Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Line by line translation from a high level language to machine code






2. Specific format of technical and physical controls that support the chosen framework and the architecture






3. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data






4. Archival Data is information that is not directly accessible to the user of a computer system but that the organization maintains for long-term storage and record keeping purposes.






5. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements






6. Someone who wants to cause harm






7. Recovery alternative - everything needed for the business function - except people and last backup






8. Business and technical process of applying security software updates in a regulated periodic way






9. A secure connection to another network.






10. Statistical probabilities of a collision are more likely than one thinks






11. Using many alphabets






12. A set of laws that the organization agrees to be bound by






13. The managerial approval to operate a system based upon knowledge of risk to operate






14. Impossibility of denying authenticity and identity






15. Creation distribution update and deletion






16. Final purpose or result






17. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements






18. To collect many small pieces of data






19. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."






20. Inappropriate data






21. Most granular organization of controls






22. Not fulfilling legally recognized obligation - failure to conform to a standard of care that results in injury or damage - and proximate causation - not practicing due diligence - or due care - not following prudent person (doing due diligence in due






23. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.






24. Something that happened






25. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.






26. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.






27. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements






28. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).






29. A hash that has been further encrypted with a symmetric algorithm






30. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid






31. A back up type - where the organization has excess capacity in another location.






32. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.






33. System of law based upon precedence - with major divisions of criminal - tort - and administrative






34. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.






35. A disturbance that degrades performance of electronic devices and electronic communications.






36. Control category- to record an adversary's actions






37. Recovery alternative which outsources a business function at a cost






38. Copies of the plan are handed out to each functional area to ensure the plan properly deals with the area's needs and vulnerabilities






39. The restoration of computer files from backup media to restore programs and production data to the state that existed at the time of the last safe backup.






40. The event signaling an IDS to produce an alarm when no attack has taken place






41. A copy of transaction data - designed for querying and reporting






42. An unintended communication path






43. Actions measured against either a policy or what a reasonable person would do






44. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services






45. Outputs within a given function are the same result






46. Malware that makes small random changes to many data points






47. A process state - to be either be unable to run waiting for an external event or terminated






48. Some systems are actually run at the alternate site






49. A layer 2 device that used to connect two network segments and regulate traffic.






50. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests