Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business - as well as legal or regulatory impacts.






2. An unintended communication path






3. A group of hard drives working as one storage unit for the purpose of speed and fault tolerance






4. Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization - community - nation - etc






5. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid






6. Forgery of the sender's email address in an email header.






7. The risk that remains after management implements internal controls - or some other response to risk - (Threats x Vulnerability x Asset Value) x Controls Gap = Residual Risk






8. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.






9. Memory management technique which allows data to be moved from one memory address to another






10. The current internationally accepted set of standards and processes for information security products evaluation and assurance - which joins function and assurance requirements






11. To assert or claim credentialing to an authentication system






12. System of law based upon precedence - with major divisions of criminal - tort - and administrative






13. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives






14. Less granular organization of controls -






15. Total number of keys available that may be selected by the user of a cryptosystem






16. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.






17. A layer 2 device that used to connect two network segments and regulate traffic.






18. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.






19. A Trojan horse with the express underlying purpose of controlling host from a distance






20. A state where two subjects can access the same object without proper mediation






21. Copies of the plan are handed out to each functional area to ensure the plan properly deals with the area's needs and vulnerabilities






22. Communicate to stakeholders






23. An asymmetric cryptography mechanism that provides authentication.






24. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing






25. A device that provides the functions of both a bridge and a router.






26. OOP concept of an object at runtime






27. A test conducted on multiple components of a plan - in conjunction with each other - typically under simulated operating conditions






28. Mediation of subject and object interactions






29. Record of system activity - which provides for monitoring and detection.






30. Hardware or software that is part of a larger system






31. An administrative unit or a group of objects and subjects controlled by one reference monitor






32. Companies should have their own team - made up of ppl from management - IT leagal - HR - and public relations - security and other key areas






33. People protect their domain






34. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.






35. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.






36. Eavesdropping on network communications by a third party.






37. Framework that defines goals for the controls that should be used to properly manage IT - consists of 4 domains: - Plan and Organize - - Acquire and Implement - Deliver and Support - Monitor and Evaluate






38. To set the clearance of a subject or the classification of an object






39. Information about data or records






40. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.






41. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.






42. Also known as regulatory laws - covers standards of performance or conduct expected by government agencies from companies - industries - and certain officials






43. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.






44. Unsolicited commercial email






45. When two or more computers are networked together in a LAN situation - one computer may be utilized as a storage location for files for the group.






46. Using small special tools all tumblers of the lock are aligned - opening the door






47. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals






48. A back up type - where the organization has excess capacity in another location.






49. A description of a database






50. Intellectual property protection for marketing efforts







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests