SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A protocol for the efficient transmission of voice over the Internet
Checklist Test
Watermarking
Voice Over IP (VOIP)
Computer Forensics
2. Program instructions based upon the CPU's specific architecture
Repeaters
Machine Language (Machine Code)
Interception
Permutation /Transposition
3. A BCP testing type - a test that answers the question: Can the organization replicate the business process?
Domain
Machine Language (Machine Code)
Corrective
Simulation
4. Regular operations are stopped and where processing is moved to the alternate site.
False Attack Stimulus
Protection
Full-Interruption test
Threats
5. Organized group of compromised computers
Botnet
Domain
Kerckhoff's Principle
Blind Testing
6. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor
Protection
Coaxial Cable
Enticement
File Server
7. False memory reference
Lattice
Compression
Dangling Pointer
Threats
8. Authentication protocol which only uses symmetric session keys between principals distributed by a 3rd party using different preshared symmetric keys
Identification
Kerberos
Complete
Patch Panels
9. Of a system without prior knowledge by the tester or the tested
Access Control
Operational Exercise
Common Criteria
Double Blind Testing
10. Outputs within a given function are the same result
Collisions
Waterfall
Binary
Multi-Party Control
11. Alerts personnel to the presence of a fire
Relocation
Fire Detection
File Extension
Checklist Test (desk check)
12. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources
Cross Training
Fire Detection
Workaround Procedures
System Downtime
13. A control after attack
Procedure
Machine Language (Machine Code)
Separation Of Duties
Countermeasure
14. Narrow scope examination of a system
Data Diddler
Alert/Alarm
Binary
Targeted Testing
15. Process whereby data is removed from active files and other data storage structures
Hijacking
Deletion
UPS
Analysis
16. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.
Recovery Time Objectives
Information Flow Model
Data Leakage
Interference (Noise)
17. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.
Emergency
Reciprocal Agreement
Shadowing (file shadowing)
Need-To-Know
18. Renders the file inaccessible to the operating system - available to reuse for data storage.
Modems
Fault
File Level Deletion
Private Branch Exchange (PBX)
19. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.
Investigation
Satellite
Data Hiding
Damage Assessment
20. Framework that defines goals for the controls that should be used to properly manage IT - consists of 4 domains: - Plan and Organize - - Acquire and Implement - Deliver and Support - Monitor and Evaluate
CobiT
Non-Discretionary Access Control
Structured Walkthrough
Quantitative Risk Analysis
21. Summary of a communication for the purpose of integrity
Packet Filtering
Message Digest
Secondary Storage
Residual Data
22. Most granular organization of controls
Control Category
5 Rules Of Evidence
Business Impact Assessment (BIA)
Physical Tampering
23. Pertaining to law - accepted by a court
Alarm Filtering
Generator
Admissible
Machine Language (Machine Code)
24. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.
Cryptography
Key Management
Policy
Change Control
25. A process state - to be either be unable to run waiting for an external event or terminated
Decipher
War Driving
Hot Site
Stopped
26. Initial surge of current
Dangling Pointer
Voice Over IP (VOIP)
Orange Book C2 Classification
Inrush Current
27. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.
Restoration
Cryptanalysis
Countermeasure
Plaintext
28. Organization's prior arrangements made to maintain the functions and processes important to the existence of the organization
Full Test (Full Interruption)
Concatenation
JPEG (Joint Photographic Experts Group)
Business Continuity Planning (BCP)
29. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.
Incident Manager
Call Tree
Forensic Copy
Patent
30. OOP concept of a taking attributes from the original or parent
Maximum Tolerable Downtime (MTD)
SYN Flooding
Deterrent
Inheritance
31. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.
Polyalphabetic
Multilevel Security System
Full-Interruption test
Key Management
32. To smooth out reductions or increases in power
UPS
Identification
Due Care
Method
33. An availability attack - to consume resources to the point of exhaustion from multiple vectors
Distributed Denial Of Service
War Driving
Object Reuse
Business Interruption
34. Potentially retrievable data residue that remains following intended erasure of data.
Covert Channel
Remanence
Object Oriented Programming (OOP)
System Life Cycle
35. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)
Kerckhoff's Principle
Full-Interruption test
Encipher
Interception
36. Recovery alternative - a building only with sufficient power - and HVAC
Classification Scheme
Alarm Filtering
Administrative Laws
Cold Site
37. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions
Hot Spares
Resumption
Patent
Digital Signature
38. Reduces causes of fire
Threads
Forward Recovery
Encryption
Fire Prevention
39. Moving letters around
Corrective
Permutation /Transposition
Fire Detection
Capability Tables
40. A structured group of teams ready to take control of the recovery operations if a disaster should occur.
Activation
Sequence Attacks
Cipher Text
Disaster Recovery Teams (Business Recovery Teams)
41. Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization - community - nation - etc
Critical Infrastructure
Malformed Input
Symmetric
Remote Journaling
42. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions
Orange Book D Classification
Relocation
Databases
Containment
43. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.
Threats
Multilevel Security System
Risk Assessment / Analysis
Databases
44. Natural occurrence in circuits that are in close proximity
Access Control Matrix
Operational Test
Framework
Interference (Noise)
45. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.
Public Key Infrastructure (PKI)
Critical Records
Copyright
Mock Disaster
46. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.
Pervasive Computing and Mobile Computing Devices
Identification
Twisted Pair
Security Clearance
47. A electronic attestation of identity by a certificate authority
Primary Storage
Digital Certificate
Business Continuity Planning (BCP)
Risk Mitigation
48. Unused storage capacity
Common Law
Boot (V.)
Moore's Law
Slack Space
49. The risk that remains after management implements internal controls - or some other response to risk - (Threats x Vulnerability x Asset Value) x Controls Gap = Residual Risk
Residual Risk
Security Domain
Certificate Revocation List (CRL)
Monitor
50. Information about a particular data set
Marking
Metadata
Trade Secret
Trojan Horse