Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.






2. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.






3. Define the way in which the organization operates.






4. Alerts personnel to the presence of a fire






5. Highly sensitive internal documents that could seriously damage the organization if such information were lost or made public.






6. A condition in which neither party is willing to stop their activity for the other to complete






7. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.






8. Responsibility for actions






9. Pertaining to law - no omissions






10. Some systems are actually run at the alternate site






11. Location where coordination and execution of BCP or DRP is directed






12. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.






13. Statistical probabilities of a collision are more likely than one thinks






14. A covert storage channel on the file attribute






15. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.






16. Continuous surveillance - to provide for detection and response of any failure in preventive controls.






17. uropean standard for IT security criteria. Wasn't universally adopted. - Consists of four components:1. "Security Target" 2. "Target of Evaluation" or ToE. 3. Functional Levels. 4. Assurance Levels.






18. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






19. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals






20. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.






21. The response of an organization to a disaster or other significant event that may significantly impact the organization - its people - or its ability to function productively.






22. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.






23. Ertaining to a number system that has just two unique digits.






24. For PKI - to have more than one person in charge of a sensitive function






25. Enclosure of electronic communication devices to prevent leakage of electromagnetic signals.






26. Forging of an IP address.






27. Tool which mediates access






28. A process state - (blocked) needing input before continuing






29. A temporary public file to inform others of a compromised digital certificate






30. Controls for termination of attempt to access object






31. Intellectual property protection for the expression of an idea






32. To start business continuity processes






33. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).






34. Data or interference that can trigger a false positive






35. Low level - pertaining to planning






36. Those who initiate the attack






37. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






38. A social engineering attack that uses spoofed email or websites to persuade people to divulge information.






39. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive






40. Subject based description of a system or a collection of resources






41. System of law based upon what is good for society






42. A design methodology which addresses risk early and often






43. Vehicle stopping object






44. A distributed system's transaction control that requires updates to complete or rollback






45. Used to code/decode a digital data stream.






46. Control category- to restore to a previous state by removing the adversary and or the results of their actions






47. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated






48. A subnetwork with storage devices servicing all servers on the attached network.






49. A race condition where the security changes during the object's access






50. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests