Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To start business continuity processes






2. Dedicated fast memory located on the same board as the CPU






3. Renders the record inaccessible to the database management system






4. Not fulfilling legally recognized obligation - failure to conform to a standard of care that results in injury or damage - and proximate causation - not practicing due diligence - or due care - not following prudent person (doing due diligence in due






5. A state for operating system tasks only






6. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






7. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.






8. Written step-by-step actions






9. Control category- to discourage an adversary from attempting to access






10. An attack that breaks up malicious code into fragments - in an attempt to elude detection.






11. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






12. The partial or full duplication of data from a source database to one or more destination databases.






13. The collection and summation of risk data relating to a particular asset and controls for that asset






14. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.






15. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.






16. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.






17. Real-time data backup ( Data Mirroring)






18. Threats x Vulnerability x Asset Value = Total Risk






19. Vehicle or tool that exploits a weakness






20. Small data files written to a user's hard drive by a web server.






21. Control category - more than one control on a single asset






22. An availability attack - to consume resources to the point of exhaustion from multiple vectors






23. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.






24. Reprogrammable basic startup instructions






25. OOP concept of a distinct copy of the class






26. Third party processes used to organize the implementation of an architecture






27. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)






28. Potential danger to information or systems






29. Total number of keys available that may be selected by the user of a cryptosystem






30. Business and technical process of applying security software updates in a regulated periodic way






31. A programming device use in development to circumvent controls






32. A computer designed for the purpose of studying adversaries






33. Hardware or software that is part of a larger system






34. Lower frequency noise






35. To set the clearance of a subject or the classification of an object






36. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.






37. A control after attack






38. Hitting a filed down key in a lock with a hammer to open without real key






39. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.






40. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.






41. Heavily populated areas - particularly susceptible to high-intensity earthquakes - floods - tsunamis - or other disasters - for which emergency response may be necessary in the event of a disaster.






42. To load the first piece of software that starts a computer.






43. A planned or unplanned interruption in system availability.






44. Controls deployed to avert unauthorized and/or undesired actions.






45. A design methodology which addresses risk early and often






46. Moving letters around






47. Framework that defines goals for the controls that should be used to properly manage IT - consists of 4 domains: - Plan and Organize - - Acquire and Implement - Deliver and Support - Monitor and Evaluate






48. Power surge






49. Someone who wants to cause harm






50. Inappropriate data