SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To smooth out reductions or increases in power
Checkpoint
Active Data
EMI
UPS
2. A process state - (blocked) needing input before continuing
Wait
Compensating
Routers
Plan Maintenance Procedures
3. With enough computing power trying all possible combinations
Admissible
Brute Force
Examples of technical security components
Call Tree
4. A unit of execution
Data Marts
Threads
Orange Book B1 Classification
Risk Mitigation
5. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists
Safeguard
Business Records
Alert/Alarm
Administrative Law
6. Controls deployed to avert unauthorized and/or undesired actions.
Prevention
Disaster Recovery Teams (Business Recovery Teams)
Sag/Dip
Hub
7. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive
Call Tree
Virtual Memory
Common Criteria
Distributed Denial Of Service
8. To reduce sudden rises in current
Surge Suppressor
Infrastructure
Alternate Site
Data Backups
9. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.
Quantitative Risk Analysis
Centralized Access Control Technologies
Electromagnetic Interference (EMI)
Liability
10. Review of data
Analysis
IP Address Spoofing
Access Control Matrix
One Time Pad
11. A layer 2 device that used to connect two network segments and regulate traffic.
Inference
Bridge
Modification
Civil Or Code Law
12. Reduces causes of fire
Fire Prevention
Copyright
Electrostatic Discharge
Redundant Array Of Independent Drives (RAID)
13. Can be statistical (monitor behavior) or signature based (watch for known attacks)
IDS Intrusion Detection System
Multilevel Security System
Mobile Recovery
Compression
14. uropean standard for IT security criteria. Wasn't universally adopted. - Consists of four components:1. "Security Target" 2. "Target of Evaluation" or ToE. 3. Functional Levels. 4. Assurance Levels.
Critical Functions
Metadata
Information Technology Security Evaluation Criteria - ITSEC
Analysis
15. Implementation of operating system protection mechanism - where more sensitive built upon the layering concept
Ring Protection
Authentic
Desk Check Test
Business Interruption
16. A layer 3 device that used to connect two or more network segments and regulate traffic.
Recovery Point Objective (RPO)
Detective
Routers
Incident Manager
17. A programming design concept which abstracts one set of functions from another in a serialized fashion
Firewalls
Layering
Authentic
Separation Of Duties
18. Potential danger to information or systems
Threats
Least Privilege
Internal Use Only
File Level Deletion
19. A set of laws that the organization agrees to be bound by
Administrative Law
Buffer Overflow
Reciprocal Agreement
Orange Book C Classification
20. A documented battle plan for coordinating response to incidents.
Privacy Laws
False Negative
Assembler
Incident Handling
21. High frequency noise
Disk Mirroring
Phishing
Concatenation
Electromagnetic Interference (EMI)
22. Eavesdropping on network communications by a third party.
Digital Certificate
Bollard
Access Point
Sniffing
23. An administrative unit or a group of objects and subjects controlled by one reference monitor
Compression
Containment
Blind Testing
Security Domain
24. Recovery alternative which outsources a business function at a cost
Inference
Service Bureau
Prevention
Digital Signature
25. A value an organization places on an IDS based on past performance and analysis to help determine its ability to effectively identify an attack
Labeling
Desk Check Test
Security Blueprint
Confidence Value
26. Of a system without prior knowledge by the tester or the tested
Double Blind Testing
Distributed Denial Of Service
Inheritance
IP Fragmentation
27. Those who initiate the attack
Compartmentalize
Coaxial Cable
Checkpoint
Threat Agent
28. Define the way in which the organization operates.
Proprietary
Accurate
Active Data
Rogue Access Points
29. Part of a transaction control for a database which informs the database of the last recorded transaction
Safeguard
Sniffing
Memory Management
Checkpoint
30. A telephone exchange for a specific office or business.
Hot Spares
Private Branch Exchange (PBX)
Bollard
Governance
31. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.
Pervasive Computing and Mobile Computing Devices
Legacy Data
TIFF (Tagged Image File Format)
Fire Classes
32. Robust project management process of new systems with at least the following phases: design and development - production - distribution - operation - maintenance - retirement - and disposal
Examples of technical security components
Man-In-The-Middle Attack
Incident
System Life Cycle
33. Intellectual property protection for the expression of an idea
System Life Cycle
Concentrator
Labeling
Copyright
34. A layer 2 device that used to connect two or more network segments and regulate traffic.
SQL Injection
Administrative Law
Switches
Picking
35. Claiming another's identity at a physical level
Notification
Ring Protection
Masquerading
Forward Recovery
36. Intellectual property protection for marketing efforts
Privacy Laws
Trademark
Administrative Laws
Reference Monitor
37. Narrow scope examination of a system
Modems
Targeted Testing
Primary Storage
Side Channel Attack
38. A backup of data located where staff can not gain access readily and a regional disaster will not cause harm
ff Site
File
Confidence Value
IP Fragmentation
39. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals
Prevention
Bumping
Residual Risk
Fire Classes
40. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid
Highly Confidential
Information Technology Security Evaluation Criteria - ITSEC
Civil Law
Concatenation
41. Abstract and mathematical in nature - defining all possible states - transitions and operations
Faraday Cage/ Shield
State Machine Model
Administrative Law
Proxies
42. Uses a role-based method to determine access rights and permissions. Role based access control is based on the user's role and responsibilities within the company.
Source Routing Exploitation
Sag/Dip
Non-Discretionary Access Control
Trusted Computing Base
43. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code
Instance
3 Types of harm Addressed in computer crime laws
Warm Site
Orange Book B1 Classification
44. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.
Safeguard
Patent
Uninterruptible Power Supply (UPS)
Business Recovery Team
45. Redundant component that provides failover capability in the event of failure or interruption of a primary component.
Hot Spares
Pervasive Computing and Mobile Computing Devices
Fire Prevention
Keystroke Logging
46. Computing power will double every 18 months
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
47. To set the clearance of a subject or the classification of an object
Firewalls
Executive Succession
Labeling
Guidelines
48. Responsibility for actions
Hearsay Evidence
Metadata
Liability
Detective
49. A cooperative collection of business processes and technologies used for the purpose of binding individuals to a digital certificate
Event
High-Risk Areas
Public Key Infrastructure (PKI)
Collisions
50. Power surge
Electrostatic Discharge
Brouter
Inheritance
Criminal Law