SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A codename that refers to the study and mitigation of information disclosure via electromagnetic emanations from electronic equipment.
Emergency Procedures
Layering
TEMPEST
Call Tree
2. Responsibility for actions
Threads
Data Integrity
Liability
Strong Authentication
3. Collection of data on business functions which determines the strategy of resiliency
Key Escrow
One Time Pad
Business Impact Assessment (BIA)
Orange Book D Classification
4. Responsibility of a user for the actions taken by their account which requires unique identification
Entrapment
Accountability
Radio Frequency Interference (RFI)
Trusted Computing Base
5. Amount of time for restoring a business process or function to normal operations without major loss
Picking
Maximum Tolerable Downtime (MTD)
Layering
Incident Response Team
6. A BCP testing type - a test that answers the question: Can the organization replicate the business process?
Simulation
Plan Maintenance Procedures
Virtual Memory
Non-Repudiation
7. Converts a high level language into machine language
Assembler
Administrative Access Controls
Plan Maintenance Procedures
Business Recovery Timeline
8. A condition in which neither party is willing to stop their activity for the other to complete
Operational Test
Deadlock
Compartmentalize
Computer System Evidence
9. Unused storage capacity
Confidence Value
Bridge
Slack Space
Dangling Pointer
10. Companies should have their own team - made up of ppl from management - IT leagal - HR - and public relations - security and other key areas
Incident Response Team
Forensic Copy
Brute Force
Key Escrow
11. Using many alphabets
Encryption
Polyalphabetic
Proxies
Elements of Negligence
12. A computer designed for the purpose of studying adversaries
Honeypot
Orange Book C2 Classification
Threats
Mirroring
13. A world-wide wireless technology
Application Programming Interface
Wireless Fidelity (Wi-Fi )
Processes are Isolated By
Mantrap (Double Door System)
14. A collection of information designed to reduce duplication and increase integrity
Full-Interruption test
State Machine Model
Privacy Laws
Databases
15. A set of laws that the organization agrees to be bound by
Administrative Law
Orange Book C2 Classification
Man-In-The-Middle Attack
Trusted Computing Base
16. A process state - to be either be unable to run waiting for an external event or terminated
Twisted Pair
Stopped
Sampling
Classification
17. A covert storage channel on the file attribute
Data Recovery
Alternate Data Streams (File System Forks)
Transients
Radio Frequency Interference (RFI)
18. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.
Message Digest
Data Recovery
Processes are Isolated By
Honeypot
19. The technical and risk assesment of a system within the context of the operating environment
Tort
Confidence Value
Certification
Total Risk
20. Memory management technique that allows two processes to run concurrently without interaction
Admissible
Orange Book D Classification
Integrated Test
Protection
21. Review of data
Analysis
Threats
Identification
Mission-Critical Application
22. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress
Damage Assessment
One Time Pad
True Attack Stimulus
Capability Tables
23. A type a computer memory that temporarily stores frequently used information for quick access.
Corrective
Executive Succession
Cache
Business Records
24. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.
Business Recovery Timeline
Deadlock
Accreditation
Waterfall
25. The study of cryptography and cryptanalysis
Guidelines
Cryptology
Security Kernel
Fraggle
26. Someone who wants to cause harm
Attacker (Black hat - Hacker)
Data Hiding
Multi-Processing
Business Records
27. Provides a physical cross connect point for devices.
Overlapping Fragment Attack
Database Replication
Patch Panels
TCSEC (Orange Book)
28. A device that provides the functions of both a bridge and a router.
Inference
Brouter
Labeling
Full Test (Full Interruption)
29. Policy or stated actions
Due Care
Business Impact Analysis
Eavesdropping
Cache
30. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.
Firewall
Journaling
Pointer
Hub
31. A software design technique for abstraction of a process
Data Hiding
Administrative Laws
Man-In-The-Middle Attack
Trojan Horse
32. A physical enclosure for verifying identity before entry to a facility
Mantrap (Double Door System)
Sampling
Crisis
Accreditation
33. Mediation of covert channels must be addressed
Information Flow Model
Dictionary Attack
Backup
Tapping
34. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.
Patch Management
Pointer
Fiber Optics
Adware
35. Regular operations are stopped and where processing is moved to the alternate site.
Full-Interruption test
Spyware
Safeguard
Security Clearance
36. A back up type - where the organization has excess capacity in another location.
Distributed Processing
Concatenation
Business Records
Security Blueprint
37. Recovery alternative - everything needed for the business function - except people and last backup
Hot Site
Declaration
Rollback
Activation
38. A backup of data located where staff can gain access readily and a localized disaster will not cause harm
Near Site
Watermarking
Interpreter
Labeling
39. A collection of data or information that has a name
Chain Of Custody
Deadlock
File
Crisis
40. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?
Bollard
Critical Infrastructure
Mobile Recovery
Walk Though
41. DoS - Spoofing - dictionary - brute force - wardialing
Polymorphism
User Mode (problem or program state)
Walk Though
Access Control Attacks
42. Evaluation of a system without prior knowledge by the tester
Access Control Attacks
Blind Testing
Orange Book A Classification
Alarm Filtering
43. Mitigate damage by isolating compromised systems from the network.
Information Risk Management (IRM)
Hash Function
Cryptanalysis
Containment
44. Physical description on the exterior of an object that communicates the existence of a label
Marking
Deletion
Key Escrow
Deleted File
45. Reduces causes of fire
Mandatory Access Control (MAC)
Fire Prevention
Business Records
Triage
46. A cooperative collection of business processes and technologies used for the purpose of binding individuals to a digital certificate
Spiral
Public Key Infrastructure (PKI)
Byte
Pointer
47. Most granular organization of controls
Control Category
Fragmented Data
Permutation /Transposition
Hijacking
48. Pertaining to law - lending it self to one side of an argument
Convincing
Running
Trojan Horse
Emergency Procedures
49. An unintended communication path
Pervasive Computing and Mobile Computing Devices
Multi-Party Control
Covert Channel
Slack Space
50. RADIUS - TACACS+ - Diameter
User
File Extension
Discretionary
Centralized Access Control Technologies