Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. One of the most important first steps in the planning development. Qualitative and quantitative data needs to be gathered - analyzed - interpreted and presented to management






2. An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business - as well as legal or regulatory impacts.






3. A shield against leakage of electromagnetic signals.






4. Someone who want to know how something works - typically by taking it apart






5. Effort/time needed to overcome a protective measure






6. Information which has retained its importance - but which has been created or stored by software/hardware that has been rendered obsolete.






7. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.






8. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.






9. Intellectual property protection for an confidential and critical process






10. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner






11. A protocol for the efficient transmission of voice over the Internet






12. Memory management technique that allows two processes to run concurrently without interaction






13. Specific format of technical and physical controls that support the chosen framework and the architecture






14. Power surge






15. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives






16. Long term knowledge building






17. Standard for the establishment - implementation - control - and improvement of the Information Security Management System






18. A set of laws that the organization agrees to be bound by






19. Unauthorized wireless network access device.






20. One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions






21. Event(s) that cause harm






22. Natural occurrence in circuits that are in close proximity






23. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.






24. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.






25. Control category- to restore to a previous state by removing the adversary and or the results of their actions






26. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.






27. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.






28. A choice in risk management - to convince another to assume risk - typically by payment






29. To break a business process into separate functions and assign to different people






30. Forging of an IP address.






31. An administrative unit or a group of objects and subjects controlled by one reference monitor






32. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.






33. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.






34. Intellectual property management technique for identifying after distribution






35. Written core statements that rarely change






36. Record history of incident






37. A choice in risk management - to implement a control that limits or lessens negative effects






38. A BCP testing type - a test that answers the question: Can the organization replicate the business process?






39. For PKI - to store another copy of a key






40. Pertaining to law - no omissions






41. Location where coordination and execution of BCP or DRP is directed






42. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.






43. A process state - to be executing a process on the CPU






44. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.






45. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






46. A planned or unplanned interruption in system availability.






47. Eavesdropping on network communications by a third party.






48. Scrambled form of the message or data






49. People protect their domain






50. Control category- to give instructions or inform