
46. A shield against leakage of electromagnetic signals.
Countermeasure
Keystroke Logging
Faraday Cage/ Shield
Operational
47. Unsolicited advertising software
Burn
Incident Response Team
Event
Adware
48. Using small special tools all tumblers of the lock are aligned - opening the door
Orange Book C2 Classification
Recovery Time Objectives
Picking
Multi-Processing
49. Try a list of words in passwords or encryption keys
Dictionary Attack
Hearsay
Bollard
Data Owner
50. What is will remain - persistence
Brownout
Durability
Cold Site
Plaintext
