Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements






2. A group or network of honeypots






3. A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.






4. A control after attack






5. To jump to a conclusion






6. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.






7. A choice in risk management - to implement a control that limits or lessens negative effects






8. A design methodology which executes in a linear one way fashion






9. Act of scrambling the cleartext message by using a key.






10. Recovery alternative which outsources a business function at a cost






11. Intellectual property protection for the expression of an idea






12. A telephone exchange for a specific office or business.






13. Information which has retained its importance - but which has been created or stored by software/hardware that has been rendered obsolete.






14. Recognition of an individual's assertion of identity.






15. A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources (e.e workaround procedures - alternate work area - etc.)






16. Identification and notification of an unauthorized and/or undesired action






17. Sudden rise in voltage in the power supply.






18. To create a copy of data as a precaution against the loss or damage of the original data.






19. Location to perform the business function






20. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.






21. Joining two pieces of text






22. Act of luring an intruder and is legal.






23. Robust project management process of new systems with at least the following phases: design and development - production - distribution - operation - maintenance - retirement - and disposal






24. Forgery of the sender's email address in an email header.






25. A temporary public file to inform others of a compromised digital certificate






26. The first rating that requires security labels






27. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.






28. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.






29. Malware that makes many small changes over time to a single data point or system






30. To move from location to location - keeping the same function






31. Moving letters around






32. A subnetwork with storage devices servicing all servers on the attached network.






33. Pertaining to law - lending it self to one side of an argument






34. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code






35. The current internationally accepted set of standards and processes for information security products evaluation and assurance - which joins function and assurance requirements






36. A template for the designing the architecture






37. Creation distribution update and deletion






38. An image compression standard for photographs






39. One way encryption






40. Organized group of compromised computers






41. A committee of decision makers - business owners - technology experts and continuity professionals - tasked with making strategic recovery and continuity planning decisions for the organization.






42. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)






43. State of computer - to be running a process






44. Two certificate authorities that trust each other






45. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.






46. The guardian of asset(s) - a maintenance activity






47. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.






48. Power surge






49. A form of data hiding which protects running threads of execution from using each other's memory






50. Control category- to discourage an adversary from attempting to access