Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Unsolicited advertising software
Business Recovery Team
Monitor
Recovery Period
Adware

2. The partial or full duplication of data from a source database to one or more destination databases.
Identification
Database Replication
Machine Language (Machine Code)
Triage

3. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.
Compiler
Accreditation
Rogue Access Points
Data Leakage

4. To assert or claim credentialing to an authentication system
Cross Training
Trojan Horse
Identification
Radio Frequency Interference (RFI)

5. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.
Time Of Check/Time Of Use
Byte Level Deletion
War Dialing
Detection

6. Converts a high level language into machine language
Accreditation
Exercise
Fire Prevention
Assembler

7. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.
ISO/IEC 27001
Redundant Servers
Discretionary Access Control (DAC)
Civil Or Code Law

8. Standard for the establishment - implementation - control - and improvement of the Information Security Management System
Assembler
Total Risk
Emergency Operations Center (EOC)
ISO/IEC 27001

9. A documented battle plan for coordinating response to incidents.
Emanations
2-Phase Commit
Incident Handling
War Dialing

10. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.
Burn
Trojan Horse
File Server
Mirroring

11. Converts source code to an executable
Class
Data Leakage
Compiler
Due Diligence

12. Calculation encompassing threats - vulnerabilities and assets
Total Risk
Full-Interruption test
Honeypot
Prevention

13. Responsibility for actions
Teardrop
Plain Text
Recovery
Liability

14. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.
Data Backup Strategies
Physical Tampering
Firewalls
Orange Book A Classification

15. An attack that breaks up malicious code into fragments - in an attempt to elude detection.
Inference
Convincing
Access Control Attacks
IP Fragmentation

16. System mediation of access with the focus on the context of the request
Cryptography
Wireless Fidelity (Wi-Fi )
Disk Mirroring
Content Dependent Access Control

17. A one way - directed graph which indicates confidentiality or integrity flow
Codec
Fire Classes
Lattice
Rogue Access Points

18. An alert or alarm that is triggered when no actual attack has taken place
False (False Positive)
Workaround Procedures
Simulation Test
Intrusion Detection Systems

19. OOP concept of a template that consist of attributes and behaviors
Discretionary Access Control (DAC)
Class
Qualitative
Maximum Tolerable Downtime (MTD)

20. Method for determine functions - identifying function failure - assessing it - and were failure is most likely to occur
Detection
Failure Modes and Effect Analysis (FEMA)
Standard
Hacker

21. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.
Initialization Vector
Asymmetric
Governance
Masked/Interruptible

22. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)
Security Clearance
Interception
Work Factor
Job Training

23. Property that data is represented in the same manner at all times
Active Data
Routers
Key Management
Consistency

24. A state for operating system tasks only
Supervisor Mode (monitor - system - privileged)
Protection
Life Cycle of Evidence
Mirrored Site

25. Guidelines within an organization that control the rules and configurations of an IDS
Site Policy
Mirrored Site
Corrective
SQL Injection

26. A risk assessment method - measurable real money cost
Capability Tables
Triage
Quantitative
Distributed Processing

27. A telephone exchange for a specific office or business.
Quantitative Risk Analysis
Pointer
Private Branch Exchange (PBX)
Cryptography

28. Potential danger to information or systems
Least Privilege
Threats
Rootkit
Moore's Law

29. To break a business process into separate functions and assign to different people
Database Shadowing
Separation Of Duties
Compiler
Threats

30. Descrambling the encrypted message with the corresponding key
Waterfall
Repeaters
Decipher
Information Technology Security Evaluation Criteria - ITSEC

31. A type a computer memory that temporarily stores frequently used information for quick access.
Prevention
Hub
Cache
Shift Cipher (Caesar)

32. Line by line translation from a high level language to machine code
Ethics
Key Space
Interpreter
Call Tree

33. Recovery alternative - everything needed for the business function - except people and last backup
Hot Site
Code
Intrusion Prevention Systems
Mobile Site

34. A collection of data or information that has a name
Virus
Threads
Key Space
File

35. To set the clearance of a subject or the classification of an object
Labeling
Multi-Programming
Multi-Core
Threat Agent

36. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)
Mitigate
Declaration
Highly Confidential
Race Condition

37. Summary of a communication for the purpose of integrity
3 Types of harm Addressed in computer crime laws
Mission-Critical Application
Locard's Principle
Message Digest

38. A template for the designing the architecture
UPS
Bridge
DR Or BC Coordinator
Security Blueprint

39. Uses two or more legal systems
Control Type
Virus
Mixed Law System
Structured Walk-Through Test

40. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists
Business Records
Layering
Voice Over IP (VOIP)
Risk Assessment

41. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

42. Deals with discretionary protection
Disk Mirroring
Orange Book C Classification
Desk Check Test
Pervasive Computing and Mobile Computing Devices

43. Independent malware that requires user interaction to execute
Criminal Law
Modems
Virus
Binary

44. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.
Risk
Denial Of Service
Control
TIFF (Tagged Image File Format)

45. An encryption method that has a key as long as the message
Durability
Deletion
Pointer
Running Key

46. A process state - to be executing a process on the CPU
Permutation /Transposition
Running
Containment
Remote Access Trojan

47. A backup type - for databases at a point in time
Electromagnetic Interference (EMI)
Checklist Test (desk check)
Shadowing (file shadowing)
Work Factor

48. A group or network of honeypots
Honeynet
Data Dictionary
Data Owner
Accreditation

49. An individuals conduct that violates government laws developed to protect the public
Criminal Law
Resumption
Disaster Recovery Tape
Cross Certification

50. One of the most important first steps in the planning development. Qualitative and quantitative data needs to be gathered - analyzed - interpreted and presented to management
Reference Monitor
Service Bureau
Business Impact Analysis
Inheritance