Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Mediation of covert channels must be addressed






2. A failure of an IDS to detect an actual attack






3. Renders the record inaccessible to the database management system






4. Redundant component that provides failover capability in the event of failure or interruption of a primary component.






5. Potentially retrievable data residue that remains following intended erasure of data.






6. Intellectual property protection for marketing efforts






7. Reprogrammable basic startup instructions






8. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.






9. A condition in which neither party is willing to stop their activity for the other to complete






10. Companies should have their own team - made up of ppl from management - IT leagal - HR - and public relations - security and other key areas






11. A basic level of network access control that is based upon information contained in the IP packet header.






12. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress






13. Pertaining to law - verified as real






14. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a hub).






15. The chance that something negative will occur






16. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.






17. Forgery of the sender's email address in an email header.






18. One entity with two competing allegiances






19. A device that provides the functions of both a bridge and a router.






20. Alerts personnel to the presence of a fire






21. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?






22. Fault tolerance for power






23. Copies of the plan are handed out to each functional area to ensure the plan properly deals with the area's needs and vulnerabilities






24. Intellectual property management technique for identifying after distribution






25. A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.






26. To move from location to location - keeping the same function






27. Dedicated fast memory located on the same board as the CPU






28. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.






29. A running key using a random key that is never used again






30. Recording activities at the keyboard level






31. Representatives from each functional area or department get together and walk through the plan from beginning to end.






32. A type a computer memory that temporarily stores frequently used information for quick access.






33. Interception of a communication session by an attacker.






34. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






35. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.






36. The property that data meet with a priority expectation of quality and that the data can be relied upon.






37. An availability attack - to consume resources to the point of exhaustion






38. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.






39. Eavesdropping on network communications by a third party.






40. Line noise that is superimposed on the supply circuit.






41. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs






42. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing






43. Claiming another's identity at a physical level






44. Of a system without prior knowledge by the tester or the tested






45. Planning with a goal of returning to the normal business function






46. Measures followed to restore critical functions following a security incident.






47. Joining two pieces of text






48. Object reuse protection and auditing






49. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.






50. Recovery alternative - complete duplication of services including personnel