Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Wrong against society






2. Location where coordination and execution of BCP or DRP is directed






3. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.






4. A Denial of Service attack that exploits packet filter firewalls that only inspect the initial fragment of a fragmented packet.






5. The partial or full duplication of data from a source database to one or more destination databases.






6. Hitting a filed down key in a lock with a hammer to open without real key






7. Evaluation of a system without prior knowledge by the tester






8. Enclosure of electronic communication devices to prevent leakage of electromagnetic signals.






9. Controls for termination of attempt to access object






10. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated






11. Quantity of risk remaining after a control is applied






12. Regular operations are stopped and where processing is moved to the alternate site.






13. Employment education done once per position or at significant change of function






14. A layer 2 device that used to connect two or more network segments and regulate traffic.






15. To start business continuity processes






16. Individuals and departments responsible for the storage and safeguarding of computerized data.






17. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.






18. Transaction controls for a database - a return to a previous state






19. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems






20. Just enough access to do the job






21. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a hub).






22. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.






23. A record that must be preserved and available for retrieval if needed.






24. Use of specialized techniques for recovery - authentication - and analysis of electronic data






25. Substitution at the word or phrase level






26. Security policy - procedures - and compliance enforcement






27. Object based description of a system or a collection of resources






28. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.






29. Not fulfilling legally recognized obligation - failure to conform to a standard of care that results in injury or damage - and proximate causation - not practicing due diligence - or due care - not following prudent person (doing due diligence in due






30. Line by line translation from a high level language to machine code






31. A backup type - for databases at a point in time






32. Hardware or software that is part of a larger system






33. To collect many small pieces of data






34. Controls for logging and alerting






35. A hash that has been further encrypted with a symmetric algorithm






36. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






37. Control category - more than one control on a single asset






38. An attack involving the hijacking of a TCP session by predicting a sequence number.






39. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.






40. To reduce fire






41. Specific format of technical and physical controls that support the chosen framework and the architecture






42. Intellectual property protection for the expression of an idea






43. Program that inappropriately collects private data or activity






44. Trading one for another






45. A committee of decision makers - business owners - technology experts and continuity professionals - tasked with making strategic recovery and continuity planning decisions for the organization.






46. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.






47. One of the most important first steps in the planning development. Qualitative and quantitative data needs to be gathered - analyzed - interpreted and presented to management






48. The guardian of asset(s) - a maintenance activity






49. A condition in which neither party is willing to stop their activity for the other to complete






50. Actions measured against either a policy or what a reasonable person would do