Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Rapid switching back and forth between programs from the computer's perspective and appearing to do more that one thing at a time from the user's perspective






2. A test conducted on one or more components of a plan under actual operating conditions.






3. A program that waits for a condition or time to occur that executes an inappropriate activity






4. Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.






5. Implementation of operating system protection mechanism - where more sensitive built upon the layering concept






6. A social engineering attack that uses spoofed email or websites to persuade people to divulge information.






7. Intermediate level - pertaining to planning






8. Specific format of technical and physical controls that support the chosen framework and the architecture






9. A secure connection to another network.






10. A backup of data located where staff can gain access immediately






11. Code making






12. A design methodology which addresses risk early and often






13. Written internalized or nationalized norms that are internal to an organization






14. Recovery alternative - a building only with sufficient power - and HVAC






15. To load the first piece of software that starts a computer.






16. Security Policy - Personnel Controls - Supervisory Structure - Security Awareness Training - Testing






17. Control category- to discourage an adversary from attempting to access






18. Process whereby data is removed from active files and other data storage structures






19. A physical enclosure for verifying identity before entry to a facility






20. Control category- to give instructions or inform






21. Momentary loss of power






22. One of the most important first steps in the planning development. Qualitative and quantitative data needs to be gathered - analyzed - interpreted and presented to management






23. A set of best practices for programmers to seek in all application or data base design: Atomicity - Consistency - Isolation - Durability






24. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.






25. High level design or model with a goal of consistency - integrity - and balance






26. Is secondhand and usually not admissible in court






27. Program instructions based upon the CPU's specific architecture






28. With enough computing power trying all possible combinations






29. An unintended communication path






30. Independent malware that requires user interaction to execute






31. An attack that breaks up malicious code into fragments - in an attempt to elude detection.






32. To stop damage from spreading






33. Prolonged loss of commercial power






34. Unsolicited advertising software






35. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements






36. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.






37. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.






38. Wrong against society






39. A type a computer memory that temporarily stores frequently used information for quick access.






40. Potential danger to information or systems






41. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.






42. Tool which mediates access






43. Need to understand both the assets that need to be protected and management's priorities - Also be prepared to adjust the design over time - and verify the design has been implemented correctly - need to be good negotiator - artist and analyst.






44. Return to a normal state






45. An access policy that uses a security label system. Users have clearances - and resources have security labels that contain data classifications. MAC compares these two attributes to determine access control capabilies - most commonly used in governm






46. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?






47. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.






48. Real-time data backup ( Data Mirroring)






49. The partial or full duplication of data from a source database to one or more destination databases.






50. Binary decision by a system of permitting or denying access to the entire system