Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The first rating that requires security labels






2. A process state - (blocked) needing input before continuing






3. Weak evidence






4. Responsibility for actions






5. To stop damage from spreading






6. A process state - to be either be unable to run waiting for an external event or terminated






7. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.






8. Location to perform the business function






9. Enclosure of electronic communication devices to prevent leakage of electromagnetic signals.






10. A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.






11. Employment education done once per position or at significant change of function






12. A running key using a random key that is never used again






13. A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the security policy






14. Control category- to record an adversary's actions






15. More than one process in the middle of executing at a time






16. One of the most important first steps in the planning development. Qualitative and quantitative data needs to be gathered - analyzed - interpreted and presented to management






17. Review of data






18. A electronic attestation of identity by a certificate authority






19. A system designed to prevent unauthorized access to or from a private network.






20. Pertaining to law - lending it self to one side of an argument






21. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.






22. What is will remain - persistence






23. The study of cryptography and cryptanalysis






24. Vehicle stopping object






25. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)






26. A Trojan horse with the express underlying purpose of controlling host from a distance






27. Encryption system using a pair of mathematically related unequal keys






28. The connection between a wireless and wired network.






29. To ensure that evidence will be admissible in court by showing it was properly controlled and handled before being presented in court






30. Moving the alphabet intact a certain number spaces






31. Recording the Who What When Where How of evidence






32. The collection and summation of risk data relating to a particular asset and controls for that asset






33. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.






34. Methodical research of an incident with the purpose of finding the root cause






35. Implementation of measures to deter specific threats to the continuity of business operations - and/or respond to any occurrence of such threats in a timely and appropriate manner.






36. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.






37. Descrambling the encrypted message with the corresponding key






38. Initial surge of current






39. Moving letters around






40. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements






41. DoS - Spoofing - dictionary - brute force - wardialing






42. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.






43. Physical description on the exterior of an object that communicates the existence of a label






44. Cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components






45. To load the first piece of software that starts a computer.






46. Requirement of access to data for a clearly defined purpose






47. An access policy that uses a security label system. Users have clearances - and resources have security labels that contain data classifications. MAC compares these two attributes to determine access control capabilies - most commonly used in governm






48. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.






49. State of computer - to be running a process






50. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions