Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Unauthorized wireless network access device.






2. Summary of a communication for the purpose of integrity






3. Planning for the delegation of authority required when decisions must be made without the normal chain of command






4. To create a copy of data as a precaution against the loss or damage of the original data.






5. Heavily populated areas - particularly susceptible to high-intensity earthquakes - floods - tsunamis - or other disasters - for which emergency response may be necessary in the event of a disaster.






6. Line by line translation from a high level language to machine code






7. Written suggestions that direct choice to a few alternatives






8. Evidence must be: admissible - authentic - complete - accurate - and convincing






9. Organization's prior arrangements made to maintain the functions and processes important to the existence of the organization






10. Tool which mediates access






11. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements






12. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.






13. Subject based description of a system or a collection of resources






14. A type of attack involving attempted insertion - deletion or altering of data.






15. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."






16. Mitigation of system or component loss or interruption through use of backup capability.






17. Controls for termination of attempt to access object






18. Prolonged loss of commercial power






19. All of the protection mechanism in a computer system






20. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.






21. A record that must be preserved and available for retrieval if needed.






22. Recovery alternative which outsources a business function at a cost






23. Unsolicited commercial email






24. Recovery alternative - everything needed for the business function - except people and last backup






25. Just enough access to do the job






26. Two different keys decrypt the same cipher text






27. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)






28. A planned or unplanned interruption in system availability.






29. A collection of information designed to reduce duplication and increase integrity






30. A documented battle plan for coordinating response to incidents.






31. Pertaining to law - accepted by a court






32. Calculation encompassing threats - vulnerabilities and assets






33. Data or interference that can trigger a false positive






34. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services






35. An event which stops business from continuing.






36. Memory management technique that allows two processes to run concurrently without interaction






37. A programming device use in development to circumvent controls






38. A covert storage channel on the file attribute






39. To collect many small pieces of data






40. Responsibility for actions






41. High frequency noise






42. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.






43. A mathematical tool for verifying no unintentional changes have been made






44. One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions






45. Less granular organization of controls -






46. Object reuse protection and auditing






47. An unintended communication path






48. Converts source code to an executable






49. An activity that is performed for the purpose of training and conditioning team members - and improving their performance.






50. A choice in risk management - to convince another to assume risk - typically by payment