Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A distributed system's transaction control that requires updates to complete or rollback






2. An unintended communication path






3. Less granular organization of controls -






4. A collection of information designed to reduce duplication and increase integrity






5. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






6. Also known as regulatory laws - covers standards of performance or conduct expected by government agencies from companies - industries - and certain officials






7. Uses two or more legal systems






8. To smooth out reductions or increases in power






9. People protect their domain






10. Granular decision by a system of permitting or denying access to a particular resource on the system






11. Object based description of a single resource and the permission each subject






12. Requirement to take time off






13. A design methodology which executes in a linear one way fashion






14. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)






15. To create a copy of data as a precaution against the loss or damage of the original data.






16. Firewalls - encryption - and access control lists






17. Eavesdropping on network communications by a third party.






18. Power surge






19. Unauthorized access of network devices.






20. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.






21. A state for operating system tasks only






22. An attack involving the hijacking of a TCP session by predicting a sequence number.






23. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.






24. Autonomous malware that requires a flaw in a service






25. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress






26. State of computer - to be running a process






27. Requirement of access to data for a clearly defined purpose






28. Dedicated fast memory located on the same board as the CPU






29. High level - pertaining to planning






30. The response of an organization to a disaster or other significant event that may significantly impact the organization - its people - or its ability to function productively.






31. To jump to a conclusion






32. The hard drive






33. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?






34. An access policy that uses a security label system. Users have clearances - and resources have security labels that contain data classifications. MAC compares these two attributes to determine access control capabilies - most commonly used in governm






35. An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy.






36. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.






37. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.






38. A Denial of Service attack that exploits systems that are not able to handle malicious - overlapping and oversized IP fragments.






39. OOP concept of an object at runtime






40. A process state - (blocked) needing input before continuing






41. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.






42. The one person responsible for data - its classification and control setting






43. What is will remain - persistence






44. Weak evidence






45. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.






46. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.






47. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.






48. An administrative unit or a group of objects and subjects controlled by one reference monitor






49. One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions






50. Pertaining to law - high degree of veracity







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests