Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To know more than one job






2. Implementation of operating system protection mechanism - where more sensitive built upon the layering concept






3. Location to perform the business function






4. Power surge






5. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.






6. Two different keys decrypt the same cipher text






7. Memory management technique which allows subjects to use the same resource






8. Wrong against society






9. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.






10. Responsibility of a user for the actions taken by their account which requires unique identification






11. The core of a computer that calculates






12. Recognition of an individual's assertion of identity.






13. OOP concept of a template that consist of attributes and behaviors






14. Organization way of classifying data by factors such as criticality - sensitivity and ownership.






15. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress






16. Using small special tools all tumblers of the lock are aligned - opening the door






17. More than one CPU on a single board






18. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated






19. A test conducted on one or more components of a plan under actual operating conditions.






20. Transaction controls for a database - a return to a previous state






21. Communicate to stakeholders






22. Employment education done once per position or at significant change of function






23. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.






24. A BCP testing type - a test that answers the question: Can the organization replicate the business process?






25. Eight bits.






26. Consume resources to a point of exhaustion - loss of availability






27. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






28. A group of hard drives working as one storage unit for the purpose of speed and fault tolerance






29. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources






30. Calculation encompassing threats - vulnerabilities and assets






31. An access policy that uses a security label system. Users have clearances - and resources have security labels that contain data classifications. MAC compares these two attributes to determine access control capabilies - most commonly used in governm






32. Companies should have their own team - made up of ppl from management - IT leagal - HR - and public relations - security and other key areas






33. A software design technique for abstraction of a process






34. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code






35. Security Policy - Personnel Controls - Supervisory Structure - Security Awareness Training - Testing






36. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.






37. A record that must be preserved and available for retrieval if needed.






38. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.






39. Memory management technique that allows two processes to run concurrently without interaction






40. Unsolicited commercial email






41. A Trojan horse with the express underlying purpose of controlling host from a distance






42. Try a list of words in passwords or encryption keys






43. Authentication protocol which only uses symmetric session keys between principals distributed by a 3rd party using different preshared symmetric keys






44. Is secondhand and usually not admissible in court






45. Lower frequency noise






46. Individuals and departments responsible for the storage and safeguarding of computerized data.






47. One way encryption






48. A form of data hiding which protects running threads of execution from using each other's memory






49. The process of identifying - accessing - reducing risk to an acceptable level - and implementing the right countermeasure to maintain that level of risk






50. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.