Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Objects or programming that looks the different but act same
Polymorphism
Ring Protection
Patent
Salami

2. Controls for logging and alerting
Qualitative
CPU Cache
Recovery
Intrusion Detection Systems

3. Something that happened
Interpreter
Event
Life Cycle of Evidence
Incident

4. High frequency noise
Cold Site
Instance
Electromagnetic Interference (EMI)
Chain of Custody

5. Tool which mediates access
Detective
Control
Strong Authentication
Business Recovery Team

6. Uses two or more legal systems
Keystroke Logging
Isolation
HTTP Response Splitting
Mixed Law System

7. All of the protection mechanism in a computer system
Classification
Trusted Computing Base
Desk Check Test
Embedded

8. Third party processes used to organize the implementation of an architecture
Framework
Trademark
Certification Authority
CobiT

9. Outputs within a given function are the same result
Business Continuity Program
Infrastructure
One Time Pad
Collisions

10. Threats x Vulnerability x Asset Value = Total Risk
Total Risk
Orange Book D Classification
Copyright
Hearsay Evidence

11. Policy or stated actions
Packet Filtering
War Dialing
Cryptovariable
Due Care

12. A Denial of Service attack that exploits systems that are not able to handle malicious - overlapping and oversized IP fragments.
Teardrop
Reference Monitor
Orange Book C2 Classification
Object Reuse

13. The process of assessing damage - following a disaster - to computer hardware - vital records - office facilities - etc. And determining what can be salvaged or restored and what must be replaced.
Damage Assessment
Covert Channel
Object Reuse
Rollback

14. A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.
Collisions
Bit
Strategic
Cryptography

15. Real-time data backup ( Data Mirroring)
Compensating
Enticement
Salami
Database Shadowing

16. Reduces causes of fire
Cross Training
Fire Prevention
Attacker (Black hat - Hacker)
Simulation

17. Evaluation of a system without prior knowledge by the tester
Concentrator
Blind Testing
Keystroke Logging
Shift Cipher (Caesar)

18. Used to code/decode a digital data stream.
Standard
Codec
Security Domain
Pointer

19. A list of team members and/or key players to be contacted including their backups. The list will include the necessary contact information (i.e. Home phone - pager - cell - etc.) And in most cases be considered confidential.
Covert Channel
Contact List
Territoriality
Failure Modes and Effect Analysis (FEMA)

20. Memory management technique which allows data to be moved from one memory address to another
Relocation
Change Control
Convincing
Stopped

21. A risk assessment method - measurable real money cost
Radio Frequency Interference (RFI)
Business Unit Recovery
Quantitative
SQL Injection

22. An availability attack - to consume resources to the point of exhaustion
Cross Training
Denial Of Service
Multi-Party Control
Detection

23. System of law based upon what is good for society
Multi-Tasking
Integrated Test
Civil Or Code Law
Education

24. A device that converts between digital and analog representation of data.
Orange Book D Classification
Modems
File Level Deletion
Polymorphism

25. Moving the alphabet intact a certain number spaces
Shift Cipher (Caesar)
Confidence Value
Shadowing (file shadowing)
Desk Check Test

26. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)
Concentrator
Total Risk
Declaration
Orange Book A Classification

27. Computing power will double every 18 months

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

28. A value an organization places on an IDS based on past performance and analysis to help determine its ability to effectively identify an attack
Protection
Keyed-Hashing For Message Authentication
Confidence Value
Smurf

29. Those who initiate the attack
Mandatory
Faraday Cage/ Shield
Marking
Threat Agent

30. A set of best practices for programmers to seek in all application or data base design: Atomicity - Consistency - Isolation - Durability
Overlapping Fragment Attack
Dictionary Attack
Call Tree
The ACID Test

31. Descrambling the encrypted message with the corresponding key
Safeguard
Decipher
Highly Confidential
Information Technology Security Evaluation Criteria - ITSEC

32. Autonomous malware that requires a flaw in a service
Worm
Spiral
Deadlock
Highly Confidential

33. Intellectual property protection for an invention
Patent
Compensating
Trapdoors (Backdoors) (Maintenance Hooks)
Call Tree

34. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

35. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.
Business Continuity Program
Orange Book B1 Classification
Non-Repudiation
Mobile Site

36. A program with an inappropriate second purpose
TCSEC (Orange Book)
State Machine Model
Attacker (Black hat - Hacker)
Trojan Horse

37. To create a copy of data as a precaution against the loss or damage of the original data.
Backup
Crisis
Centralized Access Control Technologies
Process Isolation

38. Intellectual property protection for marketing efforts
Trademark
Noise
Deletion
Operational Impact Analysis

39. A planned or unplanned interruption in system availability.
Spam
Deleted File
Vital Record
System Downtime

40. Object reuse protection and auditing
Privacy Laws
Kerberos
Orange Book C2 Classification
Deletion

41. The collection and summation of risk data relating to a particular asset and controls for that asset
Protection
Risk Assessment
Reference Monitor
Inheritance

42. Natural occurrence in circuits that are in close proximity
MOM
Interference (Noise)
Education
Recovery Period

43. Abstract and mathematical in nature - defining all possible states - transitions and operations
Information Risk Management (IRM)
State Machine Model
Watermarking
Blackout

44. The time period between a disaster and a return to normal functions - during which the disaster recovery plan is employed.
Digital Certificate
Data Dictionary
Recovery Period
Instance

45. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.
Forward Recovery
Security Domain
Central Processing Unit (CPU)
3 Types of harm Addressed in computer crime laws

46. Program instructions based upon the CPU's specific architecture
Metadata
Emergency
Deadlock
Machine Language (Machine Code)

47. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)
Intrusion Prevention Systems
Corrective
EMI
Interception

48. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists
Mirroring
Hacker
Business Records
Isolation

49. Just enough access to do the job
Data Marts
Least Privilege
Private Branch Exchange (PBX)
UPS

50. The hard drive
Elements of Negligence
Firewalls
Directive
Secondary Storage