Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Renders the file inaccessible to the operating system - available to reuse for data storage.






2. A planned or unplanned interruption in system availability.






3. A physical enclosure for verifying identity before entry to a facility






4. Mitigate damage by isolating compromised systems from the network.






5. Motive - opportunity - and means; when looking for suspects it is important to consider these 3 things






6. System directed mediation of access with labels






7. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.






8. Weakness or flaw in an asset






9. Uses two or more legal systems






10. Computing power will double every 18 months


11. Memory management technique which allows data to be moved from one memory address to another






12. Dedicated fast memory located on the same board as the CPU






13. Recovery alternative which includes cold site and some equipment and infrastructure is available






14. To load the first piece of software that starts a computer.






15. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.






16. Unsolicited commercial email






17. A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the security policy






18. With enough computing power trying all possible combinations






19. Recording activities at the keyboard level






20. Program that inappropriately collects private data or activity






21. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.






22. A one way - directed graph which indicates confidentiality or integrity flow






23. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements






24. Tool which mediates access






25. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.






26. One method of exercising teams in which participants are challenged to determine the actions they would take in the event of a specific disaster scenario. Mock disasters usually involve all - or most - of the applicable teams.






27. A electronic attestation of identity by a certificate authority






28. Define the way in which the organization operates.






29. Server optimized for providing file-based data storage to the network. Unlike a File Server - a NAS unit has no input or output devices - and the OS is dedicated for providing storage services.






30. Used to code/decode a digital data stream.






31. Vehicle stopping object






32. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.






33. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.






34. Intellectual property protection for the expression of an idea






35. Written step-by-step actions






36. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.






37. Pertaining to law - lending it self to one side of an argument






38. Control category- to restore to a previous state by removing the adversary and or the results of their actions






39. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.






40. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.






41. Another subject cannot see an ongoing or pending update until it is complete






42. Object based description of a system or a collection of resources






43. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code






44. Induces a crime - tricks a person - and is illegal






45. One of the key benefits of a network is the ability to share files stored on the server among several users.






46. One entity with two competing allegiances






47. Of a system without prior knowledge by the tester or the tested






48. Potentially retrievable data residue that remains following intended erasure of data.






49. A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources (e.e workaround procedures - alternate work area - etc.)






50. A collection of data or information that has a name