SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The hard drive
Disaster
Information Risk Management (IRM)
Secondary Storage
Eavesdropping
2. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor
Enticement
Injection
Algorithm
Coaxial Cable
3. Responsibility for actions
IP Address Spoofing
Liability
Restoration
Cryptanalysis
4. A document designed to periodically exercise specific action tasks and procedures to ensure viability in a real disaster or severe outage situation.
Consistency
Orange Book B2 Classification
Business Interruption Insurance
Test Plan
5. Using small special tools all tumblers of the lock are aligned - opening the door
Business Continuity Planning (BCP)
Picking
Accountability
Contingency Plan
6. Summary of a communication for the purpose of integrity
Message Digest
Hijacking
Safeguard
Enticement
7. A subnetwork with storage devices servicing all servers on the attached network.
Operating
Remote Journaling
Storage Area Network (SAN)
Running Key
8. Organization's prior arrangements made to maintain the functions and processes important to the existence of the organization
Overlapping Fragment Attack
Business Continuity Planning (BCP)
Uninterruptible Power Supply (UPS)
Operational Exercise
9. Controls deployed to avert unauthorized and/or undesired actions.
Orange Book A Classification
Technical Access Controls
Countermeasure
Prevention
10. Scrambled form of the message or data
Orange Book A Classification
Cipher Text
Alert
Incident Response Team
11. Malware that subverts the detective controls of an operating system
Liability
Recovery Period
Distributed Denial Of Service
Rootkit
12. Moving letters around
Backup
Activation
Metadata
Permutation /Transposition
13. Rapid switching back and forth between programs from the computer's perspective and appearing to do more that one thing at a time from the user's perspective
Process Isolation
Simulation Test
Honeypot
Multi-Programming
14. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.
Restoration
Worldwide Interoperability for Microwave Access (WI-MAX )
Double Blind Testing
Fire Suppression
15. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities
Threats
Record Level Deletion
Intrusion Detection Systems
BCP Testing Drills and Exercises
16. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.
Eavesdropping
Generator
Risk Assessment / Analysis
Off-Site Storage
17. Implementation of measures to deter specific threats to the continuity of business operations - and/or respond to any occurrence of such threats in a timely and appropriate manner.
Security Domain
Blind Testing
Journaling
Risk Mitigation
18. One of the key benefits of a network is the ability to share files stored on the server among several users.
Examples of non-technical security components
Fire Suppression
Privacy Laws
File Sharing
19. Intellectual property protection for marketing efforts
Trademark
Double Blind Testing
Internal Use Only
Business Interruption Insurance
20. To segregate for the purposes of labeling
Compartmentalize
Packet Filtering
Authentication
Embedded Systems
21. More than one CPU on a single board
Multi-Processing
Alternate Data Streams (File System Forks)
Multi-Core
Surge
22. Act of luring an intruder and is legal.
Business Unit Recovery
Journaling
IP Address Spoofing
Enticement
23. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions
Resumption
Total Risk
File Server
Conflict Of Interest
24. To start business continuity processes
Activation
Electronic Vaulting
War Driving
Emanations
25. OOP concept of an object at runtime
Instance
Multi-Processing
Worldwide Interoperability for Microwave Access (WI-MAX )
SYN Flooding
26. Physical description on the exterior of an object that communicates the existence of a label
Evidence
Full-Interruption test
Marking
Data Backup Strategies
27. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.
Change Control
Classification Scheme
Policy
Shadowing (file shadowing)
28. Claiming another's identity at a physical level
Mandatory Vacations
Masquerading
Symmetric
Crisis
29. Long term knowledge building
Business Continuity Program
Atomicity
Education
Non-Interference
30. Data or interference that can trigger a false positive
Application Programming Interface
Supervisor Mode (monitor - system - privileged)
Noise
Stopped
31. A choice in risk management - to implement a control that limits or lessens negative effects
Mitigate
Separation Of Duties
Sag/Dip
Mock Disaster
32. Information that - if made public or even shared around the organization - could seriously impede the organization's operations
Acronym for American Standard Code for Information Interchange (ASCII)
Electronic Vaulting
Highly Confidential
Data Diddler
33. Location to perform the business function
Alternate Data Streams (File System Forks)
Alternate Site
CPU Cache
Quantitative Risk Analysis
34. Two different keys decrypt the same cipher text
Entrapment
Double Blind Testing
Key Clustering
Operational
35. People protect their domain
Territoriality
HTTP Response Splitting
Discretionary
Trapdoors (Backdoors) (Maintenance Hooks)
36. The collection and summation of risk data relating to a particular asset and controls for that asset
Covert Channel
Risk Assessment
Generator
Computer Forensics
37. Define the way in which the organization operates.
Proprietary
Business Impact Analysis
Surge
Quantitative Risk Analysis
38. A basic level of network access control that is based upon information contained in the IP packet header.
Least Privilege
Packet Filtering
Orange Book D Classification
Mitigate
39. Copies of the plan are handed out to each functional area to ensure the plan properly deals with the area's needs and vulnerabilities
Emergency Operations Center (EOC)
Sharing
Checklist Test
MOM
40. Malware that makes small random changes to many data points
Cookie
Investigation
Data Diddler
Tar Pits
41. An unintended communication path
Archival Data
Covert Channel
Sampling
Business Continuity Planning (BCP)
42. Redundant component that provides failover capability in the event of failure or interruption of a primary component.
Hot Spares
Trapdoors (Backdoors) (Maintenance Hooks)
Business Records
File Extension
43. A practice execution of the plan takes place. A specific scenario is established - and the simulation continues up to the point of actual relocation to the alternate site.
Simulation Test
Fire Classes
Physical Tampering
Blackout
44. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.
Standalone Test
Denial Of Service
Restoration
Administrative Law
45. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives
Databases
Wireless Fidelity (Wi-Fi )
Fault
Memory Management
46. The restoration of computer files from backup media to restore programs and production data to the state that existed at the time of the last safe backup.
War Driving
Cryptology
Recovery
Data Recovery
47. Recovery alternative which outsources a business function at a cost
Service Bureau
Logic Bomb
Mobile Site
Business Continuity Program
48. Threats x Vulnerability x Asset Value = Total Risk
Total Risk
3 Types of harm Addressed in computer crime laws
Secondary Storage
Noise
49. A electronic attestation of identity by a certificate authority
Vulnerability
Digital Certificate
Teardrop
Discretionary
50. Requirement of access to data for a clearly defined purpose
Phishing
Need-To-Know
Call Tree
Brute Force
