Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Written core statements that rarely change






2. Asymmetric encryption of a hash of message






3. Short period of low voltage.






4. Policy or stated actions






5. Pertaining to law - accepted by a court






6. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources






7. A committee of decision makers - business owners - technology experts and continuity professionals - tasked with making strategic recovery and continuity planning decisions for the organization.






8. Information about data or records






9. Business activities or information that could not be interrupted or unavailable for several business days without significantly jeopardizing operation of the organization.






10. A back up type - where the organization has excess capacity in another location.






11. Forging of an IP address.






12. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities






13. A technology that reduces the size of a file.






14. Highly sensitive internal documents that could seriously damage the organization if such information were lost or made public.






15. Amount of time for restoring a business process or function to normal operations without major loss






16. Business and technical process of applying security software updates in a regulated periodic way






17. A covert storage channel on the file attribute






18. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements






19. Malware that uses the trust on a website to redirect users to untrusted websites which captures data or installs more malware






20. Impossibility of denying authenticity and identity






21. Moving letters around






22. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






23. Alerts personnel to the presence of a fire






24. A test that answers the questions: Does the organization have the documentation it needs? Can it be located?






25. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.






26. Real-time data backup ( Data Mirroring)






27. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.






28. Guidelines within an organization that control the rules and configurations of an IDS






29. Try a list of words in passwords or encryption keys






30. The process of assessing damage - following a disaster - to computer hardware - vital records - office facilities - etc. And determining what can be salvaged or restored and what must be replaced.






31. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.






32. State of computer - to be running a process






33. Vehicle or tool that exploits a weakness






34. A secure connection to another network.






35. Responsibility of a user for the actions taken by their account which requires unique identification






36. The technical and risk assesment of a system within the context of the operating environment






37. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives






38. Process whereby data is removed from active files and other data storage structures






39. A collection of data or information that has a name






40. A document designed to periodically exercise specific action tasks and procedures to ensure viability in a real disaster or severe outage situation.






41. Mathematical function that determines the cryptographic operations






42. To create a copy of data as a precaution against the loss or damage of the original data.






43. More than one process in the middle of executing at a time






44. Unauthorized wireless network access device.






45. Requirement to take time off






46. People protect their domain






47. A condition in which neither party is willing to stop their activity for the other to complete






48. A layer 3 device that used to connect two or more network segments and regulate traffic.






49. Pertaining to law - no omissions






50. The document that defines the resources - actions - tasks and data required to manage the business recovery process in the event of a business interruption within the stated disaster recovery goals.