SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Certified Information Systems Security Professional
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Interception of a communication session by an attacker.
Hijacking
Marking
Kernel
Liability
2. Dedicated fast memory located on the same board as the CPU
Business Records
CPU Cache
Cipher Text
Operational
3. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.
Data Diddler
Authentication
System Life Cycle
Pointer
4. A risk assessment method - intrinsic value
Total Risk
Disaster Recovery Plan
Qualitative
Fragmented Data
5. To reduce fire
Fire Suppression
Honeynet
Incident Manager
Admissible
6. Process whereby data is removed from active files and other data storage structures
Mantrap (Double Door System)
Security Kernel
Warm Site
Deletion
7. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.
Information Owner
Spam
Strong Authentication
Business Interruption Insurance
8. Methodical research of an incident with the purpose of finding the root cause
Job Training
Primary Storage
Investigation
Proxies
9. Potential danger to information or systems
Investigation
Cryptology
Declaration
Threats
10. Less granular organization of controls -
Locard's Principle
SQL Injection
Cross Training
Control Type
11. To smooth out reductions or increases in power
Spyware
Content Dependent Access Control
Blind Testing
UPS
12. Subject based description of a system or a collection of resources
Copyright
Business Unit Recovery
Capability Tables
Network Attached Storage (NAS)
13. Specific format of technical and physical controls that support the chosen framework and the architecture
Patent
IDS Intrusion Detection System
Infrastructure
Walk Though
14. The level and label given to an individual for the purpose of compartmentalization
Multi-Programming
Certification Authority
Compensating
Security Clearance
15. Guidelines within an organization that control the rules and configurations of an IDS
Plain Text
Site Policy
Liability
Tracking
16. Intellectual property protection for marketing efforts
Trademark
Recovery
Enticement
Containment
17. A mail server that improperly allows inbound SMTP connections for domains it does not serve.
Firewalls
Data Leakage
Open Mail Relay Servers
Twisted Pair
18. Abstract and mathematical in nature - defining all possible states - transitions and operations
MOM
State Machine Model
Databases
Common Criteria
19. To know more than one job
Cross Training
Business Unit Recovery
Denial Of Service
Backup
20. OOP concept of an object at runtime
Rogue Access Points
Full Test (Full Interruption)
TEMPEST
Instance
21. Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.
Multi-Party Control
Fragmented Data
Certificate Revocation List (CRL)
Deterrent
22. Unused storage capacity
Atomicity
Common Criteria
Slack Space
Sequence Attacks
23. Real-time data backup ( Data Mirroring)
Total Risk
Kernel
Call Tree
Database Shadowing
24. Implementation of measures to deter specific threats to the continuity of business operations - and/or respond to any occurrence of such threats in a timely and appropriate manner.
Risk Mitigation
Common Law
Deletion
Ethics
25. Return to a normal state
Recovery
Labeling
System Downtime
Reference Monitor
26. Continuous surveillance - to provide for detection and response of any failure in preventive controls.
Denial Of Service
Monitor
Containment
Radio Frequency Interference (RFI)
27. Process of statistically testing a data set for the likelihood of relevant information.
Warm Site
Data Dictionary
Sampling
Threat Agent
28. Eavesdropping on network communications by a third party.
Tapping
Hub
Polymorphism
Bridge
29. Program instructions based upon the CPU's specific architecture
Backup
Business Continuity Program
Surge Suppressor
Machine Language (Machine Code)
30. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity
Alternate Data Streams (File System Forks)
Site Policy Awareness
Restoration
Class
31. A type of multitasking that allows for more even distribution of computing time among competing request
Preemptive
True Attack Stimulus
Decipher
Resumption
32. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.
Process Isolation
Object Oriented Programming (OOP)
Fraggle
Technical Access Controls
33. Statistical probabilities of a collision are more likely than one thinks
Birthday Attack
Crisis
Authorization
Disaster Recovery Plan
34. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.
Examples of technical security components
Classification
Ring Protection
Strategic
35. A collection of data or information that has a name
Near Site
File
Operational Exercise
Interpreter
36. Communicate to stakeholders
Debriefing/Feedback
Forward Recovery
Object Oriented Programming (OOP)
2-Phase Commit
37. The managerial approval to operate a system based upon knowledge of risk to operate
Accreditation
Asymmetric
Side Channel Attack
Patent
38. Deals with discretionary protection
Primary Storage
Orange Book C Classification
Business Impact Analysis
Restoration
39. Object based description of a system or a collection of resources
Access Control Matrix
Symmetric
Worldwide Interoperability for Microwave Access (WI-MAX )
Integrated Test
40. Standard for the establishment - implementation - control - and improvement of the Information Security Management System
Bumping
ISO/IEC 27001
3 Types of harm Addressed in computer crime laws
Metadata
41. Heavily populated areas - particularly susceptible to high-intensity earthquakes - floods - tsunamis - or other disasters - for which emergency response may be necessary in the event of a disaster.
Eavesdropping
High-Risk Areas
Access Control Attacks
Administrative Law
42. Real-time - automatic and transparent backup of data.
Quantitative Risk Analysis
Remote Journaling
Data Integrity
Modification
43. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.
Technical Access Controls
Discretionary Access Control (DAC)
Teardrop
Standalone Test
44. A system designed to prevent unauthorized access to or from a private network.
Hearsay
ISO/IEC 27002
Firewall
Due Care
45. Responsibility of a user for the actions taken by their account which requires unique identification
Accountability
Electronic Vaulting
Alternate Site
Labeling
46. Natural occurrence in circuits that are in close proximity
Interference (Noise)
Orange Book C2 Classification
Data Integrity
File Level Deletion
47. Mitigation of system or component loss or interruption through use of backup capability.
Worm
Codec
Detective
Fault Tolerance
48. A list of team members and/or key players to be contacted including their backups. The list will include the necessary contact information (i.e. Home phone - pager - cell - etc.) And in most cases be considered confidential.
Contact List
Mandatory Access Control (MAC)
Emergency Procedures
Method
49. An encryption method that has a key as long as the message
Wait
Running Key
Coaxial Cable
Integrated Test
50. An unintended communication path
Analysis
Acronym for American Standard Code for Information Interchange (ASCII)
Covert Channel
Cache
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests
