Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Searching for wireless networks in a moving car.






2. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.






3. Natural occurrence in circuits that are in close proximity






4. Unsolicited commercial email






5. A cooperative collection of business processes and technologies used for the purpose of binding individuals to a digital certificate






6. A template for the designing the architecture






7. Uses two or more legal systems






8. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.






9. A social engineering attack that uses spoofed email or websites to persuade people to divulge information.






10. Return to a normal state






11. Uncleared buffers or media






12. The process of identifying - accessing - reducing risk to an acceptable level - and implementing the right countermeasure to maintain that level of risk






13. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.






14. Pertaining to law - high degree of veracity






15. Real-time data backup ( Data Mirroring)






16. Hardware or software that is part of a larger system






17. OOP concept of an object at runtime






18. Maximum tolerance for loss of certain business function - basis of strategy






19. Implementation of measures to deter specific threats to the continuity of business operations - and/or respond to any occurrence of such threats in a timely and appropriate manner.






20. Potentially compromising leakage of electrical or acoustical signals.






21. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.






22. A unit of execution






23. Pertaining to law - accepted by a court






24. DoS - Spoofing - dictionary - brute force - wardialing






25. A design methodology which addresses risk early and often






26. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.






27. Controls for termination of attempt to access object






28. Subset of operating systems components dedicated to protection mechanisms






29. Forging of an IP address.






30. Abstract and mathematical in nature - defining all possible states - transitions and operations






31. Control category - more than one control on a single asset






32. To load the first piece of software that starts a computer.






33. Narrow scope examination of a system






34. An attack technique that exploits systems that do not perform input validation by embedding partial SQL queries inside input.






35. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.






36. uropean standard for IT security criteria. Wasn't universally adopted. - Consists of four components:1. "Security Target" 2. "Target of Evaluation" or ToE. 3. Functional Levels. 4. Assurance Levels.






37. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






38. Evidence must be: admissible - authentic - complete - accurate - and convincing






39. An encryption method that has a key as long as the message






40. A world-wide wireless technology






41. A backup type which creates a complete copy






42. Program that inappropriately collects private data or activity






43. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive






44. A mail server that improperly allows inbound SMTP connections for domains it does not serve.






45. Initial surge of current






46. Lower frequency noise






47. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.






48. A control before attack






49. Malware that makes small random changes to many data points






50. Some systems are actually run at the alternate site







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests