SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Assessment And Risk Mgmt
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Physical damage - human interaction - equip malfunction - misuse of data - loss of data - application error
mappers
corporate security officer
risk catagories
data owner
2. ISM Standard
Information Security Management
CobiT
chief information security officer
escalation
3. A plan of action to deal with risks defined in the risk assessment - may remediate or transfer risk
security governanace
risk mitigation
annualized loss expectancy
CobiT
4. A tool that monitors network traffic - shows data and protocols in use - also known as a packet sniffer (i.e wireshark - TCPDump - Microsoft Network Monitor - Carnivore)
ITIL
protocol analyzer
exposure factor
risk analysis
5. OCTAVE
availability
Operationally Critical Threat - Asset - and Vulnerability Evaluation
usage
vulnerability scanner
6. The tools - personnel and business processes necessary to ensure that security meets needs
vulnerability scanner
CobiT
L0phtCrack
security governanace
7. Made up of ten domains - a mechanism to describe security processes
performance baseline
ISO 17799
CISO
risk analysis
8. Controls that manage facility access - locking systems - media sanitation - intrusion monitoring - environmental
availability
physical
CISO
privilege
9. Focus on service level agreements between IT dept and internal customers
CobiT
planning horizon
penetration
ITIL
10. Information security managment measurements
ISO/IEC 27004
ISO 17799
physical
tactical
11. Corporate governance at the strategic level
ISO/IEC 27799
COSO
mappers
ISO/IEC 27002
12. Controls that implement access control - password mangement - identification and authentication methods - configuration
ISO/IEC 27001
technical
security governanace
exposure factor
13. Guide assist in the implemenation of information security based on risk managent approach
ISO/IEC 27005
ISO 17799
Information Technology Infrastructure Library (ITIL)
risk
14. Ensures managment security directives are fulfilled
john the ripper
security officer
privilege
Failure Modes and Effect Analysis
15. Type of audit that checks that network resources - systems and software are used appropriately
integrity
technical
CISO
usage
16. Port scanners - vulnerability scanners - protocol analyzers - password crackers - network mappers - open vulnerability and assessment language (OVAL) are all tool used in a ___________________ assessment
annualized loss expectancy
vulnerability
Failure Modes and Effect Analysis
tactical
17. Type of audit that checks information classification and change control procedures
OCTAVE
security program
CobiT
administrative
18. Daily goals focused on productivity and task-oriented activities
firewall
operational
fault tree analysis
OVAL
19. ____________ can discover network devices / application - check password strength - measure internal / external access - analyze vulnerabilities in NOS - test response to DOS attacks
CobiT
qualitative
network mapping
risk
20. Risk mgmt method created by Carnegie Mellon University - people manage/direct the risk evaluation for IT security in a company
OCTAVE
risk analysis
FRAP
annualized rate of occurrence
21. An open source password cracker that uses dictionary and brute force attacks - stores previously cracked passwords - uses unshadow to merge password /shadow files
AS/NZS 4360
john the ripper
OVAL
blueprints
22. Plan and Organize - Acquire and Implement - Deliver and Support - Monitor and Evaluate
vulnerability
CobiT
risk analysis
No events - Errors only - Errors and warnings - All events
23. Method of ID functions and their failures - causes of failures their effect - originally designed for systems engineering
network mapping
COSO
FMEA
corporate security officer
24. A tool that maps weaknesses of systems / networks by scanning for ports - checking for applications - determining OS and patch level - and attempting exploits
COSO
vulnerability
vulnerability scanner
annualized rate of occurrence
25. An open language from mitre.org for determining vulnerabilities and problems on computer systems
OVAL
ISO/IEC 27002
annualized rate of occurrence
security officer
26. Developed by the Treadway Commission in 1985 to deal with fraudulent financial activities and reporting
COSO
Operationally Critical Threat - Asset - and Vulnerability Evaluation
performance baseline
risk anlysis
27. Assurance of accurancy and reliability of information and systems
integrity
security program
tactical
Failure Modes and Effect Analysis
28. A commercial password cracker that can test password strength and recover passwords; and perform dictionary and brute force attacks
threat
elcomsoft
CobiT
firewall
29. Potential danger to information or systems
usage
threat
COSO
risk anlysis
30. Percentage of an asset's value that would be lost in a single incident - (EF)
escalation
ISO 17799
exposure factor
chief information security officer
31. CSO
ISO/IEC 27799
performance baseline
escalation
corporate security officer
32. Risk assessment that is scenario based - ranks threats and countermeasures - uses experience - judgment - intuition and opinion
COSO
risk catagories
qualitative
vulnerability
33. Type of audit that checks procedures and policies for escalating issues to management
exposure
ISO/IEC 27002
escalation
ISO/IEC 27005
34. A process to ID assests and their value - ID vulnerabilities and threats - quantify probability and impact of threats - provide balance between impact and cost
CobiT
strategic
risk anlysis
FRAP
35. Event levels available for logging in a MS DNS server
risk analysis
No events - Errors only - Errors and warnings - All events
firewall
exposure
36. Guide to illustrate how to protect personal health information
risk analysis
ISO/IEC 27799
security officer
network mapping
37. Expected or predetermined performance level - developed from policy - performance - requirements
network mapping
confidentiality
performance baseline
COSO
38. Midterm goals
protocol analyzer
L0phtCrack
CobiT
tactical
39. IT governance at the operational level
CobiT
annualized rate of occurrence
qualitative
annualized loss expectancy
40. Type of audit that checks that accounts - groups and roles are correctly assigned
network mapping
privilege
due care
annualized loss expectancy
41. Mitigates a potential risk
SP 800-30
ITIL
countermeasure
integrity
42. _______________ can test IDS - detect network congestion - detect bad / failing equipment - detect high processor loads - must be NOS appropriate
availability
risk mitigation
network mapping
COSO
43. Controls that include policies - standards - procedures -risk management - personnel screening - training - change control
performance baseline
Information risk management
administrative
elcomsoft
44. FMEA
chief information security officer
Failure Modes and Effect Analysis
ISO 17799
COSO
45. CobiT
Control Objectives for Information and related Technology
Information Security Management
vulnerability scanner
CISO
46. Risk mgmt method with much broader focus than IT security
FRAP
operational
security governanace
AS/NZS 4360
47. Responsible for communicating to senior mgmt organizational risks and compliance regulations
operational
security governanace
CISO
tactical
48. Establish - implement - control and improve the Information Security Managment System (based on BS7799 Part 2)
usage
ISO/IEC 27001
security program
ITIL
49. Long-term goals focused on risk managment - compliance - security responsiblities - continual improvement - using security to attract customers
ISO 17799
integrity
ISO/IEC 27001
strategic
50. Security policy - map business objectives to security - Security infrastructure - security officer - reviews - Assest classification/control - inventory - Personnel security - screening - training - roles - Physical security - Communication/operation
network mapping
corporate security officer
security program
ISO 17799
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests