Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Intellectual property protection for marketing efforts






2. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.






3. High level - pertaining to planning






4. More than one CPU on a single board






5. An attack involving the hijacking of a TCP session by predicting a sequence number.






6. Alternate facility - other than the primary production site - where duplicated vital records and documentation may be stored for use during disaster recovery.






7. Event(s) that cause harm






8. A hash that has been further encrypted with a symmetric algorithm






9. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code






10. An opportunity for a threat to cause loss. (terminology that encompasses many recent risk terms)






11. OOP concept of a template that consist of attributes and behaviors






12. Induces a crime - tricks a person - and is illegal






13. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.






14. Actions measured against either a policy or what a reasonable person would do






15. Of a system without prior knowledge by the tester or the tested






16. Data or interference that can trigger a false positive






17. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.






18. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)






19. A temporary public file to inform others of a compromised digital certificate






20. False memory reference






21. Control category- to give instructions or inform






22. Hardware or software that is part of a larger system






23. Is secondhand and usually not admissible in court






24. The study of cryptography and cryptanalysis






25. A codename that refers to the study and mitigation of information disclosure via electromagnetic emanations from electronic equipment.






26. To jump to a conclusion






27. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.






28. A backup of data located where staff can gain access immediately






29. A device that sequentially switches multiple analog inputs to the output.






30. Information which has retained its importance - but which has been created or stored by software/hardware that has been rendered obsolete.






31. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.






32. Vehicle stopping object






33. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities






34. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated






35. Summary of a communication for the purpose of integrity






36. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).






37. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






38. Code making






39. Employment education done once per position or at significant change of function






40. Eavesdropping on network communications by a third party.






41. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.






42. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.






43. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.






44. Short period of low voltage.






45. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






46. A software design technique for abstraction of a process






47. Authentication protocol which only uses symmetric session keys between principals distributed by a 3rd party using different preshared symmetric keys






48. Companies should have their own team - made up of ppl from management - IT leagal - HR - and public relations - security and other key areas






49. A record that must be preserved and available for retrieval if needed.






50. A backup of data located where staff can gain access readily and a localized disaster will not cause harm






Can you answer 50 questions in 15 minutes?



Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests