Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Pertaining to law - verified as real






2. Act of luring an intruder and is legal.






3. System of law based upon precedence - with major divisions of criminal - tort - and administrative






4. Control category- to give instructions or inform






5. An attack that breaks up malicious code into fragments - in an attempt to elude detection.






6. Substitution at the word or phrase level






7. Another subject cannot see an ongoing or pending update until it is complete






8. To break a business process into separate functions and assign to different people






9. To segregate for the purposes of labeling






10. System of law based upon what is good for society






11. A Denial of Service attack that exploits packet filter firewalls that only inspect the initial fragment of a fragmented packet.






12. Recording the Who What When Where How of evidence






13. Fault tolerance for power






14. Line by line translation from a high level language to machine code






15. Unauthorized wireless network access device.






16. A type of attack involving attempted insertion - deletion or altering of data.






17. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.






18. Try a list of words in passwords or encryption keys






19. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.






20. To reduce fire






21. A world-wide wireless technology






22. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.






23. Outputs within a given function are the same result






24. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






25. OOP concept of a template that consist of attributes and behaviors






26. To set the clearance of a subject or the classification of an object






27. Evidence must be: admissible - authentic - complete - accurate - and convincing






28. Uncheck data input which results in redirection






29. Key






30. Reduces causes of fire






31. Amount of time for restoring a business process or function to normal operations without major loss






32. Lower frequency noise






33. A device that sequentially switches multiple analog inputs to the output.






34. Effort/time needed to overcome a protective measure






35. Ertaining to a number system that has just two unique digits.






36. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.






37. Object based description of a single resource and the permission each subject






38. A failure of an IDS to detect an actual attack






39. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.






40. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists






41. Collection of data on business functions which determines the strategy of resiliency






42. Alerts personnel to the presence of a fire






43. A process state - (blocked) needing input before continuing






44. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.






45. Independent malware that requires user interaction to execute






46. Actions measured against either a policy or what a reasonable person would do






47. Recovery alternative - short-term - high cost movable processing location






48. Moving letters around






49. Review of data






50. Guidelines within an organization that control the rules and configurations of an IDS