Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Granular decision by a system of permitting or denying access to a particular resource on the system






2. To jump to a conclusion






3. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.






4. An event which stops business from continuing.






5. Highest level of authority at EOC with knowledge of the business process and the resources available






6. OOP concept of a distinct copy of the class






7. Control category - more than one control on a single asset






8. For PKI - to have more than one person in charge of a sensitive function






9. A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.






10. A failure of an IDS to detect an actual attack






11. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.






12. Recovery alternative - complete duplication of services including personnel






13. Recording the Who What When Where How of evidence






14. A form of data hiding which protects running threads of execution from using each other's memory






15. Malware that makes small random changes to many data points






16. Subset of operating systems components dedicated to protection mechanisms






17. To know more than one job






18. One of the key benefits of a network is the ability to share files stored on the server among several users.






19. Framework that defines goals for the controls that should be used to properly manage IT - consists of 4 domains: - Plan and Organize - - Acquire and Implement - Deliver and Support - Monitor and Evaluate






20. Two different keys decrypt the same cipher text






21. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.






22. False memory reference






23. Written core statements that rarely change






24. Organized group of compromised computers






25. Interception of a communication session by an attacker.






26. Narrow scope examination of a system






27. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions






28. To ensure that evidence will be admissible in court by showing it was properly controlled and handled before being presented in court






29. A process state - (blocked) needing input before continuing






30. Cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components






31. A BCP testing type - a test that answers the question: Can the organization replicate the business process?






32. To move from location to location - keeping the same function






33. A group or network of honeypots






34. The first rating that requires security labels






35. Two certificate authorities that trust each other






36. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid






37. The partial or full duplication of data from a source database to one or more destination databases.






38. One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions






39. Requirement to take time off






40. Heavily populated areas - particularly susceptible to high-intensity earthquakes - floods - tsunamis - or other disasters - for which emergency response may be necessary in the event of a disaster.






41. Low level - pertaining to planning






42. Rapid switching back and forth between programs from the computer's perspective and appearing to do more that one thing at a time from the user's perspective






43. Potential danger to information or systems






44. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services






45. Intellectual property protection for an invention






46. Policy or stated actions






47. Searching for wireless networks in a moving car.






48. Define the way in which the organization operates.






49. Reduction of voltage by the utility company for a prolonged period of time






50. A secure connection to another network.