Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy.






2. A condition in which neither party is willing to stop their activity for the other to complete






3. The connection between a wireless and wired network.






4. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.






5. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.






6. Rapid switching back and forth between programs from the computer's perspective and appearing to do more that one thing at a time from the user's perspective






7. Amount of time for restoring a business process or function to normal operations without major loss






8. A process state - to be either be unable to run waiting for an external event or terminated






9. Another subject cannot see an ongoing or pending update until it is complete






10. Also known as regulatory laws - covers standards of performance or conduct expected by government agencies from companies - industries - and certain officials






11. The core logic engine of an operating system which almost never changes






12. What is will remain - persistence






13. A backup of data located where staff can gain access immediately






14. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.






15. All of the protection mechanism in a computer system






16. Unauthorized access of network devices.






17. An alert or alarm that is triggered when no actual attack has taken place






18. Natural occurrence in circuits that are in close proximity






19. Someone who wants to cause harm






20. Intellectual property protection for marketing efforts






21. Deals with discretionary protection






22. A temporary public file to inform others of a compromised digital certificate






23. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.






24. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.






25. OOP concept of an object at runtime






26. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.






27. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?






28. Converts source code to an executable






29. To load the first piece of software that starts a computer.






30. Program that inappropriately collects private data or activity






31. Mathematical function that determines the cryptographic operations






32. A Denial of Service attack that exploits systems that are not able to handle malicious - overlapping and oversized IP fragments.






33. A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the security policy






34. Business and technical process of applying security software updates in a regulated periodic way






35. A copy of transaction data - designed for querying and reporting






36. Of a system without prior knowledge by the tester or the tested






37. The current internationally accepted set of standards and processes for information security products evaluation and assurance - which joins function and assurance requirements






38. A layer 2 device that used to connect two network segments and regulate traffic.






39. Program instructions based upon the CPU's specific architecture






40. Planning with a goal of returning to the normal business function






41. Ertaining to a number system that has just two unique digits.






42. Implementation of operating system protection mechanism - where more sensitive built upon the layering concept






43. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.






44. A covert storage channel on the file attribute






45. Most granular organization of controls






46. Unchecked data which spills into another location in memory






47. A hash that has been further encrypted with a symmetric algorithm






48. Recovery alternative - everything needed for the business function - except people and last backup






49. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.






50. Written suggestions that direct choice to a few alternatives