Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Process of statistically testing a data set for the likelihood of relevant information.






2. System of law based upon what is good for society






3. A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources (e.e workaround procedures - alternate work area - etc.)






4. A design methodology which addresses risk early and often






5. Mathematical function that determines the cryptographic operations






6. A state for operating system tasks only






7. Memory management technique that allows two processes to run concurrently without interaction






8. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.






9. A passive network attack involving monitoring of traffic.






10. A layer 3 device that used to connect two or more network segments and regulate traffic.






11. A mail server that improperly allows inbound SMTP connections for domains it does not serve.






12. Effort/time needed to overcome a protective measure






13. System of law based upon precedence - with major divisions of criminal - tort - and administrative






14. RADIUS - TACACS+ - Diameter






15. Continuous surveillance - to provide for detection and response of any failure in preventive controls.






16. A set of laws that the organization agrees to be bound by






17. Recovery alternative - everything needed for the business function - except people and last backup






18. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner






19. A BCP testing type - a test that answers the question: Can the organization replicate the business process?






20. Two different keys decrypt the same cipher text






21. Statistical probabilities of a collision are more likely than one thinks






22. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






23. Using many alphabets






24. Used to code/decode a digital data stream.






25. A signal suggesting a system has been or is being attacked.






26. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.






27. Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.






28. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements






29. Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).






30. Disruption of operation of an electronic device due to a competing electromagnetic field.






31. Intellectual property protection for the expression of an idea






32. Alternate facility - other than the primary production site - where duplicated vital records and documentation may be stored for use during disaster recovery.






33. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals






34. Indivisible - data field must contain only one value that either all transactions take place or none do






35. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions






36. All of the protection mechanism in a computer system






37. A layer 2 device that used to connect two network segments and regulate traffic.






38. For PKI - to store another copy of a key






39. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.






40. Motive - opportunity - and means; when looking for suspects it is important to consider these 3 things






41. Converts a high level language into machine language






42. Descrambling the encrypted message with the corresponding key






43. Claiming another's identity at a physical level






44. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.






45. A Denial of Service attack initiated by sending spoofed UDP echo request to IP broadcast addresses. (See Smurf)






46. A process state - to be either be unable to run waiting for an external event or terminated






47. Written step-by-step actions






48. Long term knowledge building






49. Location where coordination and execution of BCP or DRP is directed






50. Written internalized or nationalized norms that are internal to an organization







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests