SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Firewalls - encryption - and access control lists
Secondary Storage
Hijacking
Examples of technical security components
Work Factor
2. Measures followed to restore critical functions following a security incident.
Binary
Plan Maintenance Procedures
Recovery
Change Control
3. A program that waits for a condition or time to occur that executes an inappropriate activity
Incident
Electronic Vaulting
Logic Bomb
Internal Use Only
4. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.
Data Owner
Decipher
Recovery
Authentication
5. Memory management technique which allows data to be moved from one memory address to another
Relocation
Cookie
Control Category
True Attack Stimulus
6. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.
Authentic
Masked/Interruptible
Spam
Uninterruptible Power Supply (UPS)
7. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.
Access Control Matrix
Standard
Processes are Isolated By
Integrated Test
8. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.
Distributed Processing
Fiber Optics
Control
Targeted Testing
9. Copies of the plan are handed out to each functional area to ensure the plan properly deals with the area's needs and vulnerabilities
Infrastructure
Confidence Value
Encapsulation
Checklist Test
10. Moving letters around
Permutation /Transposition
Ethics
Rogue Access Points
Entrapment
11. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.
Electronic Vaulting
ISO/IEC 27002
Rollback
ITSEC
12. A Denial of Service attack that exploits packet filter firewalls that only inspect the initial fragment of a fragmented packet.
Residual Risk
Shadowing (file shadowing)
Tapping
Overlapping Fragment Attack
13. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.
Stopped
Change Control
Hacker
Information Risk Management (IRM)
14. To reduce sudden rises in current
Alert/Alarm
Surge Suppressor
Forensic Copy
Code
15. A running key using a random key that is never used again
Recovery
One Time Pad
Rogue Access Points
Access Control Lists
16. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.
Brownout
Total Risk
Access Control
Orange Book A Classification
17. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.
Residual Data
Kerckhoff's Principle
File Level Deletion
Electronic Vaulting
18. Object based description of a single resource and the permission each subject
BCP Testing Drills and Exercises
Civil Law
Access Control Lists
Simulation
19. A test conducted on multiple components of a plan - in conjunction with each other - typically under simulated operating conditions
Transfer
Integrated Test
Mandatory
Data Hiding
20. An activity that is performed for the purpose of training and conditioning team members - and improving their performance.
Exercise
Application Programming Interface
Crisis
Wireless Fidelity (Wi-Fi )
21. Some systems are actually run at the alternate site
Threats
Parallel Test
Fiber Optics
Containment
22. The chance that something negative will occur
Capability Tables
Directive
Accreditation
Risk
23. The event signaling an IDS to produce an alarm when no attack has taken place
Critical Functions
False Attack Stimulus
Consistency
Residual Data
24. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).
Compression
Repeaters
Copyright
Source Routing Exploitation
25. Subject based description of a system or a collection of resources
Spam
Entrapment
Capability Tables
Mock Disaster
26. Descrambling the encrypted message with the corresponding key
Moore's Law
Decipher
Buffer Overflow
On-Site
27. A BCP testing type - a test that answers the question: Can the organization operate at the alternate location only?
Full Test (Full Interruption)
Mandatory Vacations
Interception
Burn
28. Planning with a goal of returning to the normal business function
Codec
Admissible
Restoration
ISO/IEC 27001
29. Heavily populated areas - particularly susceptible to high-intensity earthquakes - floods - tsunamis - or other disasters - for which emergency response may be necessary in the event of a disaster.
Cipher Text
Cross-Site Scripting
Firmware
High-Risk Areas
30. A shield against leakage of electromagnetic signals.
Faraday Cage/ Shield
Steganography
Recovery
Business Records
31. Communication of a security incident to stakeholders and data owners.
Notification
ISO/IEC 27002
Non-Discretionary Access Control
IP Fragmentation
32. Information that - if made public or even shared around the organization - could seriously impede the organization's operations
Call Tree
Highly Confidential
SQL Injection
Conflict Of Interest
33. A form of data hiding which protects running threads of execution from using each other's memory
Recovery Strategy
Process Isolation
Investigation
Territoriality
34. Code making
Reciprocal Agreement
Cryptography
Bollard
Marking
35. Intermediate level - pertaining to planning
Orange Book D Classification
Identification
Operational
Hacker
36. People protect their domain
Stopped
Territoriality
Brownout
Steganography
37. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid
False Negative
Civil Law
Denial Of Service
Cross Certification
38. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.
Honeynet
Forward Recovery
Shift Cipher (Caesar)
Log
39. The principles a person sets for themselves to follow
Fire Suppression
Record Level Deletion
Ethics
Prevention
40. Third party processes used to organize the implementation of an architecture
Fiber Optics
Layering
Distributed Processing
Framework
41. The current internationally accepted set of standards and processes for information security products evaluation and assurance - which joins function and assurance requirements
Moore's Law
One Time Pad
Common Criteria
Data Warehouse
42. Reduces causes of fire
Recovery Period
Machine Language (Machine Code)
Corrective
Fire Prevention
43. One entity with two competing allegiances
Coaxial Cable
Conflict Of Interest
Non-Interference
Metadata
44. A template for the designing the architecture
Security Blueprint
Mobile Site
Mirrored Site
Attacker (Black hat - Hacker)
45. Converts a high level language into machine language
Trusted Computing Base
Mitigate
Assembler
Data Backups
46. Converts source code to an executable
Electronic Vaulting
E-Mail Spoofing
Adware
Compiler
47. OOP concept of an object at runtime
Common Law
Instance
Fraggle
Distributed Denial Of Service
48. A comprehensive set of controls comprising best practices in information security and provides guidelines on how to set up and maintain security programs.
Control Category
Uninterruptible Power Supply (UPS)
ISO/IEC 27002
Directive
49. A trusted issuer of digital certificates
Certification Authority
Site Policy
Packet Filtering
Data Backups
50. Wrong against society
Copyright
Codec
Site Policy
Criminal Law
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests