SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer
50
questions in
15 minutes
.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A temporary public file to inform others of a compromised digital certificate
Directive
Job Training
Orange Book D Classification
Certificate Revocation List (CRL)
2. Forgery of the sender's email address in an email header.
Plan Maintenance Procedures
Access Point
E-Mail Spoofing
Kernel
3. System of law based upon precedence - with major divisions of criminal - tort - and administrative
Full-Interruption test
Common Law
Initialization Vector
Electronic Vaulting
4. Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.
Fragmented Data
Double Blind Testing
Stopped
Tracking
5. Mathematical function that determines the cryptographic operations
Locard's Principle
Operational
Algorithm
Tracking
6. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.
Honeynet
Worldwide Interoperability for Microwave Access (WI-MAX )
Remote Journaling
Voice Over IP (VOIP)
7. Impossibility of denying authenticity and identity
Active Data
Sampling
Brouter
Non-Repudiation
8. Intellectual property protection for an invention
Contingency Plan
Plaintext
Patent
Assembler
9. Just enough access to do the job
Replication
Least Privilege
Residual Data
Shielding
10. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?
Desk Check Test
Strong Authentication
Database Replication
Risk Mitigation
11. A backup of data located where staff can gain access immediately
Burn
Log
Shadowing (file shadowing)
On-Site
12. Written step-by-step actions
Full Test (Full Interruption)
5 Rules Of Evidence
Databases
Procedure
13. Consume resources to a point of exhaustion - loss of availability
Hacker
Denial Of Service
Cache
Rootkit
14. Subset of operating systems components dedicated to protection mechanisms
Security Kernel
User
Database Replication
Log
15. Requirement to take time off
Mandatory Vacations
Hard Disk
Declaration
Compression
16. Adversary intercepts encrypted communications - decrypts - views - encrypts - and send along to the true destination
Multi-Tasking
File Sharing
Man-In-The-Middle Attack
Voice Over IP (VOIP)
17. Converts source code to an executable
Due Diligence
Compiler
Object
Routers
18. A layer 2 device that used to connect two network segments and regulate traffic.
File Level Deletion
Risk Assessment / Analysis
Bridge
Business Continuity Program
19. To load the first piece of software that starts a computer.
Microwave
Boot (V.)
Decipher
Site Policy
20. Responsibility for actions
Quantitative
Plain Text
Crisis
Liability
21. Controls for logging and alerting
Confidence Value
Bollard
Brownout
Intrusion Detection Systems
22. A risk assessment method - intrinsic value
Pointer
Qualitative
Coaxial Cable
Incident Handling
23. Control type- that is communication based - typically written or oral
Mobile Recovery
Damage Assessment
Administrative
Asymmetric
24. Record of system activity - which provides for monitoring and detection.
Log
Security Kernel
System Life Cycle
Isolation
25. A set of laws that the organization agrees to be bound by
Surge Suppressor
Atomicity
Administrative Law
Mock Disaster
26. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.
Active Data
Highly Confidential
Desk Check Test
Inrush Current
27. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.
Processes are Isolated By
Total Risk
Redundant Servers
Framework
28. Define the way in which the organization operates.
Proprietary
Waterfall
War Dialing
Simulation
29. Information that - if made public or even shared around the organization - could seriously impede the organization's operations
Faraday Cage/ Shield
Slack Space
Distributed Processing
Highly Confidential
30. Lower frequency noise
Data Warehouse
3 Types of harm Addressed in computer crime laws
Containment
Radio Frequency Interference (RFI)
31. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner
Life Cycle of Evidence
Polymorphism
Phishing
Critical Records
32. A program with an inappropriate second purpose
Trojan Horse
Identification
Surge Suppressor
Shielding
33. The current internationally accepted set of standards and processes for information security products evaluation and assurance - which joins function and assurance requirements
Data Diddler
Due Care
Common Criteria
Recovery
34. Someone who want to know how something works - typically by taking it apart
Threat Agent
Complete
Hacker
Admissible
35. A perpetrator leaves something behind or takes something with them at the scene of a crime
36. The property that data meet with a priority expectation of quality and that the data can be relied upon.
Convincing
Aggregation
Data Integrity
Security Blueprint
37. Requires two of the three user authentication attributes (knows - is or has) - e.g. you have an ATM card and enter a PIN
Replication
Discretionary Access Control (DAC)
Notification
Strong Authentication
38. Pertaining to law - high degree of veracity
Salami
Twisted Pair
Accurate
Administrative Laws
39. Malware that uses the trust on a website to redirect users to untrusted websites which captures data or installs more malware
Maximum Tolerable Downtime (MTD)
Cross-Site Scripting
Symmetric
Compiler
40. Highly sensitive internal documents that could seriously damage the organization if such information were lost or made public.
Simulation
System Life Cycle
Strong Authentication
Top Secret
41. System mediation of access with the focus on the context of the request
Business Recovery Team
Content Dependent Access Control
Machine Language (Machine Code)
Identification
42. Induces a crime - tricks a person - and is illegal
Entrapment
Surge
Identification
Patent
43. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.
Evidence
Forward Recovery
Security Domain
2-Phase Commit
44. Inference about encrypted communications
Side Channel Attack
Exercise
Access Point
3 Types of harm Addressed in computer crime laws
45. The level and label given to an individual for the purpose of compartmentalization
Checklist Test (desk check)
Administrative Access Controls
Hard Disk
Security Clearance
46. Security Policy - Personnel Controls - Supervisory Structure - Security Awareness Training - Testing
Metadata
Copyright
Administrative Access Controls
Containment
47. Hitting a filed down key in a lock with a hammer to open without real key
Alert/Alarm
Bumping
Inrush Current
Restoration
48. Program instructions based upon the CPU's specific architecture
Architecture
Machine Language (Machine Code)
Contingency Plan
Data Backups
49. Pertaining to law - accepted by a court
Access Point
Admissible
CobiT
Data Backups
50. A electronic attestation of identity by a certificate authority
Resumption
Metadata
Digital Certificate
Accurate
