Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Requirement of access to data for a clearly defined purpose






2. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






3. Unsolicited advertising software






4. People protect their domain






5. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.






6. For PKI - to store another copy of a key






7. Firewalls - encryption - and access control lists






8. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives






9. Someone who wants to cause harm






10. Potential danger to information or systems






11. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.






12. A Denial of Service attack initiated by sending spoofed UDP echo request to IP broadcast addresses. (See Smurf)






13. Alternate facility - other than the primary production site - where duplicated vital records and documentation may be stored for use during disaster recovery.






14. OOP concept of a class's details to be hidden from object






15. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code






16. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions






17. The time period between a disaster and a return to normal functions - during which the disaster recovery plan is employed.






18. A shield against leakage of electromagnetic signals.






19. Using small special tools all tumblers of the lock are aligned - opening the door






20. Asymmetric encryption of a hash of message






21. Object reuse protection and auditing






22. Malware that subverts the detective controls of an operating system






23. Searching for wireless networks in a moving car.






24. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.






25. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.






26. Controls deployed to avert unauthorized and/or undesired actions.






27. A group or network of honeypots






28. Program that inappropriately collects private data or activity






29. One entity with two competing allegiances






30. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.






31. A backup of data located where staff can gain access readily and a localized disaster will not cause harm






32. Total number of keys available that may be selected by the user of a cryptosystem






33. Recovery alternative which outsources a business function at a cost






34. Initial surge of current






35. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.






36. A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources (e.e workaround procedures - alternate work area - etc.)






37. Mitigation of system or component loss or interruption through use of backup capability.






38. A protocol for the efficient transmission of voice over the Internet






39. Eight bits.






40. A choice in risk management - to convince another to assume risk - typically by payment






41. A passive network attack involving monitoring of traffic.






42. Organized group of compromised computers






43. Converts a high level language into machine language






44. Interception of a communication session by an attacker.






45. Regular operations are stopped and where processing is moved to the alternate site.






46. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive






47. Memory management technique that allows two processes to run concurrently without interaction






48. System of law based upon precedence - with major divisions of criminal - tort - and administrative






49. Induces a crime - tricks a person - and is illegal






50. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests