Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A documented battle plan for coordinating response to incidents.






2. OOP concept of an object at runtime






3. Robust project management process of new systems with at least the following phases: design and development - production - distribution - operation - maintenance - retirement - and disposal






4. Of a system without prior knowledge by the tester or the tested






5. A programming design concept which abstracts one set of functions from another in a serialized fashion






6. A social engineering attack that uses spoofed email or websites to persuade people to divulge information.






7. Collection of data on business functions which determines the strategy of resiliency






8. Redundant component that provides failover capability in the event of failure or interruption of a primary component.






9. OOP concept of a distinct copy of the class






10. Lower frequency noise






11. The principles a person sets for themselves to follow






12. Someone who wants to cause harm






13. Individuals and departments responsible for the storage and safeguarding of computerized data.






14. To break a business process into separate functions and assign to different people






15. Searching for wireless networks in a moving car.






16. Loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.






17. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






18. System mediation of access with the focus on the context of the request






19. Hardware or software that is part of a larger system






20. All of the protection mechanism in a computer system






21. Controls for logging and alerting






22. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.






23. To create a copy of data as a precaution against the loss or damage of the original data.






24. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.






25. A database backup type which records at the transaction level






26. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






27. Initial surge of current






28. Potentially compromising leakage of electrical or acoustical signals.






29. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.






30. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).






31. Controls deployed to avert unauthorized and/or undesired actions.






32. Tool which mediates access






33. An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business - as well as legal or regulatory impacts.






34. DoS - Spoofing - dictionary - brute force - wardialing






35. Reduces causes of fire






36. For PKI - to store another copy of a key






37. Need to understand both the assets that need to be protected and management's priorities - Also be prepared to adjust the design over time - and verify the design has been implemented correctly - need to be good negotiator - artist and analyst.






38. Property that data is represented in the same manner at all times






39. Is secondhand and usually not admissible in court






40. Memory - RAM






41. A system designed to prevent unauthorized access to or from a private network.






42. To assert or claim credentialing to an authentication system






43. To smooth out reductions or increases in power






44. Written step-by-step actions






45. A failure of an IDS to detect an actual attack






46. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.






47. The process of identifying - accessing - reducing risk to an acceptable level - and implementing the right countermeasure to maintain that level of risk






48. Program instructions based upon the CPU's specific architecture






49. Recovery alternative - everything needed for the business function - except people and last backup






50. Small data files written to a user's hard drive by a web server.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests