SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Provides a physical cross connect point for devices.
Orange Book A Classification
Patch Panels
Remote Access Trojan
Countermeasure
2. A backup type - for databases at a point in time
Moore's Law
Noise
Shadowing (file shadowing)
Data Hiding
3. A condition in which neither party is willing to stop their activity for the other to complete
Entrapment
Deadlock
Encryption
Firewalls
4. Event(s) that cause harm
Incident
Brownout
User
Business Continuity Program
5. To segregate for the purposes of labeling
Compartmentalize
Access Control
Mobile Recovery
Change Control
6. Initial surge of current
Investigation
Mock Disaster
Electrostatic Discharge
Inrush Current
7. A practice execution of the plan takes place. A specific scenario is established - and the simulation continues up to the point of actual relocation to the alternate site.
Simulation Test
Corrective
Consistency
Incident
8. The principles a person sets for themselves to follow
Process Isolation
Ethics
Operational
Data Backups
9. A backup of data located where staff can gain access immediately
On-Site
Discretionary
Redundant Servers
Cross-Site Scripting
10. Uncleared buffers or media
Object Reuse
Electronic Vaulting
Hub
Botnet
11. Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization - community - nation - etc
Analysis
Electromagnetic Interference (EMI)
Checksum
Critical Infrastructure
12. A group of hard drives working as one storage unit for the purpose of speed and fault tolerance
Redundant Array Of Independent Drives (RAID)
Data Owner
Repeaters
Vital Record
13. The time period between a disaster and a return to normal functions - during which the disaster recovery plan is employed.
Recovery Period
Infrastructure
Disaster Recovery Tape
Job Training
14. A programming design concept which abstracts one set of functions from another in a serialized fashion
Fragmented Data
Embedded
Layering
Denial Of Service
15. A template for the designing the architecture
IP Fragmentation
Wireless Fidelity (Wi-Fi )
Redundant Array Of Independent Drives (RAID)
Security Blueprint
16. The first rating that requires security labels
Recovery Time Objectives
Orange Book B1 Classification
Risk Assessment / Analysis
Encryption
17. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner
Hot Spares
Life Cycle of Evidence
Civil Law
Plain Text
18. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.
User Mode (problem or program state)
Concentrator
Analysis
Keystroke Logging
19. Searching for wireless networks in a moving car.
Computer Forensics
War Driving
Spyware
DR Or BC Coordinator
20. Location to perform the business function
Alternate Site
Satellite
Redundant Servers
Information Technology Security Evaluation Criteria - ITSEC
21. The core of a computer that calculates
Damage Assessment
Central Processing Unit (CPU)
Interference (Noise)
Backup
22. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.
Sequence Attacks
Structured Walkthrough
Control
Data Integrity
23. Unused storage capacity
Slack Space
Information Technology Security Evaluation Criteria - ITSEC
Plain Text
Smurf
24. Review of data
Domain
Analysis
Intrusion Detection Systems
Steganography
25. Threats x Vulnerability x Asset Value = Total Risk
Total Risk
War Dialing
Classification
Near Site
26. A layer 3 device that used to connect two or more network segments and regulate traffic.
Sharing
Residual Data
Separation Of Duties
Routers
27. A disturbance that degrades performance of electronic devices and electronic communications.
Incident Manager
Entrapment
Inrush Current
Radio Frequency Interference (RFI)
28. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.
Secondary Storage
Near Site
Reference Monitor
Structured Walk-Through Test
29. Implementation of operating system protection mechanism - where more sensitive built upon the layering concept
Cryptography
Shielding
Recovery Time Objectives
Ring Protection
30. One way encryption
Transfer
Trojan Horse
Permutation /Transposition
Hash Function
31. Natural or human-readable form of message
ff Site
Picking
Change Control
Plain Text
32. False memory reference
Data Recovery
Due Diligence
Event
Dangling Pointer
33. Intellectual property protection for an invention
Database Replication
ISO/IEC 27001
Patent
Containment
34. Part of a transaction control for a database which informs the database of the last recorded transaction
Checkpoint
Least Privilege
Mandatory Access Control (MAC)
Proxies
35. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements
Patent
Storage Area Network (SAN)
Data Custodian
ITSEC
36. Highest level of authority at EOC with knowledge of the business process and the resources available
Workaround Procedures
Security Blueprint
Business Recovery Team
Incident Manager
37. Reduction of voltage by the utility company for a prolonged period of time
Brownout
Business Recovery Team
Disaster Recovery Tape
Computer Forensics
38. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.
Double Blind Testing
Risk Assessment
Site Policy Awareness
Business Interruption
39. Joining two pieces of text
Business Recovery Team
Integrated Test
Concatenation
Pointer
40. The one person responsible for data - its classification and control setting
Information Owner
Cold Site
Control
Remote Journaling
41. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.
Waterfall
Incident Manager
Mirroring
False (False Positive)
42. Consume resources to a point of exhaustion - loss of availability
Denial Of Service
Distributed Processing
Off-Site Storage
Key Management
43. A description of a database
Data Dictionary
Central Processing Unit (CPU)
Key Management
Relocation
44. Interception of a communication session by an attacker.
Structured Walk-Through Test
Hijacking
Accreditation
Highly Confidential
45. Using many alphabets
Mission-Critical Application
Recovery Strategy
Polyalphabetic
Compensating
46. Define the way in which the organization operates.
Data Hiding
Side Channel Attack
Basics Of Secure Design
Proprietary
47. Moving letters around
Storage Area Network (SAN)
Chain Of Custody
Failure Modes and Effect Analysis (FEMA)
Permutation /Transposition
48. A trusted issuer of digital certificates
Routers
Certification Authority
Recovery
Bollard
49. A layer 2 device that used to connect two or more network segments and regulate traffic.
Switches
Checksum
Exercise
Trusted Computing Base
50. A control before attack
Safeguard
Inheritance
The ACID Test
Risk Assessment / Analysis
