Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.






2. Vehicle or tool that exploits a weakness






3. The problems solving state - the opposite of supervisor mode






4. To set the clearance of a subject or the classification of an object






5. Joining two pieces of text






6. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.






7. Individuals and departments responsible for the storage and safeguarding of computerized data.






8. A critical event - which - if not handled in an appropriate manner - may dramatically impact an organization's profitability - reputation - or ability to operate.






9. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code






10. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.






11. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing






12. Unsolicited commercial email






13. Guidelines within an organization that control the rules and configurations of an IDS






14. Communicate to stakeholders






15. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services






16. Momentary loss of power






17. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.






18. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.






19. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?






20. Written step-by-step actions






21. Intellectual property protection for the expression of an idea






22. Narrow scope examination of a system






23. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.






24. Real-time - automatic and transparent backup of data.






25. Long term knowledge building






26. Deals with discretionary protection






27. System directed mediation of access with labels






28. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.






29. Communication of a security incident to stakeholders and data owners.






30. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.






31. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.






32. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.






33. A process state - to be either be unable to run waiting for an external event or terminated






34. The connection between a wireless and wired network.






35. Control category- to record an adversary's actions






36. Creation distribution update and deletion






37. Malware that makes small random changes to many data points






38. The event signaling an IDS to produce an alarm when no attack has taken place






39. Can be statistical (monitor behavior) or signature based (watch for known attacks)






40. Heavily populated areas - particularly susceptible to high-intensity earthquakes - floods - tsunamis - or other disasters - for which emergency response may be necessary in the event of a disaster.






41. For PKI - decertify an entities certificate






42. Responsibility of a user for the actions taken by their account which requires unique identification






43. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.






44. Redundant component that provides failover capability in the event of failure or interruption of a primary component.






45. Independent malware that requires user interaction to execute






46. A planned or unplanned interruption in system availability.






47. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.






48. Renders the file inaccessible to the operating system - available to reuse for data storage.






49. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.






50. Some systems are actually run at the alternate site







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests