Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Requires two of the three user authentication attributes (knows - is or has) - e.g. you have an ATM card and enter a PIN






2. Real-time data backup ( Data Mirroring)






3. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?






4. OOP concept of a distinct copy of the class






5. To execute more than one instruction at an instant in time






6. A race condition where the security changes during the object's access






7. Cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components






8. Two certificate authorities that trust each other






9. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.






10. Written internalized or nationalized norms that are internal to an organization






11. Hiding the fact that communication has occurred






12. An availability attack - to consume resources to the point of exhaustion from multiple vectors






13. RADIUS - TACACS+ - Diameter






14. Descrambling the encrypted message with the corresponding key






15. System of law based upon precedence - with major divisions of criminal - tort - and administrative






16. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.






17. Recognition of an individual's assertion of identity.






18. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources






19. Potentially compromising leakage of electrical or acoustical signals.






20. Scrambled form of the message or data






21. High level design or model with a goal of consistency - integrity - and balance






22. Control type- that is communication based - typically written or oral






23. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.






24. Recording the Who What When Where How of evidence






25. To evaluate the current situation and make basic decisions as to what to do






26. Owner directed mediation of access






27. Pertaining to law - lending it self to one side of an argument






28. Define the way in which the organization operates.






29. A world-wide wireless technology






30. Information about a particular data set






31. Specific format of technical and physical controls that support the chosen framework and the architecture






32. A temporary public file to inform others of a compromised digital certificate






33. An alert or alarm that is triggered when no actual attack has taken place






34. A group or network of honeypots






35. The response of an organization to a disaster or other significant event that may significantly impact the organization - its people - or its ability to function productively.






36. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.






37. Transaction controls for a database - a return to a previous state






38. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.






39. A practice execution of the plan takes place. A specific scenario is established - and the simulation continues up to the point of actual relocation to the alternate site.






40. Weakness or flaw in an asset






41. Planning for the delegation of authority required when decisions must be made without the normal chain of command






42. Reprogrammable basic startup instructions






43. A disturbance that degrades performance of electronic devices and electronic communications.






44. Record history of incident






45. Threats x Vulnerability x Asset Value = Total Risk






46. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a hub).






47. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.






48. Searching for wireless networks in a moving car.






49. Intellectual property protection for the expression of an idea






50. Actions measured against either a policy or what a reasonable person would do