Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An administrative unit or a group of objects and subjects controlled by one reference monitor






2. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.






3. Recovery alternative - complete duplication of services including personnel






4. Notification that a potential disaster situation exists or has occurred; direction for recipient to stand by for possible activation of disaster recovery plan.






5. An availability attack - to consume resources to the point of exhaustion from multiple vectors






6. Renders the file inaccessible to the operating system - available to reuse for data storage.






7. Object reuse protection and auditing






8. Intellectual property protection for an invention






9. A one way - directed graph which indicates confidentiality or integrity flow






10. Unauthorized wireless network access device.






11. To jump to a conclusion






12. Eavesdropping on network communications by a third party.






13. The study of cryptography and cryptanalysis






14. Companies should have their own team - made up of ppl from management - IT leagal - HR - and public relations - security and other key areas






15. Communicate to stakeholders






16. It is embedded as part of a complete device often including hardware and mechanical parts - Features a limited OS - Mobile phones - routers and wireless devices take a similar approach - Less than robust security features - Difficult to patch.






17. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code






18. Short period of low voltage.






19. Malware that makes many small changes over time to a single data point or system






20. A planned or unplanned interruption in system availability.






21. An availability attack - to consume resources to the point of exhaustion






22. Intellectual property protection for marketing efforts






23. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.






24. Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).






25. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals






26. Key






27. Hardware or software that is part of a larger system






28. An attack technique that exploits systems that do not perform input validation by embedding partial SQL queries inside input.






29. A temporary public file to inform others of a compromised digital certificate






30. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?






31. A programming design concept which abstracts one set of functions from another in a serialized fashion






32. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.






33. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.






34. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.






35. Program that inappropriately collects private data or activity






36. A race condition where the security changes during the object's access






37. Maximum tolerance for loss of certain business function - basis of strategy






38. A layer 2 device that used to connect two network segments and regulate traffic.






39. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.






40. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner






41. A Trojan horse with the express underlying purpose of controlling host from a distance






42. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements






43. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.






44. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.






45. Pertaining to law - lending it self to one side of an argument






46. Impossibility of denying authenticity and identity






47. Written internalized or nationalized norms that are internal to an organization






48. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.






49. After being seized - the investigator should make a bit mirror image copy of the storage media before doing anything else.






50. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.






Can you answer 50 questions in 15 minutes?



Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests