Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A shield against leakage of electromagnetic signals.






2. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.






3. A state where two subjects can access the same object without proper mediation






4. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.






5. Identification and notification of an unauthorized and/or undesired action






6. For PKI - decertify an entities certificate






7. Mediation of covert channels must be addressed






8. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.






9. Used to code/decode a digital data stream.






10. A type a computer memory that temporarily stores frequently used information for quick access.






11. Indivisible - data field must contain only one value that either all transactions take place or none do






12. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.






13. Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.






14. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.






15. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.






16. A electronic attestation of identity by a certificate authority






17. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.






18. A programming device use in development to circumvent controls






19. Enclosure of electronic communication devices to prevent leakage of electromagnetic signals.






20. Recording activities at the keyboard level






21. Wrong against society






22. A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.






23. Owner directed mediation of access






24. To evaluate the current situation and make basic decisions as to what to do






25. Unauthorized wireless network access device.






26. Control category- to restore to a previous state by removing the adversary and or the results of their actions






27. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.






28. A technology that reduces the size of a file.






29. A trusted issuer of digital certificates






30. A signal suggesting a system has been or is being attacked.






31. Calculation encompassing threats - vulnerabilities and assets






32. Mediation of subject and object interactions






33. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.






34. Real-time data backup ( Data Mirroring)






35. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.






36. A basic level of network access control that is based upon information contained in the IP packet header.






37. Transaction controls for a database - a return to a previous state






38. Individuals and departments responsible for the storage and safeguarding of computerized data.






39. Measures followed to restore critical functions following a security incident.






40. Outputs within a given function are the same result






41. Encryption system using shared key/private key/single key/secret key






42. Tool which mediates access






43. A documented battle plan for coordinating response to incidents.






44. Memory - RAM






45. A Denial of Service attack that floods the target system with connection requests that are not finalized.






46. Written core statements that rarely change






47. To know more than one job






48. Robust project management process of new systems with at least the following phases: design and development - production - distribution - operation - maintenance - retirement - and disposal






49. To reduce sudden rises in current






50. Narrow scope examination of a system