Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.






2. A value an organization places on an IDS based on past performance and analysis to help determine its ability to effectively identify an attack






3. Implementation of measures to deter specific threats to the continuity of business operations - and/or respond to any occurrence of such threats in a timely and appropriate manner.






4. An unintended communication path






5. Interception of a communication session by an attacker.






6. Authentication protocol which only uses symmetric session keys between principals distributed by a 3rd party using different preshared symmetric keys






7. A BCP testing type - a test that answers the question: Can the organization operate at the alternate location only?






8. Physical description on the exterior of an object that communicates the existence of a label






9. For PKI - to have more than one person in charge of a sensitive function






10. A committee of decision makers - business owners - technology experts and continuity professionals - tasked with making strategic recovery and continuity planning decisions for the organization.






11. One of the most important first steps in the planning development. Qualitative and quantitative data needs to be gathered - analyzed - interpreted and presented to management






12. A cooperative collection of business processes and technologies used for the purpose of binding individuals to a digital certificate






13. Potentially compromising leakage of electrical or acoustical signals.






14. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.






15. Granular decision by a system of permitting or denying access to a particular resource on the system






16. Unchecked data which spills into another location in memory






17. Property that data is represented in the same manner at all times






18. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements






19. A record that must be preserved and available for retrieval if needed.






20. Effort/time needed to overcome a protective measure






21. A description of a database






22. An encryption method that has a key as long as the message






23. Organization way of classifying data by factors such as criticality - sensitivity and ownership.






24. Pertaining to law - accepted by a court






25. Substitution at the word or phrase level






26. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements






27. Initial surge of current






28. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.






29. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.






30. Implementation of operating system protection mechanism - where more sensitive built upon the layering concept






31. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.






32. A backup of data located where staff can gain access readily and a localized disaster will not cause harm






33. Two different keys decrypt the same cipher text






34. Organized group of compromised computers






35. Heavily populated areas - particularly susceptible to high-intensity earthquakes - floods - tsunamis - or other disasters - for which emergency response may be necessary in the event of a disaster.






36. To jump to a conclusion






37. Requirement of access to data for a clearly defined purpose






38. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.






39. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.






40. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






41. To execute more than one instruction at an instant in time






42. Someone who want to know how something works - typically by taking it apart






43. The problems solving state - the opposite of supervisor mode






44. Event(s) that cause harm






45. Those who initiate the attack






46. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.






47. Potentially retrievable data residue that remains following intended erasure of data.






48. Companies should have their own team - made up of ppl from management - IT leagal - HR - and public relations - security and other key areas






49. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.






50. Pertaining to law - high degree of veracity







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests