Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Hiding the fact that communication has occurred






2. A mail server that improperly allows inbound SMTP connections for domains it does not serve.






3. A system that enforces an access control policy between two networks.






4. Natural or human-readable form of message






5. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.






6. A software design technique for abstraction of a process






7. Program that inappropriately collects private data or activity






8. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.






9. Real-time data backup ( Data Mirroring)






10. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.






11. Trading one for another






12. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists






13. Need to understand both the assets that need to be protected and management's priorities - Also be prepared to adjust the design over time - and verify the design has been implemented correctly - need to be good negotiator - artist and analyst.






14. OOP concept of a distinct copy of the class






15. An opportunity for a threat to cause loss. (terminology that encompasses many recent risk terms)






16. Record of system activity - which provides for monitoring and detection.






17. An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business - as well as legal or regulatory impacts.






18. To break a business process into separate functions and assign to different people






19. Control type- that is communication based - typically written or oral






20. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.






21. Potential danger to information or systems






22. Communication of a security incident to stakeholders and data owners.






23. A practice execution of the plan takes place. A specific scenario is established - and the simulation continues up to the point of actual relocation to the alternate site.






24. Natural occurrence in circuits that are in close proximity






25. A Trojan horse with the express underlying purpose of controlling host from a distance






26. Hitting a filed down key in a lock with a hammer to open without real key






27. A BCP testing type - a test that answers the question: Can the organization replicate the business process?






28. The core of a computer that calculates






29. The core logic engine of an operating system which almost never changes






30. Pertaining to law - accepted by a court






31. Controls for logging and alerting






32. Transaction controls for a database - a return to a previous state






33. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.






34. Standard for the establishment - implementation - control - and improvement of the Information Security Management System






35. Claiming another's identity at a physical level






36. Uncheck data input which results in redirection






37. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress






38. Line noise that is superimposed on the supply circuit.






39. Periodic - automatic and transparent backup of data in bulk.






40. Requirement of access to data for a clearly defined purpose






41. Event(s) that cause harm






42. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.






43. An individuals conduct that violates government laws developed to protect the public






44. Forgery of the sender's email address in an email header.






45. Vehicle or tool that exploits a weakness






46. A description of a database






47. Object based description of a single resource and the permission each subject






48. Collection of data on business functions which determines the strategy of resiliency






49. Abstract and mathematical in nature - defining all possible states - transitions and operations






50. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests