Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Final purpose or result






2. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?






3. A control after attack






4. Owner directed mediation of access






5. To start business continuity processes






6. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.






7. Independent malware that requires user interaction to execute






8. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.






9. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity






10. OOP concept of a class's details to be hidden from object






11. A codename that refers to the study and mitigation of information disclosure via electromagnetic emanations from electronic equipment.






12. One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions






13. A device that converts between digital and analog representation of data.






14. A process state - (blocked) needing input before continuing






15. What is will remain - persistence






16. Robust project management process of new systems with at least the following phases: design and development - production - distribution - operation - maintenance - retirement - and disposal






17. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions






18. A template for the designing the architecture






19. Indivisible - data field must contain only one value that either all transactions take place or none do






20. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.






21. Short period of low voltage.






22. A database that contains the name - type - range of values - source and authorization for access for each data element






23. Eavesdropping on network communications by a third party.






24. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






25. Unused storage capacity






26. A type of attack involving attempted insertion - deletion or altering of data.






27. Summary of a communication for the purpose of integrity






28. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.






29. The one person responsible for data - its classification and control setting






30. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.






31. Trading one for another






32. The study of cryptography and cryptanalysis






33. Malware that makes small random changes to many data points






34. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs






35. Autonomous malware that requires a flaw in a service






36. Descrambling the encrypted message with the corresponding key






37. Periodic - automatic and transparent backup of data in bulk.






38. Communication of a security incident to stakeholders and data owners.






39. Server optimized for providing file-based data storage to the network. Unlike a File Server - a NAS unit has no input or output devices - and the OS is dedicated for providing storage services.






40. The hard drive






41. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.






42. A subnetwork with storage devices servicing all servers on the attached network.






43. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.






44. Mitigate damage by isolating compromised systems from the network.






45. Forgery of the sender's email address in an email header.






46. Controls for termination of attempt to access object






47. Return to a normal state






48. Vehicle stopping object






49. Recording activities at the keyboard level






50. Moving letters around