Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. OOP concept of a taking attributes from the original or parent






2. Is secondhand and usually not admissible in court






3. Highly sensitive internal documents that could seriously damage the organization if such information were lost or made public.






4. A design methodology which executes in a linear one way fashion






5. A failure of an IDS to detect an actual attack






6. A passive network attack involving monitoring of traffic.






7. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






8. Owner directed mediation of access






9. The collection and summation of risk data relating to a particular asset and controls for that asset






10. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.






11. Memory management technique which allows data to be moved from one memory address to another






12. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.






13. Narrow scope examination of a system






14. An asymmetric cryptography mechanism that provides authentication.






15. Natural occurrence in circuits that are in close proximity






16. Information about data or records






17. Reprogrammable basic startup instructions






18. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs






19. Weak evidence






20. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems






21. Malware that subverts the detective controls of an operating system






22. A set of best practices for programmers to seek in all application or data base design: Atomicity - Consistency - Isolation - Durability






23. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.






24. A template for the designing the architecture






25. Trading one for another






26. A copy of transaction data - designed for querying and reporting






27. Granular decision by a system of permitting or denying access to a particular resource on the system






28. People protect their domain






29. Planning with a goal of returning to the normal business function






30. Line noise that is superimposed on the supply circuit.






31. A covert storage channel on the file attribute






32. Unsolicited advertising software






33. To collect many small pieces of data






34. One entity with two competing allegiances






35. Identification and notification of an unauthorized and/or undesired action






36. High degree of visual control






37. Mediation of subject and object interactions






38. A database that contains the name - type - range of values - source and authorization for access for each data element






39. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).






40. A record that must be preserved and available for retrieval if needed.






41. Firewalls - encryption - and access control lists






42. To start business continuity processes






43. A system that enforces an access control policy between two networks.






44. Those who initiate the attack






45. For PKI - decertify an entities certificate






46. Motive - opportunity - and means; when looking for suspects it is important to consider these 3 things






47. High level design or model with a goal of consistency - integrity - and balance






48. Summary of a communication for the purpose of integrity






49. A structured group of teams ready to take control of the recovery operations if a disaster should occur.






50. The technical and risk assesment of a system within the context of the operating environment