Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A protocol for the efficient transmission of voice over the Internet






2. Program instructions based upon the CPU's specific architecture






3. A BCP testing type - a test that answers the question: Can the organization replicate the business process?






4. Regular operations are stopped and where processing is moved to the alternate site.






5. Organized group of compromised computers






6. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






7. False memory reference






8. Authentication protocol which only uses symmetric session keys between principals distributed by a 3rd party using different preshared symmetric keys






9. Of a system without prior knowledge by the tester or the tested






10. Outputs within a given function are the same result






11. Alerts personnel to the presence of a fire






12. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources






13. A control after attack






14. Narrow scope examination of a system






15. Process whereby data is removed from active files and other data storage structures






16. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.






17. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.






18. Renders the file inaccessible to the operating system - available to reuse for data storage.






19. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.






20. Framework that defines goals for the controls that should be used to properly manage IT - consists of 4 domains: - Plan and Organize - - Acquire and Implement - Deliver and Support - Monitor and Evaluate






21. Summary of a communication for the purpose of integrity






22. Most granular organization of controls






23. Pertaining to law - accepted by a court






24. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.






25. A process state - to be either be unable to run waiting for an external event or terminated






26. Initial surge of current






27. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.






28. Organization's prior arrangements made to maintain the functions and processes important to the existence of the organization






29. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.






30. OOP concept of a taking attributes from the original or parent






31. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.






32. To smooth out reductions or increases in power






33. An availability attack - to consume resources to the point of exhaustion from multiple vectors






34. Potentially retrievable data residue that remains following intended erasure of data.






35. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)






36. Recovery alternative - a building only with sufficient power - and HVAC






37. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions






38. Reduces causes of fire






39. Moving letters around






40. A structured group of teams ready to take control of the recovery operations if a disaster should occur.






41. Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization - community - nation - etc






42. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions






43. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.






44. Natural occurrence in circuits that are in close proximity






45. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






46. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.






47. A electronic attestation of identity by a certificate authority






48. Unused storage capacity






49. The risk that remains after management implements internal controls - or some other response to risk - (Threats x Vulnerability x Asset Value) x Controls Gap = Residual Risk






50. Information about a particular data set