Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Control category- to discourage an adversary from attempting to access






2. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress






3. Communicate to stakeholders






4. After being seized - the investigator should make a bit mirror image copy of the storage media before doing anything else.






5. To assert or claim credentialing to an authentication system






6. Malware that subverts the detective controls of an operating system






7. Adversary intercepts encrypted communications - decrypts - views - encrypts - and send along to the true destination






8. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements






9. To evaluate the current situation and make basic decisions as to what to do






10. Controls for logging and alerting






11. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.






12. A list of team members and/or key players to be contacted including their backups. The list will include the necessary contact information (i.e. Home phone - pager - cell - etc.) And in most cases be considered confidential.






13. A protocol for the efficient transmission of voice over the Internet






14. Low level - pertaining to planning






15. Two different keys decrypt the same cipher text






16. Mitigate damage by isolating compromised systems from the network.






17. A type a computer memory that temporarily stores frequently used information for quick access.






18. The guardian of asset(s) - a maintenance activity






19. Wrong against society






20. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions






21. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






22. Organized group of compromised computers






23. Notification that a potential disaster situation exists or has occurred; direction for recipient to stand by for possible activation of disaster recovery plan.






24. Tool which mediates access






25. Controls for termination of attempt to access object






26. Intellectual property protection for the expression of an idea






27. Summary of a communication for the purpose of integrity






28. Framework that defines goals for the controls that should be used to properly manage IT - consists of 4 domains: - Plan and Organize - - Acquire and Implement - Deliver and Support - Monitor and Evaluate






29. A BCP testing type - a test that answers the question: Can the organization operate at the alternate location only?






30. All of the protection mechanism in a computer system






31. Dedicated fast memory located on the same board as the CPU






32. Substitution at the word or phrase level






33. A device that provides the functions of both a bridge and a router.






34. A social engineering attack that uses spoofed email or websites to persuade people to divulge information.






35. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions






36. Recovery alternative - everything needed for the business function - except people and last backup






37. High level design or model with a goal of consistency - integrity - and balance






38. System directed mediation of access with labels






39. Specific format of technical and physical controls that support the chosen framework and the architecture






40. A collection of data or information that has a name






41. Long term knowledge building






42. An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy.






43. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.






44. Evidence must be: admissible - authentic - complete - accurate - and convincing






45. Weakness or flaw in an asset






46. To segregate for the purposes of labeling






47. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)






48. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.






49. Power surge






50. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests