Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Sudden rise in voltage in the power supply.






2. To execute more than one instruction at an instant in time






3. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.






4. Recovery alternative - complete duplication of services including personnel






5. Mediation of subject and object interactions






6. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.






7. Property that data is represented in the same manner at all times






8. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.






9. Someone who wants to cause harm






10. Trading one for another






11. To reduce fire






12. Potentially retrievable data residue that remains following intended erasure of data.






13. A running key using a random key that is never used again






14. Highly sensitive internal documents that could seriously damage the organization if such information were lost or made public.






15. Try a list of words in passwords or encryption keys






16. Pertaining to law - lending it self to one side of an argument






17. Two certificate authorities that trust each other






18. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.






19. To load the first piece of software that starts a computer.






20. OOP concept of a taking attributes from the original or parent






21. OOP concept of a template that consist of attributes and behaviors






22. The core logic engine of an operating system which almost never changes






23. Malware that uses the trust on a website to redirect users to untrusted websites which captures data or installs more malware






24. A control after attack






25. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner






26. A hash that has been further encrypted with a symmetric algorithm






27. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)






28. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals






29. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions






30. Pertaining to law - high degree of veracity






31. A Denial of Service attack that exploits systems that are not able to handle malicious - overlapping and oversized IP fragments.






32. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.






33. Responsibility for actions






34. Intellectual property protection for an invention






35. A copy of transaction data - designed for querying and reporting






36. Object based description of a single resource and the permission each subject






37. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated






38. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.






39. Line noise that is superimposed on the supply circuit.






40. Claiming another's identity at a physical level






41. Potentially compromising leakage of electrical or acoustical signals.






42. Actions measured against either a policy or what a reasonable person would do






43. The process of assessing damage - following a disaster - to computer hardware - vital records - office facilities - etc. And determining what can be salvaged or restored and what must be replaced.






44. A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources (e.e workaround procedures - alternate work area - etc.)






45. More than one process in the middle of executing at a time






46. The level and label given to an individual for the purpose of compartmentalization






47. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing






48. OOP concept of a class's details to be hidden from object






49. Consume resources to a point of exhaustion - loss of availability






50. Reduction of voltage by the utility company for a prolonged period of time