Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A test that answers the questions: Does the organization have the documentation it needs? Can it be located?






2. Memory management technique which allows data to be moved from one memory address to another






3. A race condition where the security changes during the object's access






4. Autonomous malware that requires a flaw in a service






5. A electronic attestation of identity by a certificate authority






6. Independent malware that requires user interaction to execute






7. Implementation of measures to deter specific threats to the continuity of business operations - and/or respond to any occurrence of such threats in a timely and appropriate manner.






8. A collection of information designed to reduce duplication and increase integrity






9. An individuals conduct that violates government laws developed to protect the public






10. People protect their domain






11. A subnetwork with storage devices servicing all servers on the attached network.






12. Policy or stated actions






13. Of a system without prior knowledge by the tester or the tested






14. Someone who want to know how something works - typically by taking it apart






15. A group or network of honeypots






16. Moving the alphabet intact a certain number spaces






17. Requirement to take time off






18. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.






19. Encryption system using shared key/private key/single key/secret key






20. A control before attack






21. Information about a particular data set






22. To stop damage from spreading






23. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.






24. Key






25. Subject based description of a system or a collection of resources






26. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.






27. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.






28. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.






29. Initial surge of current






30. Weak evidence






31. Someone who wants to cause harm






32. For PKI - to store another copy of a key






33. Pertaining to law - verified as real






34. Mediation of covert channels must be addressed






35. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)






36. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.






37. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






38. When two or more computers are networked together in a LAN situation - one computer may be utilized as a storage location for files for the group.






39. Pertaining to law - no omissions






40. Malware that makes many small changes over time to a single data point or system






41. A test conducted on multiple components of a plan - in conjunction with each other - typically under simulated operating conditions






42. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems






43. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a hub).






44. A unit of execution






45. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.






46. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.






47. A world-wide wireless technology






48. Uncleared buffers or media






49. A backup of data located where staff can not gain access readily and a regional disaster will not cause harm






50. Controls for termination of attempt to access object