SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Intellectual property protection for the expression of an idea
Asymmetric
Resumption
Site Policy Awareness
Copyright
2. A system designed to prevent unauthorized access to or from a private network.
Record Level Deletion
Polymorphism
Firewall
Certificate Revocation List (CRL)
3. People who interact with assets
Denial Of Service
User
Civil Or Code Law
Administrative
4. Measures followed to restore critical functions following a security incident.
Recovery
Activation
Access Control Matrix
Multilevel Security System
5. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?
Legacy Data
Architecture
Content Dependent Access Control
Walk Though
6. Wrong against society
Criminal Law
Secondary Storage
Call Tree
Total Risk
7. Lower frequency noise
Packet Filtering
Record Level Deletion
Radio Frequency Interference (RFI)
Cold Site
8. A mobilized resource purchased or contracted for the purpose of business recovery.
Mobile Recovery
Accountability
Threads
MOM
9. Actions measured against either a policy or what a reasonable person would do
Due Diligence
Overlapping Fragment Attack
Inference
Boot (V.)
10. Mitigation of system or component loss or interruption through use of backup capability.
Tracking
Alternate Data Streams (File System Forks)
Alert
Fault Tolerance
11. A risk assessment method - intrinsic value
Keystroke Logging
Qualitative
Concatenation
Elements of Negligence
12. System mediation of access with the focus on the context of the request
Content Dependent Access Control
Education
Surge
Data Recovery
13. A mail server that improperly allows inbound SMTP connections for domains it does not serve.
Open Mail Relay Servers
Tracking
Admissible
Safeguard
14. Vehicle stopping object
Cold Site
War Driving
Data Backup Strategies
Bollard
15. A process state - to be executing a process on the CPU
Running
ISO/IEC 27001
Primary Storage
Multi-Processing
16. An alert or alarm that is triggered when no actual attack has taken place
False (False Positive)
Adware
Checklist Test
Double Blind Testing
17. Object based description of a single resource and the permission each subject
Open Mail Relay Servers
Fiber Optics
Access Control Lists
Tracking
18. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.
Structured Walkthrough
Alarm Filtering
Chain Of Custody
Full Test (Full Interruption)
19. A backup of data located where staff can gain access readily and a localized disaster will not cause harm
Moore's Law
Surveillance
Near Site
Substitution
20. Small data warehouse
Strong Authentication
Data Marts
Birthday Attack
Orange Book B1 Classification
21. Communicate to stakeholders
Digital Signature
Debriefing/Feedback
Tactical
Proxies
22. Unauthorized access of network devices.
Discretionary
Physical Tampering
Accountability
Message Digest
23. Summary of a communication for the purpose of integrity
Cryptography
Message Digest
Orange Book B1 Classification
Authentic
24. Renders the file inaccessible to the operating system - available to reuse for data storage.
File Level Deletion
Risk Assessment
Spiral
Electronic Vaulting
25. Pertaining to law - high degree of veracity
Class
Business Continuity Steering Committee
Accurate
Infrastructure
26. A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the security policy
Disaster Recovery Plan
SQL Injection
Non-Interference
Encryption
27. A choice in risk management - to convince another to assume risk - typically by payment
Degauss
Transfer
Guidelines
Patent
28. Searching for wireless networks in a moving car.
Confidence Value
War Driving
Checklist Test (desk check)
Content Dependent Access Control
29. A risk assessment method - measurable real money cost
Tracking
Quantitative
Test Plan
Watermarking
30. A technology that reduces the size of a file.
Compression
Transients
Honeynet
The ACID Test
31. An availability attack - to consume resources to the point of exhaustion
Message Digest
Denial Of Service
Distributed Processing
Fault Tolerance
32. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.
Inference
War Dialing
Covert Channel
False Attack Stimulus
33. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive
Activation
3 Types of harm Addressed in computer crime laws
Emergency
Virtual Memory
34. Regular operations are stopped and where processing is moved to the alternate site.
Entrapment
Domain
Full-Interruption test
Hearsay
35. A unit of execution
Data Recovery
Inheritance
Threads
Spyware
36. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.
Coaxial Cable
Processes are Isolated By
Business Records
Threads
37. With enough computing power trying all possible combinations
Picking
Debriefing/Feedback
Brute Force
Recovery
38. Information about data or records
Virus
Relocation
Packet Filtering
Metadata
39. Consume resources to a point of exhaustion - loss of availability
Denial Of Service
Operational Exercise
Repeaters
Restoration
40. Control category - more than one control on a single asset
Virtual Memory
Multi-Processing
Copyright
Compensating
41. An opportunity for a threat to cause loss. (terminology that encompasses many recent risk terms)
Site Policy
Exposure
The ACID Test
Modification
42. Subject based description of a system or a collection of resources
ff Site
Business Continuity Program
Distributed Processing
Capability Tables
43. A world-wide wireless technology
Mitigate
Information Technology Security Evaluation Criteria - ITSEC
Wireless Fidelity (Wi-Fi )
Cryptanalysis
44. Review of data
Multi-Party Control
UPS
Criminal Law
Analysis
45. An individuals conduct that violates government laws developed to protect the public
Metadata
Business Continuity Planning (BCP)
Criminal Law
Polymorphism
46. Encryption system using shared key/private key/single key/secret key
Key Space
Incident
Symmetric
Accountability
47. What is will remain - persistence
Threat Agent
Multi-Tasking
Durability
Vulnerability
48. A layer 2 device that used to connect two or more network segments and regulate traffic.
Attacker (Black hat - Hacker)
The ACID Test
Switches
Exercise
49. The partial or full duplication of data from a source database to one or more destination databases.
Denial Of Service
Database Replication
Emanations
Threats
50. To set the clearance of a subject or the classification of an object
Labeling
Blind Testing
Data Marts
Electromagnetic Interference (EMI)
