Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Malware that subverts the detective controls of an operating system






2. Induces a crime - tricks a person - and is illegal






3. A control after attack






4. Natural occurrence in circuits that are in close proximity






5. OOP concept of a template that consist of attributes and behaviors






6. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.






7. One method of exercising teams in which participants are challenged to determine the actions they would take in the event of a specific disaster scenario. Mock disasters usually involve all - or most - of the applicable teams.






8. An event which stops business from continuing.






9. Evaluation of a system without prior knowledge by the tester






10. Record history of incident






11. The level and label given to an individual for the purpose of compartmentalization






12. High level design or model with a goal of consistency - integrity - and balance






13. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.






14. A committee of decision makers - business owners - technology experts and continuity professionals - tasked with making strategic recovery and continuity planning decisions for the organization.






15. A covert storage channel on the file attribute






16. Business activities or information that could not be interrupted or unavailable for several business days without significantly jeopardizing operation of the organization.






17. Information that - if made public or even shared around the organization - could seriously impede the organization's operations






18. Measures followed to restore critical functions following a security incident.






19. The risk that remains after management implements internal controls - or some other response to risk - (Threats x Vulnerability x Asset Value) x Controls Gap = Residual Risk






20. Long term knowledge building






21. Memory management technique which allows data to be moved from one memory address to another






22. Communicate to stakeholders






23. Specific format of technical and physical controls that support the chosen framework and the architecture






24. Archival Data is information that is not directly accessible to the user of a computer system but that the organization maintains for long-term storage and record keeping purposes.






25. Copies of the plan are handed out to each functional area to ensure the plan properly deals with the area's needs and vulnerabilities






26. Reprogrammable basic startup instructions






27. One entity with two competing allegiances






28. Communication of a security incident to stakeholders and data owners.






29. An asymmetric cryptography mechanism that provides authentication.






30. Converts source code to an executable






31. Consume resources to a point of exhaustion - loss of availability






32. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)






33. A telephone exchange for a specific office or business.






34. Information about data or records






35. Memory management technique that allows two processes to run concurrently without interaction






36. Creation distribution update and deletion






37. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.






38. Mitigation of system or component loss or interruption through use of backup capability.






39. Recovery alternative - a building only with sufficient power - and HVAC






40. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.






41. A legal enforceable agreement between: two people - two organizations - a person and an organization.






42. A signal suggesting a system has been or is being attacked.






43. Someone who want to know how something works - typically by taking it apart






44. Ertaining to a number system that has just two unique digits.






45. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data






46. A distributed system's transaction control that requires updates to complete or rollback






47. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.






48. To stop damage from spreading






49. Just enough access to do the job






50. Binary decision by a system of permitting or denying access to the entire system







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests