Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Impossibility of denying authenticity and identity






2. Effort/time needed to overcome a protective measure






3. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities






4. Another subject cannot see an ongoing or pending update until it is complete






5. A Trojan horse with the express underlying purpose of controlling host from a distance






6. System of law based upon what is good for society






7. Try a list of words in passwords or encryption keys






8. Written core statements that rarely change






9. State of computer - to be running a process






10. Weak evidence






11. To segregate for the purposes of labeling






12. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.






13. The partial or full duplication of data from a source database to one or more destination databases.






14. Intellectual property protection for an invention






15. Indivisible - data field must contain only one value that either all transactions take place or none do






16. Renders the file inaccessible to the operating system - available to reuse for data storage.






17. A backup of data located where staff can gain access readily and a localized disaster will not cause harm






18. Uses two or more legal systems






19. A basic level of network access control that is based upon information contained in the IP packet header.






20. The core logic engine of an operating system which almost never changes






21. A copy of transaction data - designed for querying and reporting






22. Business and technical process of applying security software updates in a regulated periodic way






23. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.






24. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.






25. An administrative unit or a group of objects and subjects controlled by one reference monitor






26. DoS - Spoofing - dictionary - brute force - wardialing






27. Methodical research of an incident with the purpose of finding the root cause






28. A cooperative collection of business processes and technologies used for the purpose of binding individuals to a digital certificate






29. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






30. Act of luring an intruder and is legal.






31. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.






32. Security Policy - Personnel Controls - Supervisory Structure - Security Awareness Training - Testing






33. Redundant component that provides failover capability in the event of failure or interruption of a primary component.






34. Interception of a communication session by an attacker.






35. A state where two subjects can access the same object without proper mediation






36. A back up type - where the organization has excess capacity in another location.






37. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.






38. To know more than one job






39. Hiding the fact that communication has occurred






40. Substitution at the word or phrase level






41. Power surge






42. Mitigate damage by isolating compromised systems from the network.






43. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.






44. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data






45. A protocol for the efficient transmission of voice over the Internet






46. A backup of data located where staff can gain access immediately






47. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.






48. To ensure that evidence will be admissible in court by showing it was properly controlled and handled before being presented in court






49. A programming device use in development to circumvent controls






50. Claiming another's identity at a physical level