Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated






2. Uncleared buffers or media






3. Organized group of compromised computers






4. Dedicated fast memory located on the same board as the CPU






5. System of law based upon precedence - with major divisions of criminal - tort - and administrative






6. A device that converts between digital and analog representation of data.






7. Summary of a communication for the purpose of integrity






8. Narrow scope examination of a system






9. OOP concept of a template that consist of attributes and behaviors






10. An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy.






11. Recovery alternative - short-term - high cost movable processing location






12. A protocol for the efficient transmission of voice over the Internet






13. Pertaining to law - accepted by a court






14. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."






15. To reduce fire






16. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.






17. Review of data






18. A set of laws that the organization agrees to be bound by






19. A temporary public file to inform others of a compromised digital certificate






20. A disturbance that degrades performance of electronic devices and electronic communications.






21. Trading one for another






22. Two certificate authorities that trust each other






23. Long term knowledge building






24. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.






25. Descrambling the encrypted message with the corresponding key






26. The partial or full duplication of data from a source database to one or more destination databases.






27. Implementation of measures to deter specific threats to the continuity of business operations - and/or respond to any occurrence of such threats in a timely and appropriate manner.






28. Used to code/decode a digital data stream.






29. Is secondhand and usually not admissible in court






30. Planning with a goal of returning to the normal business function






31. Substitution at the word or phrase level






32. Pertaining to law - high degree of veracity






33. Transaction controls for a database - a return to a previous state






34. Reprogrammable basic startup instructions






35. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.






36. Some systems are actually run at the alternate site






37. When two or more computers are networked together in a LAN situation - one computer may be utilized as a storage location for files for the group.






38. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.






39. Object based description of a single resource and the permission each subject






40. Object reuse protection and auditing






41. Claiming another's identity at a physical level






42. Security Policy - Personnel Controls - Supervisory Structure - Security Awareness Training - Testing






43. Archival Data is information that is not directly accessible to the user of a computer system but that the organization maintains for long-term storage and record keeping purposes.






44. To break a business process into separate functions and assign to different people






45. Program instructions based upon the CPU's specific architecture






46. The process of identifying - accessing - reducing risk to an acceptable level - and implementing the right countermeasure to maintain that level of risk






47. Joining two pieces of text






48. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.






49. Eight bits.






50. Unchecked data which spills into another location in memory