Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Reduces causes of fire






2. Malware that makes small random changes to many data points






3. A temporary public file to inform others of a compromised digital certificate






4. After being seized - the investigator should make a bit mirror image copy of the storage media before doing anything else.






5. System of law based upon precedence - with major divisions of criminal - tort - and administrative






6. Using many alphabets






7. A process state - to be executing a process on the CPU






8. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.






9. The core logic engine of an operating system which almost never changes






10. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






11. Intellectual property protection for marketing efforts






12. Try a list of words in passwords or encryption keys






13. Mediation of covert channels must be addressed






14. Eavesdropping on network communications by a third party.






15. A social engineering attack that uses spoofed email or websites to persuade people to divulge information.






16. Vehicle or tool that exploits a weakness






17. A subnetwork with storage devices servicing all servers on the attached network.






18. Provides a physical cross connect point for devices.






19. Binary decision by a system of permitting or denying access to the entire system






20. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive






21. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a hub).






22. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)






23. People who interact with assets






24. The restoration of computer files from backup media to restore programs and production data to the state that existed at the time of the last safe backup.






25. Object based description of a system or a collection of resources






26. Information which has retained its importance - but which has been created or stored by software/hardware that has been rendered obsolete.






27. An access policy that uses a security label system. Users have clearances - and resources have security labels that contain data classifications. MAC compares these two attributes to determine access control capabilies - most commonly used in governm






28. Use of specialized techniques for recovery - authentication - and analysis of electronic data






29. A covert storage channel on the file attribute






30. The managerial approval to operate a system based upon knowledge of risk to operate






31. Intellectual property management technique for identifying after distribution






32. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.






33. A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.






34. To assert or claim credentialing to an authentication system






35. A system designed to prevent unauthorized access to or from a private network.






36. Substitution at the word or phrase level






37. Another subject cannot see an ongoing or pending update until it is complete






38. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.






39. Data or interference that can trigger a false positive






40. A running key using a random key that is never used again






41. Recovery alternative which outsources a business function at a cost






42. People protect their domain






43. Define the way in which the organization operates.






44. Small data warehouse






45. Someone who wants to cause harm






46. Maintenance procedures outline the process for the review and update of business continuity plans.






47. The study of cryptography and cryptanalysis






48. Methodical research of an incident with the purpose of finding the root cause






49. Renders the record inaccessible to the database management system






50. A BCP testing type - a test that answers the question: Can the organization replicate the business process?