Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A protocol for the efficient transmission of voice over the Internet






2. A back up type - where the organization has excess capacity in another location.






3. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements






4. Heavily populated areas - particularly susceptible to high-intensity earthquakes - floods - tsunamis - or other disasters - for which emergency response may be necessary in the event of a disaster.






5. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities






6. A physical enclosure for verifying identity before entry to a facility






7. Companies should have their own team - made up of ppl from management - IT leagal - HR - and public relations - security and other key areas






8. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.






9. Consume resources to a point of exhaustion - loss of availability






10. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.






11. Tool which mediates access






12. Power surge






13. Inappropriate data






14. Framework that defines goals for the controls that should be used to properly manage IT - consists of 4 domains: - Plan and Organize - - Acquire and Implement - Deliver and Support - Monitor and Evaluate






15. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.






16. Process whereby data is removed from active files and other data storage structures






17. Program that inappropriately collects private data or activity






18. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."






19. A group of hard drives working as one storage unit for the purpose of speed and fault tolerance






20. To execute more than one instruction at an instant in time






21. Intellectual property protection for an invention






22. A telephone exchange for a specific office or business.






23. One entity with two competing allegiances






24. A condition in which neither party is willing to stop their activity for the other to complete






25. A group or network of honeypots






26. Using many alphabets






27. Robust project management process of new systems with at least the following phases: design and development - production - distribution - operation - maintenance - retirement - and disposal






28. Planning with a goal of returning to the normal business function






29. Requirement of access to data for a clearly defined purpose






30. Indivisible - data field must contain only one value that either all transactions take place or none do






31. Pertaining to law - high degree of veracity






32. System of law based upon precedence - with major divisions of criminal - tort - and administrative






33. To ensure that evidence will be admissible in court by showing it was properly controlled and handled before being presented in court






34. An activity that is performed for the purpose of training and conditioning team members - and improving their performance.






35. Memory management technique which allows subjects to use the same resource






36. For PKI - to store another copy of a key






37. Descrambling the encrypted message with the corresponding key






38. To jump to a conclusion






39. Memory - RAM






40. Property that data is represented in the same manner at all times






41. The hard drive






42. It is embedded as part of a complete device often including hardware and mechanical parts - Features a limited OS - Mobile phones - routers and wireless devices take a similar approach - Less than robust security features - Difficult to patch.






43. Organization way of classifying data by factors such as criticality - sensitivity and ownership.






44. Controls for termination of attempt to access object






45. The connection between a wireless and wired network.






46. People who interact with assets






47. A documented battle plan for coordinating response to incidents.






48. Policy or stated actions






49. Mediation of covert channels must be addressed






50. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.