SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The managerial approval to operate a system based upon knowledge of risk to operate
Deterrent
Walk Though
Accreditation
Classification
2. Narrow scope examination of a system
Detection
Activation
Targeted Testing
Hot Site
3. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).
Attacker (Black hat - Hacker)
UPS
Disaster Recovery Tape
Discretionary Access Control (DAC)
4. Business activities or information that could not be interrupted or unavailable for several business days without significantly jeopardizing operation of the organization.
False (False Positive)
BCP Testing Drills and Exercises
Critical Functions
Mirroring
5. Someone who want to know how something works - typically by taking it apart
Declaration
Separation Of Duties
Hacker
Hard Disk
6. All of the protection mechanism in a computer system
Authentic
Privacy Laws
Trusted Computing Base
Vital Record
7. A Denial of Service attack that exploits systems that are not able to handle malicious - overlapping and oversized IP fragments.
Corrective
Qualitative
Teardrop
Orange Book A Classification
8. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.
Keystroke Logging
ISO/IEC 27002
Disk Mirroring
Pervasive Computing and Mobile Computing Devices
9. A technology that reduces the size of a file.
Cross-Site Scripting
Authorization
Trade Secret
Compression
10. Recovery alternative - complete duplication of services including personnel
Patch Management
Administrative
Top Secret
Mirrored Site
11. Control category - more than one control on a single asset
Voice Over IP (VOIP)
Compensating
Inheritance
File Sharing
12. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."
Disaster Recovery Tape
Rogue Access Points
Side Channel Attack
Orange Book B2 Classification
13. A running key using a random key that is never used again
One Time Pad
Voice Over IP (VOIP)
Access Control Matrix
Deletion
14. A distributed system's transaction control that requires updates to complete or rollback
Orange Book C2 Classification
Sequence Attacks
2-Phase Commit
Deleted File
15. A choice in risk management - to convince another to assume risk - typically by payment
Running Key
Administrative Access Controls
Transfer
System Downtime
16. To evaluate the current situation and make basic decisions as to what to do
SQL Injection
Emergency
Administrative Laws
Triage
17. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.
Faraday Cage/ Shield
Risk Assessment / Analysis
Copyright
Declaration
18. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.
Class
Malformed Input
Business Interruption Insurance
Deadlock
19. Control category- to restore to a previous state by removing the adversary and or the results of their actions
Triage
Codec
Cryptology
Corrective
20. Mediation of covert channels must be addressed
Private Branch Exchange (PBX)
Disaster Recovery Plan
Checkpoint
Information Flow Model
21. A hash that has been further encrypted with a symmetric algorithm
Gateway
Off-Site Storage
Keyed-Hashing For Message Authentication
Lattice
22. A state where two subjects can access the same object without proper mediation
Incident Handling
Cross-Site Scripting
Race Condition
Full-Interruption test
23. The partial or full duplication of data from a source database to one or more destination databases.
Memory Management
Database Replication
Race Condition
False Negative
24. System directed mediation of access with labels
Alert
Mandatory
SQL Injection
Wireless Fidelity (Wi-Fi )
25. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.
Distributed Denial Of Service
Governance
Disaster Recovery Teams (Business Recovery Teams)
Incident Response Team
26. Potentially retrievable data residue that remains following intended erasure of data.
Certification Authority
Architecture
Polymorphism
Remanence
27. A control after attack
Countermeasure
Resumption
Legacy Data
Access Control Lists
28. Potential danger to information or systems
Total Risk
Orange Book C Classification
Emergency
Threats
29. An encryption method that has a key as long as the message
SYN Flooding
Running Key
Job Rotation
Orange Book B1 Classification
30. Alternate facility - other than the primary production site - where duplicated vital records and documentation may be stored for use during disaster recovery.
Spam
Off-Site Storage
Operational Exercise
Fire Prevention
31. Recording the Who What When Where How of evidence
Mission-Critical Application
Chain Of Custody
Stopped
Data Diddler
32. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.
Switches
War Dialing
Fragmented Data
Threads
33. Written internalized or nationalized norms that are internal to an organization
Job Rotation
Standard
Race Condition
Hacker
34. A programming device use in development to circumvent controls
File Sharing
Bridge
Data Warehouse
Trapdoors (Backdoors) (Maintenance Hooks)
35. Intellectual property protection for an invention
Incident Manager
Patent
Complete
HTTP Response Splitting
36. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.
Tort
Structured Walkthrough
Risk Assessment
Voice Over IP (VOIP)
37. Planning for the delegation of authority required when decisions must be made without the normal chain of command
Executive Succession
Operational Exercise
Operating
Database Replication
38. Redundant component that provides failover capability in the event of failure or interruption of a primary component.
Surge
Process Isolation
Hot Spares
Hub
39. Organized group of compromised computers
Data Backups
Botnet
Data Warehouse
Salami
40. Property that data is represented in the same manner at all times
Steganography
Consistency
Surveillance
Denial Of Service
41. An availability attack - to consume resources to the point of exhaustion
Honeynet
Brownout
Denial Of Service
Off-Site Storage
42. Responsibility for actions
Cryptanalysis
Resumption
Liability
Shielding
43. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.
Tar Pits
Deletion
Covert Channel
TNI (Red Book)
44. Framework that defines goals for the controls that should be used to properly manage IT - consists of 4 domains: - Plan and Organize - - Acquire and Implement - Deliver and Support - Monitor and Evaluate
File Server
CobiT
Recovery Point Objective (RPO)
Network Attached Storage (NAS)
45. Weakness or flaw in an asset
Deterrent
Vulnerability
Intrusion Detection Systems
Virus
46. Process whereby data is removed from active files and other data storage structures
Deletion
Entrapment
Hearsay Evidence
Internal Use Only
47. A state for operating system tasks only
Civil Law
Trade Secret
Supervisor Mode (monitor - system - privileged)
Remote Journaling
48. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated
Residual Risk
Fault
Initialization Vector
Distributed Processing
49. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.
Maximum Tolerable Downtime (MTD)
Containment
System Life Cycle
Encryption
50. Something that happened
Atomicity
Event
Covert Channel
Electrostatic Discharge
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests