Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Objects or programming that looks the different but act same






2. A collection of information designed to reduce duplication and increase integrity






3. Organization way of classifying data by factors such as criticality - sensitivity and ownership.






4. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.






5. Amount of time for restoring a business process or function to normal operations without major loss






6. A trusted issuer of digital certificates






7. Business and technical process of applying security software updates in a regulated periodic way






8. Recovery alternative - everything needed for the business function - except people and last backup






9. Independent malware that requires user interaction to execute






10. Key






11. Define the way in which the organization operates.






12. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity






13. Policy or stated actions






14. Vehicle stopping object






15. A program with an inappropriate second purpose






16. Inappropriate data






17. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.






18. More than one process in the middle of executing at a time






19. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.






20. The managerial approval to operate a system based upon knowledge of risk to operate






21. An access policy that uses a security label system. Users have clearances - and resources have security labels that contain data classifications. MAC compares these two attributes to determine access control capabilies - most commonly used in governm






22. Subset of operating systems components dedicated to protection mechanisms






23. Recovery alternative - complete duplication of services including personnel






24. OOP concept of an object's abilities - what it does






25. Object based description of a single resource and the permission each subject






26. A protocol for the efficient transmission of voice over the Internet






27. Effort/time needed to overcome a protective measure






28. A choice in risk management - to convince another to assume risk - typically by payment






29. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.






30. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.






31. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements






32. One entity with two competing allegiances






33. The restoration of computer files from backup media to restore programs and production data to the state that existed at the time of the last safe backup.






34. Planning for the delegation of authority required when decisions must be made without the normal chain of command






35. The level and label given to an individual for the purpose of compartmentalization






36. Return to a normal state






37. To start business continuity processes






38. A covert storage channel on the file attribute






39. For PKI - decertify an entities certificate






40. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).






41. Summary of a communication for the purpose of integrity






42. Interception of a communication session by an attacker.






43. Substitution at the word or phrase level






44. The core of a computer that calculates






45. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives






46. A layer 2 device that used to connect two network segments and regulate traffic.






47. Granular decision by a system of permitting or denying access to a particular resource on the system






48. A software design technique for abstraction of a process






49. Real-time data backup ( Data Mirroring)






50. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities