Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Moving letters around






2. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities






3. To collect many small pieces of data






4. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.






5. Return to a normal state






6. The core logic engine of an operating system which almost never changes






7. System of law based upon precedence - with major divisions of criminal - tort - and administrative






8. A choice in risk management - to convince another to assume risk - typically by payment






9. An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business - as well as legal or regulatory impacts.






10. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing






11. Another subject cannot see an ongoing or pending update until it is complete






12. Controls for logging and alerting






13. Planning for the delegation of authority required when decisions must be made without the normal chain of command






14. The level and label given to an individual for the purpose of compartmentalization






15. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.






16. Interception of a communication session by an attacker.






17. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.






18. Define the way in which the organization operates.






19. System mediation of access with the focus on the context of the request






20. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.






21. A trusted issuer of digital certificates






22. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions






23. Control category - more than one control on a single asset






24. The chance that something negative will occur






25. Tool which mediates access






26. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.






27. A mail server that improperly allows inbound SMTP connections for domains it does not serve.






28. Intellectual property management technique for identifying after distribution






29. Review of data






30. To ensure that evidence will be admissible in court by showing it was properly controlled and handled before being presented in court






31. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.






32. One entity with two competing allegiances






33. More than one process in the middle of executing at a time






34. A basic level of network access control that is based upon information contained in the IP packet header.






35. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).






36. The problems solving state - the opposite of supervisor mode






37. Searching for wireless networks in a moving car.






38. Moving the alphabet intact a certain number spaces






39. The process of identifying - accessing - reducing risk to an acceptable level - and implementing the right countermeasure to maintain that level of risk






40. To move from location to location - keeping the same function






41. Quantity of risk remaining after a control is applied






42. Sudden rise in voltage in the power supply.






43. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity






44. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems






45. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.






46. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.






47. Transaction controls for a database - a return to a previous state






48. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.






49. Momentary loss of power






50. Induces a crime - tricks a person - and is illegal