Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The restoration of computer files from backup media to restore programs and production data to the state that existed at the time of the last safe backup.






2. Intermediate level - pertaining to planning






3. Written core statements that rarely change






4. More than one CPU on a single board






5. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.






6. Wrong against society






7. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."






8. The guardian of asset(s) - a maintenance activity






9. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.






10. Individuals and departments responsible for the storage and safeguarding of computerized data.






11. Code breaking - practice of defeating the protective properties of cryptography.






12. Written step-by-step actions






13. Process of statistically testing a data set for the likelihood of relevant information.






14. For PKI - decertify an entities certificate






15. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.






16. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.






17. To reduce fire






18. A condition in which neither party is willing to stop their activity for the other to complete






19. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.






20. A Trojan horse with the express underlying purpose of controlling host from a distance






21. Return to a normal state






22. When two or more computers are networked together in a LAN situation - one computer may be utilized as a storage location for files for the group.






23. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?






24. To execute more than one instruction at an instant in time






25. Planning with a goal of returning to the normal business function






26. Reduction of voltage by the utility company for a prolonged period of time






27. A state where two subjects can access the same object without proper mediation






28. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






29. Unauthorized wireless network access device.






30. Redundant component that provides failover capability in the event of failure or interruption of a primary component.






31. Weakness or flaw in an asset






32. An access policy that uses a security label system. Users have clearances - and resources have security labels that contain data classifications. MAC compares these two attributes to determine access control capabilies - most commonly used in governm






33. Communication of a security incident to stakeholders and data owners.






34. Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization - community - nation - etc






35. Fault tolerance for power






36. The hard drive






37. Communicate to stakeholders






38. A risk assessment method - intrinsic value






39. OOP concept of a taking attributes from the original or parent






40. The process of assessing damage - following a disaster - to computer hardware - vital records - office facilities - etc. And determining what can be salvaged or restored and what must be replaced.






41. A practice execution of the plan takes place. A specific scenario is established - and the simulation continues up to the point of actual relocation to the alternate site.






42. A passive network attack involving monitoring of traffic.






43. Independent malware that requires user interaction to execute






44. A distributed system's transaction control that requires updates to complete or rollback






45. One of the most important first steps in the planning development. Qualitative and quantitative data needs to be gathered - analyzed - interpreted and presented to management






46. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive






47. A programming design concept which abstracts one set of functions from another in a serialized fashion






48. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.






49. Inference about encrypted communications






50. A electronic attestation of identity by a certificate authority