Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Uncheck data input which results in redirection






2. The problems solving state - the opposite of supervisor mode






3. Eavesdropping on network communications by a third party.






4. Responsibility of a user for the actions taken by their account which requires unique identification






5. Wrong against society






6. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs






7. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)






8. What is will remain - persistence






9. Guidelines within an organization that control the rules and configurations of an IDS






10. Unsolicited advertising software






11. A process state - to be either be unable to run waiting for an external event or terminated






12. Employment education done once per position or at significant change of function






13. A shield against leakage of electromagnetic signals.






14. Information about data or records






15. Deals with discretionary protection






16. Unchecked data which spills into another location in memory






17. The process of identifying - accessing - reducing risk to an acceptable level - and implementing the right countermeasure to maintain that level of risk






18. A test that answers the questions: Does the organization have the documentation it needs? Can it be located?






19. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.






20. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.






21. A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.






22. An availability attack - to consume resources to the point of exhaustion






23. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)






24. Also known as regulatory laws - covers standards of performance or conduct expected by government agencies from companies - industries - and certain officials






25. More than one process in the middle of executing at a time






26. A backup of data located where staff can gain access immediately






27. Property that data is represented in the same manner at all times






28. OOP concept of an object's abilities - what it does






29. To reduce sudden rises in current






30. A type a computer memory that temporarily stores frequently used information for quick access.






31. To smooth out reductions or increases in power






32. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.






33. Written step-by-step actions






34. Unauthorized wireless network access device.






35. With enough computing power trying all possible combinations






36. Framework that defines goals for the controls that should be used to properly manage IT - consists of 4 domains: - Plan and Organize - - Acquire and Implement - Deliver and Support - Monitor and Evaluate






37. Requirement of access to data for a clearly defined purpose






38. Uses two or more legal systems






39. One of the most important first steps in the planning development. Qualitative and quantitative data needs to be gathered - analyzed - interpreted and presented to management






40. A set of best practices for programmers to seek in all application or data base design: Atomicity - Consistency - Isolation - Durability






41. A risk assessment method - measurable real money cost






42. Control type- that is communication based - typically written or oral






43. A programming device use in development to circumvent controls






44. Process of statistically testing a data set for the likelihood of relevant information.






45. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.






46. Malware that makes small random changes to many data points






47. An attack that breaks up malicious code into fragments - in an attempt to elude detection.






48. To know more than one job






49. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions






50. Calculation encompassing threats - vulnerabilities and assets







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests