SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Real-time - automatic and transparent backup of data.
One Time Pad
Remote Journaling
Inference
Due Diligence
2. A telephone exchange for a specific office or business.
Private Branch Exchange (PBX)
Keystroke Logging
Sniffing
File Level Deletion
3. Natural occurrence in circuits that are in close proximity
Interference (Noise)
Satellite
Brownout
Business Recovery Timeline
4. Mediation of subject and object interactions
CobiT
Access Control
Checklist Test
Sniffing
5. Written internalized or nationalized norms that are internal to an organization
Salami
Standard
Control Type
Redundant Array Of Independent Drives (RAID)
6. System of law based upon precedence - with major divisions of criminal - tort - and administrative
Fire Detection
Common Law
Recovery Period
5 Rules Of Evidence
7. Control category- to restore to a previous state by removing the adversary and or the results of their actions
Corrective
Legacy Data
Marking
Mantrap (Double Door System)
8. High level design or model with a goal of consistency - integrity - and balance
Machine Language (Machine Code)
Log
Architecture
Multi-Processor
9. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.
Exposure
HTTP Response Splitting
Business Recovery Timeline
Journaling
10. A program that waits for a condition or time to occur that executes an inappropriate activity
Business Records
Logic Bomb
Vulnerability
Threats
11. Memory - RAM
Data Dictionary
Cross Training
Primary Storage
Site Policy Awareness
12. Also known as regulatory laws - covers standards of performance or conduct expected by government agencies from companies - industries - and certain officials
Keyed-Hashing For Message Authentication
Threats
Administrative Laws
Procedure
13. A database backup type which records at the transaction level
Recovery Strategy
Technical Access Controls
Remote Journaling
Class
14. A choice in risk management - to convince another to assume risk - typically by payment
Spiral
Transfer
Checklist Test (desk check)
Full Test (Full Interruption)
15. Information about a particular data set
Metadata
Archival Data
Patch Management
Data Integrity
16. Written suggestions that direct choice to a few alternatives
Guidelines
Fault Tolerance
Mirrored Site
Business Records
17. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.
Risk Mitigation
Civil Or Code Law
Structured Walkthrough
Total Risk
18. For PKI - to have more than one person in charge of a sensitive function
Multi-Party Control
Resumption
Archival Data
Analysis
19. An availability attack - to consume resources to the point of exhaustion from multiple vectors
TNI (Red Book)
Assembler
Honeynet
Distributed Denial Of Service
20. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems
Due Care
Rollback
Acronym for American Standard Code for Information Interchange (ASCII)
Stopped
21. Tool which mediates access
Structured Walkthrough
Control
Operational Impact Analysis
Fire Classes
22. To stop damage from spreading
Reciprocal Agreement
Trademark
Containment
Data Custodian
23. DoS - Spoofing - dictionary - brute force - wardialing
Access Control Attacks
Business Interruption
Distributed Processing
Sampling
24. OOP concept of an object at runtime
War Driving
Radio Frequency Interference (RFI)
Preemptive
Instance
25. Memory management technique which allows subjects to use the same resource
Access Point
Electronic Vaulting
Sharing
Masked/Interruptible
26. Can be statistical (monitor behavior) or signature based (watch for known attacks)
File Level Deletion
IDS Intrusion Detection System
Total Risk
Damage Assessment
27. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.
Data Leakage
Time Of Check/Time Of Use
Surge
Journaling
28. A legal enforceable agreement between: two people - two organizations - a person and an organization.
Residual Data
Tort
Evidence
Application Programming Interface
29. For PKI - to store another copy of a key
Embedded Systems
Common Law
Key Escrow
Time Of Check/Time Of Use
30. A layer 2 device that used to connect two network segments and regulate traffic.
Threads
Procedure
Bridge
Incident Response
31. Object based description of a single resource and the permission each subject
Access Control Lists
Authentic
Fire Classes
Sharing
32. Something that happened
Event
Infrastructure
Honeypot
Checkpoint
33. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions
Resumption
Firewalls
Business Recovery Team
ITSEC
34. Sudden rise in voltage in the power supply.
Recovery
Data Leakage
Access Control Matrix
Surge
35. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.
Deleted File
Man-In-The-Middle Attack
Capability Tables
Territoriality
36. Pertaining to law - verified as real
Authentic
Process Isolation
Recovery Point Objective (RPO)
Electrostatic Discharge
37. OOP concept of a class's details to be hidden from object
Hash Function
Encapsulation
Adware
Recovery Time Objectives
38. Joining two pieces of text
Twisted Pair
Cookie
Cryptanalysis
Concatenation
39. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements
ITSEC
Hard Disk
Incident
Faraday Cage/ Shield
40. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.
Procedure
Checksum
Business Recovery Team
Call Tree
41. Mathematical function that determines the cryptographic operations
Algorithm
Blind Testing
Data Hiding
Honeypot
42. Review of data
Instance
Detection
Analysis
Legacy Data
43. Control category- to discourage an adversary from attempting to access
Failure Modes and Effect Analysis (FEMA)
Deterrent
Worm
Checklist Test
44. Calculation encompassing threats - vulnerabilities and assets
Total Risk
Blind Testing
Uninterruptible Power Supply (UPS)
Desk Check Test
45. Malware that uses the trust on a website to redirect users to untrusted websites which captures data or installs more malware
Assembler
Job Training
Metadata
Cross-Site Scripting
46. Server optimized for providing file-based data storage to the network. Unlike a File Server - a NAS unit has no input or output devices - and the OS is dedicated for providing storage services.
Network Attached Storage (NAS)
Full Test (Full Interruption)
Disaster Recovery Plan
Declaration
47. Using small special tools all tumblers of the lock are aligned - opening the door
Picking
Need-To-Know
Hot Site
Site Policy
48. A type a computer memory that temporarily stores frequently used information for quick access.
Directive
Cache
Incident Handling
Databases
49. An individuals conduct that violates government laws developed to protect the public
Criminal Law
Need-To-Know
Side Channel Attack
Incident
50. Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).
Mandatory Vacations
Business Impact Analysis
Degauss
Identification
