Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A backup of data located where staff can gain access readily and a localized disaster will not cause harm






2. Rapid switching back and forth between programs from the computer's perspective and appearing to do more that one thing at a time from the user's perspective






3. Continuous surveillance - to provide for detection and response of any failure in preventive controls.






4. A computer designed for the purpose of studying adversaries






5. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.






6. A process state - (blocked) needing input before continuing






7. Lower frequency noise






8. May be responsible for overall recovery of an organization or unit(s).






9. Method for determine functions - identifying function failure - assessing it - and were failure is most likely to occur






10. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing






11. Unauthorized access of network devices.






12. The one person responsible for data - its classification and control setting






13. Disruption of operation of an electronic device due to a competing electromagnetic field.






14. RADIUS - TACACS+ - Diameter






15. An activity that is performed for the purpose of training and conditioning team members - and improving their performance.






16. The managerial approval to operate a system based upon knowledge of risk to operate






17. A type a computer memory that temporarily stores frequently used information for quick access.






18. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.






19. Objects or programming that looks the different but act same






20. For PKI - to store another copy of a key






21. Intellectual property protection for an confidential and critical process






22. A collection of data or information that has a name






23. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.






24. A subnetwork with storage devices servicing all servers on the attached network.






25. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.






26. Malware that uses the trust on a website to redirect users to untrusted websites which captures data or installs more malware






27. Representatives from each functional area or department get together and walk through the plan from beginning to end.






28. Responsibility of a user for the actions taken by their account which requires unique identification






29. Memory management technique that allows two processes to run concurrently without interaction






30. A disturbance that degrades performance of electronic devices and electronic communications.






31. Responsibility for actions






32. A list of team members and/or key players to be contacted including their backups. The list will include the necessary contact information (i.e. Home phone - pager - cell - etc.) And in most cases be considered confidential.






33. A risk assessment method - intrinsic value






34. Potential danger to information or systems






35. A database backup type which records at the transaction level






36. To create a copy of data as a precaution against the loss or damage of the original data.






37. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity






38. A telephone exchange for a specific office or business.






39. System mediation of access with the focus on the context of the request






40. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.






41. Low level - pertaining to planning






42. System of law based upon precedence - with major divisions of criminal - tort - and administrative






43. Hardware or software that is part of a larger system






44. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.






45. Asymmetric encryption of a hash of message






46. Converts source code to an executable






47. Not fulfilling legally recognized obligation - failure to conform to a standard of care that results in injury or damage - and proximate causation - not practicing due diligence - or due care - not following prudent person (doing due diligence in due






48. OOP concept of a template that consist of attributes and behaviors






49. Control category- to restore to a previous state by removing the adversary and or the results of their actions






50. Framework that defines goals for the controls that should be used to properly manage IT - consists of 4 domains: - Plan and Organize - - Acquire and Implement - Deliver and Support - Monitor and Evaluate