Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Renders the file inaccessible to the operating system - available to reuse for data storage.






2. A subnetwork with storage devices servicing all servers on the attached network.






3. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.






4. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.






5. Descrambling the encrypted message with the corresponding key






6. Measures followed to restore critical functions following a security incident.






7. Fault tolerance for power






8. A distributed system's transaction control that requires updates to complete or rollback






9. The problems solving state - the opposite of supervisor mode






10. The response of an organization to a disaster or other significant event that may significantly impact the organization - its people - or its ability to function productively.






11. Inference about encrypted communications






12. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.






13. Requirement to take time off






14. A list of team members and/or key players to be contacted including their backups. The list will include the necessary contact information (i.e. Home phone - pager - cell - etc.) And in most cases be considered confidential.






15. Disruption of operation of an electronic device due to a competing electromagnetic field.






16. Control category- to give instructions or inform






17. To create a copy of data as a precaution against the loss or damage of the original data.






18. Weakness or flaw in an asset






19. Pertaining to law - verified as real






20. Natural occurrence in circuits that are in close proximity






21. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a hub).






22. A critical event - which - if not handled in an appropriate manner - may dramatically impact an organization's profitability - reputation - or ability to operate.






23. An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy.






24. State of computer - to be running a process






25. Ertaining to a number system that has just two unique digits.






26. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals






27. Communication of a security incident to stakeholders and data owners.






28. A device that sequentially switches multiple analog inputs to the output.






29. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid






30. A test conducted on one or more components of a plan under actual operating conditions.






31. Can be statistical (monitor behavior) or signature based (watch for known attacks)






32. A template for the designing the architecture






33. Firewalls - encryption - and access control lists






34. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code






35. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.






36. Claiming another's identity at a physical level






37. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.






38. Code making






39. An unintended communication path






40. A documented battle plan for coordinating response to incidents.






41. To move from location to location - keeping the same function






42. A race condition where the security changes during the object's access






43. With enough computing power trying all possible combinations






44. Eight bits.






45. Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).






46. A Denial of Service attack initiated by sending spoofed UDP echo request to IP broadcast addresses. (See Smurf)






47. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.






48. The technical and risk assesment of a system within the context of the operating environment






49. Identification and notification of an unauthorized and/or undesired action






50. An availability attack - to consume resources to the point of exhaustion