Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To create a copy of data as a precaution against the loss or damage of the original data.






2. Act of scrambling the cleartext message by using a key.






3. Fault tolerance for power






4. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists






5. OOP concept of a template that consist of attributes and behaviors






6. The connection between a wireless and wired network.






7. Not fulfilling legally recognized obligation - failure to conform to a standard of care that results in injury or damage - and proximate causation - not practicing due diligence - or due care - not following prudent person (doing due diligence in due






8. Pertaining to law - high degree of veracity






9. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.






10. A failure of an IDS to detect an actual attack






11. Total number of keys available that may be selected by the user of a cryptosystem






12. The event signaling an IDS to produce an alarm when no attack has taken place






13. One of the key benefits of a network is the ability to share files stored on the server among several users.






14. Unsolicited commercial email






15. Small data files written to a user's hard drive by a web server.






16. To start business continuity processes






17. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.






18. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.






19. One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions






20. A Denial of Service attack that exploits systems that are not able to handle malicious - overlapping and oversized IP fragments.






21. High frequency noise






22. Recovery alternative which outsources a business function at a cost






23. The chance that something negative will occur






24. Pertaining to law - lending it self to one side of an argument






25. A layer 3 device that used to connect two or more network segments and regulate traffic.






26. Inappropriate data






27. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






28. To set the clearance of a subject or the classification of an object






29. The one person responsible for data - its classification and control setting






30. Granular decision by a system of permitting or denying access to a particular resource on the system






31. The document that defines the resources - actions - tasks and data required to manage the business recovery process in the event of a business interruption within the stated disaster recovery goals.






32. Regular operations are stopped and where processing is moved to the alternate site.






33. High level - pertaining to planning






34. A type of multitasking that allows for more even distribution of computing time among competing request






35. A documented battle plan for coordinating response to incidents.






36. System directed mediation of access with labels






37. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.






38. A BCP testing type - a test that answers the question: Can the organization operate at the alternate location only?






39. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.






40. A state for operating system tasks only






41. Recovery alternative - short-term - high cost movable processing location






42. Mitigation of system or component loss or interruption through use of backup capability.






43. A program that waits for a condition or time to occur that executes an inappropriate activity






44. Control type- that is communication based - typically written or oral






45. Mitigate damage by isolating compromised systems from the network.






46. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?






47. Reduces causes of fire






48. A test conducted on multiple components of a plan - in conjunction with each other - typically under simulated operating conditions






49. Joining two pieces of text






50. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.