Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing






2. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.






3. A race condition where the security changes during the object's access






4. A comprehensive set of controls comprising best practices in information security and provides guidelines on how to set up and maintain security programs.






5. Collection of data on business functions which determines the strategy of resiliency






6. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






7. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.






8. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.






9. Subjects will not interact with each other's objects






10. A program with an inappropriate second purpose






11. To ensure that evidence will be admissible in court by showing it was properly controlled and handled before being presented in court






12. A design methodology which addresses risk early and often






13. Vehicle stopping object






14. Searching for wireless networks in a moving car.






15. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






16. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.






17. Total number of keys available that may be selected by the user of a cryptosystem






18. The document that defines the resources - actions - tasks and data required to manage the business recovery process in the event of a business interruption within the stated disaster recovery goals.






19. A backup of data located where staff can gain access readily and a localized disaster will not cause harm






20. To create a copy of data as a precaution against the loss or damage of the original data.






21. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.






22. The time period between a disaster and a return to normal functions - during which the disaster recovery plan is employed.






23. Identification and notification of an unauthorized and/or undesired action






24. Control category- to restore to a previous state by removing the adversary and or the results of their actions






25. A unit of execution






26. To reduce sudden rises in current






27. Converts a high level language into machine language






28. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






29. For PKI - to have more than one person in charge of a sensitive function






30. Try a list of words in passwords or encryption keys






31. People protect their domain






32. A choice in risk management - to convince another to assume risk - typically by payment






33. An availability attack - to consume resources to the point of exhaustion






34. Joining two pieces of text






35. Induces a crime - tricks a person - and is illegal






36. OOP concept of a distinct copy of the class






37. A condition in which neither party is willing to stop their activity for the other to complete






38. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress






39. A layer 2 device that used to connect two or more network segments and regulate traffic.






40. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives






41. The partial or full duplication of data from a source database to one or more destination databases.






42. Intermediate level - pertaining to planning






43. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code






44. Recording activities at the keyboard level






45. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.






46. To collect many small pieces of data






47. Provides a physical cross connect point for devices.






48. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner






49. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






50. A state for operating system tasks only