Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Provides a physical cross connect point for devices.
Cross-Site Scripting
Process Isolation
Remanence
Patch Panels

2. An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business - as well as legal or regulatory impacts.
Restoration
Business Recovery Team
Mission-Critical Application
TIFF (Tagged Image File Format)

3. Someone who want to know how something works - typically by taking it apart
Common Law
Symmetric
Hacker
CobiT

4. Sphere of influence
Control
Pervasive Computing and Mobile Computing Devices
Tapping
Domain

5. Return to a normal state
Fault
Recovery
Isolation
Access Control Lists

6. Fault tolerance for power
Generator
Mock Disaster
Incident Response
Database Replication

7. To load the first piece of software that starts a computer.
Boot (V.)
File Shadowing
Digital Signature
Parallel Test

8. DoS - Spoofing - dictionary - brute force - wardialing
Rootkit
Access Control Attacks
Picking
Decipher

9. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements
Initialization Vector
TNI (Red Book)
Firmware
Data Marts

10. Vehicle or tool that exploits a weakness
On-Site
Key Clustering
Emergency Procedures
Threats

11. A type a computer memory that temporarily stores frequently used information for quick access.
SYN Flooding
Cache
Certification Authority
Method

12. A set of best practices for programmers to seek in all application or data base design: Atomicity - Consistency - Isolation - Durability
Fire Classes
The ACID Test
Active Data
Cross Certification

13. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.
Damage Assessment
Criminal Law
File Extension
Safeguard

14. A BCP testing type - a test that answers the question: Can the organization operate at the alternate location only?
Standalone Test
Mixed Law System
File Sharing
Full Test (Full Interruption)

15. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.
MOM
Spam
Emergency Procedures
Pointer

16. Dedicated fast memory located on the same board as the CPU
CPU Cache
Remote Journaling
Data Dictionary
Restoration

17. For PKI - to store another copy of a key
Interpreter
Voice Over IP (VOIP)
Key Escrow
Buffer Overflow

18. A risk assessment method - measurable real money cost
Mitigate
Salami
Quantitative
Repeaters

19. Control category - more than one control on a single asset
Security Kernel
Consistency
Access Control
Compensating

20. To move from location to location - keeping the same function
Honeynet
Job Rotation
Faraday Cage/ Shield
Embedded

21. Unsolicited advertising software
Multi-Programming
Adware
Trademark
Multi-Processor

22. Hardware or software that is part of a larger system
Bit
Data Marts
Checklist Test
Embedded

23. A layer 2 device that used to connect two network segments and regulate traffic.
Hacker
Recovery Strategy
Attacker (Black hat - Hacker)
Bridge

24. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.
Prevention
Mirroring
Standard
Cryptanalysis

25. A template for the designing the architecture
Shielding
Security Blueprint
Ring Protection
Disaster Recovery Plan

26. Code making
Service Bureau
State Machine Model
Firewalls
Cryptography

27. A backup type which creates a complete copy
Disaster
Replication
Chain Of Custody
Inheritance

28. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."
Top Secret
Information Risk Management (IRM)
Disaster Recovery Tape
Admissible

29. A telephone exchange for a specific office or business.
Architecture
Kernel
Private Branch Exchange (PBX)
Administrative Law

30. Controls for termination of attempt to access object
SQL Injection
Intrusion Prevention Systems
Covert Channel
Preemptive

31. A BCP testing type - a test that answers the question: Can the organization replicate the business process?
Trademark
Simulation
Brouter
Residual Data

32. Mediates communication between un-trusted hosts on behalf of the hosts that it protects.
Proxies
Modification
Transients
Recovery Point Objective (RPO)

33. Intellectual property protection for marketing efforts
Denial Of Service
Trademark
Orange Book D Classification
Blind Testing

34. A program with an inappropriate second purpose
Trojan Horse
Incident
Checksum
Interference (Noise)

35. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.
File Shadowing
Honeynet
Simulation Test
Isolation

36. Program instructions based upon the CPU's specific architecture
Machine Language (Machine Code)
Replication
Total Risk
Tracking

37. Using small special tools all tumblers of the lock are aligned - opening the door
Workaround Procedures
Collisions
Prevention
Picking

38. Physical description on the exterior of an object that communicates the existence of a label
Change Control
Cross-Site Scripting
Denial Of Service
Marking

39. State of computer - to be running a process
Proprietary
Operating
ff Site
Cross Certification

40. Collection of data on business functions which determines the strategy of resiliency
Business Impact Assessment (BIA)
Processes are Isolated By
Residual Risk
Cross-Site Scripting

41. Need to understand both the assets that need to be protected and management's priorities - Also be prepared to adjust the design over time - and verify the design has been implemented correctly - need to be good negotiator - artist and analyst.
Basics Of Secure Design
Quantitative
Mandatory Access Control (MAC)
Distributed Processing

42. A world-wide wireless technology
Critical Functions
Wireless Fidelity (Wi-Fi )
Key Space
Detection

43. Of a system without prior knowledge by the tester or the tested
Procedure
Lattice
Least Privilege
Double Blind Testing

44. High level - pertaining to planning
Operational
Cipher Text
Strategic
Preemptive

45. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.
Microwave
Brouter
Inference
Classification

46. OOP concept of a template that consist of attributes and behaviors
Class
Business Unit Recovery
Data Leakage
Worm

47. After being seized - the investigator should make a bit mirror image copy of the storage media before doing anything else.
Computer System Evidence
Mixed Law System
File Server
Multilevel Security System

48. Not fulfilling legally recognized obligation - failure to conform to a standard of care that results in injury or damage - and proximate causation - not practicing due diligence - or due care - not following prudent person (doing due diligence in due
Consistency
Mirrored Site
Elements of Negligence
Separation Of Duties

49. Recovery alternative - complete duplication of services including personnel
Coaxial Cable
Incident Response
Mirrored Site
Smurf

50. A type of multitasking that allows for more even distribution of computing time among competing request
Eavesdropping
Preemptive
Domain
Disk Mirroring