SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Renders the file inaccessible to the operating system - available to reuse for data storage.
Redundant Servers
Hijacking
File Level Deletion
Bridge
2. A planned or unplanned interruption in system availability.
Structured Walkthrough
Protection
Slack Space
System Downtime
3. A physical enclosure for verifying identity before entry to a facility
Simulation Test
ISO/IEC 27001
Mantrap (Double Door System)
Distributed Processing
4. Mitigate damage by isolating compromised systems from the network.
Metadata
Business Impact Analysis
Containment
Operational Impact Analysis
5. Motive - opportunity - and means; when looking for suspects it is important to consider these 3 things
MOM
False Negative
Fault Tolerance
Hijacking
6. System directed mediation of access with labels
Operational Exercise
Mandatory
Fiber Optics
Keystroke Logging
7. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.
Test Plan
Business Interruption
Supervisor Mode (monitor - system - privileged)
Centralized Access Control Technologies
8. Weakness or flaw in an asset
Preemptive
Operational
Total Risk
Vulnerability
9. Uses two or more legal systems
Aggregation
Reciprocal Agreement
Reference Monitor
Mixed Law System
10. Computing power will double every 18 months
11. Memory management technique which allows data to be moved from one memory address to another
Relocation
Education
False (False Positive)
Simulation
12. Dedicated fast memory located on the same board as the CPU
Worldwide Interoperability for Microwave Access (WI-MAX )
Proprietary
CPU Cache
Disaster Recovery Plan
13. Recovery alternative which includes cold site and some equipment and infrastructure is available
Labeling
Sequence Attacks
Sniffing
Warm Site
14. To load the first piece of software that starts a computer.
Business Continuity Steering Committee
Boot (V.)
Patch Management
Firmware
15. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.
Orange Book B2 Classification
ITSEC
Electronic Vaulting
Access Control Attacks
16. Unsolicited commercial email
Spam
Technical Access Controls
Patch Management
Business Recovery Timeline
17. A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the security policy
Permutation /Transposition
Crisis
SQL Injection
One Time Pad
18. With enough computing power trying all possible combinations
State Machine Model
Maximum Tolerable Downtime (MTD)
Brute Force
Collisions
19. Recording activities at the keyboard level
Keystroke Logging
The ACID Test
Failure Modes and Effect Analysis (FEMA)
Business Impact Analysis
20. Program that inappropriately collects private data or activity
Evidence
Spyware
Digital Signature
Computer Forensics
21. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.
Hot Site
Pervasive Computing and Mobile Computing Devices
Twisted Pair
Wireless Fidelity (Wi-Fi )
22. A one way - directed graph which indicates confidentiality or integrity flow
Strong Authentication
Wait
Lattice
Method
23. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements
TNI (Red Book)
Data Diddler
Kerckhoff's Principle
Alarm Filtering
24. Tool which mediates access
Multi-Processor
Control
Entrapment
Site Policy Awareness
25. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.
One Time Pad
Rootkit
Evidence
Isolation
26. One method of exercising teams in which participants are challenged to determine the actions they would take in the event of a specific disaster scenario. Mock disasters usually involve all - or most - of the applicable teams.
Rogue Access Points
Mock Disaster
Object
Intrusion Detection Systems
27. A electronic attestation of identity by a certificate authority
Locard's Principle
Capability Tables
Identification
Digital Certificate
28. Define the way in which the organization operates.
Event
Proprietary
Criminal Law
Dictionary Attack
29. Server optimized for providing file-based data storage to the network. Unlike a File Server - a NAS unit has no input or output devices - and the OS is dedicated for providing storage services.
Network Attached Storage (NAS)
Data Backup Strategies
Multi-Processing
Atomicity
30. Used to code/decode a digital data stream.
Codec
War Dialing
Mock Disaster
Operational
31. Vehicle stopping object
Accountability
Byte Level Deletion
IDS Intrusion Detection System
Bollard
32. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.
Common Criteria
Data Backup Strategies
Hacker
Voice Over IP (VOIP)
33. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.
Redundant Servers
Exposure
Quantitative Risk Analysis
File Extension
34. Intellectual property protection for the expression of an idea
Copyright
Maximum Tolerable Downtime (MTD)
Slack Space
Detection
35. Written step-by-step actions
Distributed Denial Of Service
Remanence
Checklist Test
Procedure
36. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.
Data Backups
Strategic
False (False Positive)
Backup
37. Pertaining to law - lending it self to one side of an argument
Convincing
Virtual Memory
Security Kernel
Radio Frequency Interference (RFI)
38. Control category- to restore to a previous state by removing the adversary and or the results of their actions
5 Rules Of Evidence
Architecture
Workaround Procedures
Corrective
39. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.
HTTP Response Splitting
Standalone Test
Metadata
Durability
40. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.
Bit
Fiber Optics
Bollard
Multi-Processor
41. Another subject cannot see an ongoing or pending update until it is complete
Isolation
Administrative Access Controls
Infrastructure
Machine Language (Machine Code)
42. Object based description of a system or a collection of resources
Access Control Matrix
Checkpoint
Directive
Emergency
43. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code
Information Technology Security Evaluation Criteria - ITSEC
Surge
Alert/Alarm
3 Types of harm Addressed in computer crime laws
44. Induces a crime - tricks a person - and is illegal
Investigation
Entrapment
Encapsulation
Byte
45. One of the key benefits of a network is the ability to share files stored on the server among several users.
Education
Accurate
File Sharing
Residual Data
46. One entity with two competing allegiances
Containment
Polymorphism
Digital Signature
Conflict Of Interest
47. Of a system without prior knowledge by the tester or the tested
Encapsulation
Test Plan
Mock Disaster
Double Blind Testing
48. Potentially retrievable data residue that remains following intended erasure of data.
Remanence
Accreditation
Activation
Sniffing
49. A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources (e.e workaround procedures - alternate work area - etc.)
Distributed Processing
Redundant Servers
Open Mail Relay Servers
Contingency Plan
50. A collection of data or information that has a name
File
Noise
Exercise
Least Privilege