SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Interception of a communication session by an attacker.
Hijacking
Kerckhoff's Principle
Notification
Stopped
2. A control before attack
Safeguard
Exercise
Disaster Recovery Tape
ff Site
3. A committee of decision makers - business owners - technology experts and continuity professionals - tasked with making strategic recovery and continuity planning decisions for the organization.
Side Channel Attack
IP Fragmentation
Business Continuity Steering Committee
Packet Filtering
4. A comprehensive set of controls comprising best practices in information security and provides guidelines on how to set up and maintain security programs.
Information Technology Security Evaluation Criteria - ITSEC
Mission-Critical Application
ISO/IEC 27002
Integrated Test
5. Third party processes used to organize the implementation of an architecture
Alternate Site
Sequence Attacks
Cryptovariable
Framework
6. The principles a person sets for themselves to follow
Checksum
Replication
Recovery
Ethics
7. Physical description on the exterior of an object that communicates the existence of a label
Repeaters
Residual Risk
Remanence
Marking
8. A test that answers the questions: Does the organization have the documentation it needs? Can it be located?
Business Continuity Program
Phishing
Packet Filtering
Checklist Test (desk check)
9. The first rating that requires security labels
Due Care
Orange Book B1 Classification
Encipher
Data Hiding
10. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.
Data Backup Strategies
Open Mail Relay Servers
State Machine Model
ITSEC
11. Information that - if made public or even shared around the organization - could seriously impede the organization's operations
Radio Frequency Interference (RFI)
Data Dictionary
Highly Confidential
Revocation
12. Forging of an IP address.
Physical Tampering
IP Address Spoofing
Resumption
Risk Assessment / Analysis
13. A shield against leakage of electromagnetic signals.
Embedded Systems
Structured Walk-Through Test
Data Warehouse
Faraday Cage/ Shield
14. A database that contains the name - type - range of values - source and authorization for access for each data element
Control
Complete
Data Dictionary
Teardrop
15. A backup of data located where staff can gain access readily and a localized disaster will not cause harm
Near Site
Civil Or Code Law
Crisis
Mobile Site
16. Server optimized for providing file-based data storage to the network. Unlike a File Server - a NAS unit has no input or output devices - and the OS is dedicated for providing storage services.
Analysis
Network Attached Storage (NAS)
SYN Flooding
Cryptanalysis
17. An unintended communication path
Data Dictionary
Covert Channel
Simulation
Hijacking
18. People who interact with assets
Spiral
User
Certificate Revocation List (CRL)
Security Domain
19. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.
Content Dependent Access Control
Sampling
Tar Pits
Smurf
20. Motive - opportunity - and means; when looking for suspects it is important to consider these 3 things
Hearsay
Dangling Pointer
Cryptanalysis
MOM
21. Vehicle stopping object
Bollard
Multi-Processing
Initialization Vector
Mandatory Vacations
22. False memory reference
Bollard
Hard Disk
Dangling Pointer
Residual Data
23. A hash that has been further encrypted with a symmetric algorithm
Keyed-Hashing For Message Authentication
Criminal Law
Off-Site Storage
Contact List
24. An availability attack - to consume resources to the point of exhaustion from multiple vectors
Deadlock
Distributed Denial Of Service
Replication
E-Mail Spoofing
25. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code
Reference Monitor
Noise
3 Types of harm Addressed in computer crime laws
Common Criteria
26. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.
Full Test (Full Interruption)
Data Owner
Key Management
Rollback
27. Something that happened
Electronic Vaulting
Education
Event
Packet Filtering
28. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.
Payload
Reciprocal Agreement
Disk Mirroring
Strong Authentication
29. Small data files written to a user's hard drive by a web server.
Transfer
Bridge
Kernel
Cookie
30. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.
Masquerading
Plain Text
Asymmetric
Classification
31. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems
Relocation
Acronym for American Standard Code for Information Interchange (ASCII)
MOM
Backup
32. A covert storage channel on the file attribute
Wireless Fidelity (Wi-Fi )
Alternate Data Streams (File System Forks)
Copyright
Investigation
33. Written suggestions that direct choice to a few alternatives
Business Impact Assessment (BIA)
Covert Channel
Phishing
Guidelines
34. Control category- to record an adversary's actions
Detective
Digital Signature
Fire Suppression
Shadowing (file shadowing)
35. Uncheck data input which results in redirection
Collisions
Critical Functions
HTTP Response Splitting
Operational Test
36. Information about a particular data set
Database Replication
Binary
Metadata
2-Phase Commit
37. A documented battle plan for coordinating response to incidents.
Locard's Principle
Desk Check Test
Incident Handling
Botnet
38. The document that defines the resources - actions - tasks and data required to manage the business recovery process in the event of a business interruption within the stated disaster recovery goals.
Symmetric
Man-In-The-Middle Attack
Disaster Recovery Plan
Code
39. A running key using a random key that is never used again
Virus
Bollard
One Time Pad
Emanations
40. System of law based upon precedence - with major divisions of criminal - tort - and administrative
Alert
Risk Mitigation
Common Law
Walk Though
41. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.
Off-Site Storage
Codec
Critical Records
Boot (V.)
42. Power surge
Risk
Fragmented Data
Information Owner
Electrostatic Discharge
43. Objects or programming that looks the different but act same
Administrative Laws
Ethics
Digital Certificate
Polymorphism
44. A set of laws that the organization agrees to be bound by
Monitor
Incident Response
Locard's Principle
Administrative Law
45. A programming device use in development to circumvent controls
Business Interruption Insurance
Trapdoors (Backdoors) (Maintenance Hooks)
Class
Access Control
46. A technology that reduces the size of a file.
Compression
Compensating
Simulation
Hot Spares
47. Prolonged loss of commercial power
Criminal Law
Initialization Vector
Digital Signature
Blackout
48. Object based description of a single resource and the permission each subject
Access Control Lists
Trojan Horse
Interpreter
Cross-Site Scripting
49. OOP concept of a distinct copy of the class
Plan Maintenance Procedures
Incident Response
Examples of technical security components
Object
50. Malware that makes many small changes over time to a single data point or system
Computer Forensics
Durability
Threats
Salami
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests