Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Interception of a communication session by an attacker.






2. A control before attack






3. A committee of decision makers - business owners - technology experts and continuity professionals - tasked with making strategic recovery and continuity planning decisions for the organization.






4. A comprehensive set of controls comprising best practices in information security and provides guidelines on how to set up and maintain security programs.






5. Third party processes used to organize the implementation of an architecture






6. The principles a person sets for themselves to follow






7. Physical description on the exterior of an object that communicates the existence of a label






8. A test that answers the questions: Does the organization have the documentation it needs? Can it be located?






9. The first rating that requires security labels






10. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.






11. Information that - if made public or even shared around the organization - could seriously impede the organization's operations






12. Forging of an IP address.






13. A shield against leakage of electromagnetic signals.






14. A database that contains the name - type - range of values - source and authorization for access for each data element






15. A backup of data located where staff can gain access readily and a localized disaster will not cause harm






16. Server optimized for providing file-based data storage to the network. Unlike a File Server - a NAS unit has no input or output devices - and the OS is dedicated for providing storage services.






17. An unintended communication path






18. People who interact with assets






19. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.






20. Motive - opportunity - and means; when looking for suspects it is important to consider these 3 things






21. Vehicle stopping object






22. False memory reference






23. A hash that has been further encrypted with a symmetric algorithm






24. An availability attack - to consume resources to the point of exhaustion from multiple vectors






25. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code






26. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.






27. Something that happened






28. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.






29. Small data files written to a user's hard drive by a web server.






30. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.






31. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems






32. A covert storage channel on the file attribute






33. Written suggestions that direct choice to a few alternatives






34. Control category- to record an adversary's actions






35. Uncheck data input which results in redirection






36. Information about a particular data set






37. A documented battle plan for coordinating response to incidents.






38. The document that defines the resources - actions - tasks and data required to manage the business recovery process in the event of a business interruption within the stated disaster recovery goals.






39. A running key using a random key that is never used again






40. System of law based upon precedence - with major divisions of criminal - tort - and administrative






41. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






42. Power surge






43. Objects or programming that looks the different but act same






44. A set of laws that the organization agrees to be bound by






45. A programming device use in development to circumvent controls






46. A technology that reduces the size of a file.






47. Prolonged loss of commercial power






48. Object based description of a single resource and the permission each subject






49. OOP concept of a distinct copy of the class






50. Malware that makes many small changes over time to a single data point or system






Can you answer 50 questions in 15 minutes?



Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests