Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An opportunity for a threat to cause loss. (terminology that encompasses many recent risk terms)






2. Mediation of covert channels must be addressed






3. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.






4. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






5. Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization - community - nation - etc






6. Weak evidence






7. A signal suggesting a system has been or is being attacked.






8. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.






9. Subjects will not interact with each other's objects






10. The level and label given to an individual for the purpose of compartmentalization






11. Potentially compromising leakage of electrical or acoustical signals.






12. Maximum tolerance for loss of certain business function - basis of strategy






13. Mediation of subject and object interactions






14. An administrative unit or a group of objects and subjects controlled by one reference monitor






15. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.






16. Malware that makes many small changes over time to a single data point or system






17. A technology that reduces the size of a file.






18. Moving the alphabet intact a certain number spaces






19. A layer 2 device that used to connect two or more network segments and regulate traffic.






20. Hiding the fact that communication has occurred






21. Abstract and mathematical in nature - defining all possible states - transitions and operations






22. A social engineering attack that uses spoofed email or websites to persuade people to divulge information.






23. The core of a computer that calculates






24. Intellectual property protection for an confidential and critical process






25. Measures followed to restore critical functions following a security incident.






26. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs






27. The core logic engine of an operating system which almost never changes






28. Memory management technique that allows two processes to run concurrently without interaction






29. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.






30. A unit of execution






31. A subnetwork with storage devices servicing all servers on the attached network.






32. A distributed system's transaction control that requires updates to complete or rollback






33. Natural or human-readable form of message






34. A group or network of honeypots






35. A control before attack






36. The one person responsible for data - its classification and control setting






37. Mitigation of system or component loss or interruption through use of backup capability.






38. A process state - to be either be unable to run waiting for an external event or terminated






39. Subject based description of a system or a collection of resources






40. Malware that uses the trust on a website to redirect users to untrusted websites which captures data or installs more malware






41. Controls for termination of attempt to access object






42. Recovery alternative - everything needed for the business function - except people and last backup






43. All of the protection mechanism in a computer system






44. Planning with a goal of returning to the normal business function






45. Consume resources to a point of exhaustion - loss of availability






46. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.






47. A Denial of Service attack that exploits systems that are not able to handle malicious - overlapping and oversized IP fragments.






48. A planned or unplanned interruption in system availability.






49. Individuals and departments responsible for the storage and safeguarding of computerized data.






50. A layer 3 device that used to connect two or more network segments and regulate traffic.