Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A world-wide wireless technology






2. After being seized - the investigator should make a bit mirror image copy of the storage media before doing anything else.






3. Enclosure of electronic communication devices to prevent leakage of electromagnetic signals.






4. System mediation of access with the focus on the context of the request






5. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.






6. A computer designed for the purpose of studying adversaries






7. A group or network of honeypots






8. A system that enforces an access control policy between two networks.






9. People protect their domain






10. Ertaining to a number system that has just two unique digits.






11. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.






12. Recovery alternative - complete duplication of services including personnel






13. Process of statistically testing a data set for the likelihood of relevant information.






14. To break a business process into separate functions and assign to different people






15. Power surge






16. Standard for the establishment - implementation - control - and improvement of the Information Security Management System






17. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.






18. A backup of data located where staff can not gain access readily and a regional disaster will not cause harm






19. Deals with discretionary protection






20. A process state - to be either be unable to run waiting for an external event or terminated






21. Control category- to give instructions or inform






22. Unsolicited commercial email






23. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.






24. Object based description of a single resource and the permission each subject






25. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.






26. A shield against leakage of electromagnetic signals.






27. Used to code/decode a digital data stream.






28. The current internationally accepted set of standards and processes for information security products evaluation and assurance - which joins function and assurance requirements






29. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources






30. Pertaining to law - no omissions






31. The level and label given to an individual for the purpose of compartmentalization






32. A documented battle plan for coordinating response to incidents.






33. Hardware or software that is part of a larger system






34. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.






35. Highly sensitive internal documents that could seriously damage the organization if such information were lost or made public.






36. May be responsible for overall recovery of an organization or unit(s).






37. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.






38. Evaluation of a system without prior knowledge by the tester






39. Guidelines within an organization that control the rules and configurations of an IDS






40. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs






41. Inference about encrypted communications






42. A state for operating system tasks only






43. A type of multitasking that allows for more even distribution of computing time among competing request






44. Location where coordination and execution of BCP or DRP is directed






45. To move from location to location - keeping the same function






46. Control category - more than one control on a single asset






47. A distributed system's transaction control that requires updates to complete or rollback






48. For PKI - decertify an entities certificate






49. A design methodology which executes in a linear one way fashion






50. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.