Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.






2. A physical enclosure for verifying identity before entry to a facility






3. A collection of information designed to reduce duplication and increase integrity






4. Employment education done once per position or at significant change of function






5. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions






6. Two different keys decrypt the same cipher text






7. A test that answers the questions: Does the organization have the documentation it needs? Can it be located?






8. System of law based upon what is good for society






9. A practice execution of the plan takes place. A specific scenario is established - and the simulation continues up to the point of actual relocation to the alternate site.






10. A device that converts between digital and analog representation of data.






11. The process of assessing damage - following a disaster - to computer hardware - vital records - office facilities - etc. And determining what can be salvaged or restored and what must be replaced.






12. Two certificate authorities that trust each other






13. Loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.






14. Third party processes used to organize the implementation of an architecture






15. To stop damage from spreading






16. A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.






17. For PKI - to store another copy of a key






18. Scrambled form of the message or data






19. Unauthorized access of network devices.






20. After being seized - the investigator should make a bit mirror image copy of the storage media before doing anything else.






21. A basic level of network access control that is based upon information contained in the IP packet header.






22. A process state - to be executing a process on the CPU






23. Induces a crime - tricks a person - and is illegal






24. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.






25. Converts a high level language into machine language






26. Uses a role-based method to determine access rights and permissions. Role based access control is based on the user's role and responsibilities within the company.






27. Rapid switching back and forth between programs from the computer's perspective and appearing to do more that one thing at a time from the user's perspective






28. More than one processor sharing same memory - also know as parallel systems






29. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress






30. Amount of time for restoring a business process or function to normal operations without major loss






31. Wrong against society






32. Power surge






33. A backup of data located where staff can not gain access readily and a regional disaster will not cause harm






34. Organized group of compromised computers






35. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.






36. Someone who want to know how something works - typically by taking it apart






37. Uncleared buffers or media






38. A BCP testing type - a test that answers the question: Can the organization replicate the business process?






39. Regular operations are stopped and where processing is moved to the alternate site.






40. Potential danger to information or systems






41. Business and technical process of applying security software updates in a regulated periodic way






42. Information that - if made public or even shared around the organization - could seriously impede the organization's operations






43. Code breaking - practice of defeating the protective properties of cryptography.






44. To set the clearance of a subject or the classification of an object






45. Need to understand both the assets that need to be protected and management's priorities - Also be prepared to adjust the design over time - and verify the design has been implemented correctly - need to be good negotiator - artist and analyst.






46. Effort/time needed to overcome a protective measure






47. Pertaining to law - verified as real






48. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.






49. Representatives from each functional area or department get together and walk through the plan from beginning to end.






50. More than one process in the middle of executing at a time