Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A description of a database






2. Mathematical function that determines the cryptographic operations






3. Vehicle stopping object






4. Malware that makes small random changes to many data points






5. Recognition of an individual's assertion of identity.






6. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.






7. More than one process in the middle of executing at a time






8. Mediates communication between un-trusted hosts on behalf of the hosts that it protects.






9. Data or interference that can trigger a false positive






10. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists






11. Copies of the plan are handed out to each functional area to ensure the plan properly deals with the area's needs and vulnerabilities






12. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals






13. A group of hard drives working as one storage unit for the purpose of speed and fault tolerance






14. It is embedded as part of a complete device often including hardware and mechanical parts - Features a limited OS - Mobile phones - routers and wireless devices take a similar approach - Less than robust security features - Difficult to patch.






15. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.






16. A copy of transaction data - designed for querying and reporting






17. DoS - Spoofing - dictionary - brute force - wardialing






18. Recovery alternative which outsources a business function at a cost






19. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.






20. Part of a transaction control for a database which informs the database of the last recorded transaction






21. Converts source code to an executable






22. The technical and risk assesment of a system within the context of the operating environment






23. Lower frequency noise






24. Intellectual property protection for an confidential and critical process






25. High degree of visual control






26. A programming device use in development to circumvent controls






27. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs






28. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements






29. Summary of a communication for the purpose of integrity






30. Review of data






31. One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions






32. Some systems are actually run at the alternate site






33. Abstract and mathematical in nature - defining all possible states - transitions and operations






34. All of the protection mechanism in a computer system






35. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."






36. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.






37. Moving the alphabet intact a certain number spaces






38. Substitution at the word or phrase level






39. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.






40. Memory - RAM






41. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.






42. Eight bits.






43. OOP concept of a class's details to be hidden from object






44. Recovery alternative - short-term - high cost movable processing location






45. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.






46. A device that converts between digital and analog representation of data.






47. An individuals conduct that violates government laws developed to protect the public






48. For PKI - decertify an entities certificate






49. A legal enforceable agreement between: two people - two organizations - a person and an organization.






50. Method for determine functions - identifying function failure - assessing it - and were failure is most likely to occur