Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Reprogrammable basic startup instructions






2. Hitting a filed down key in a lock with a hammer to open without real key






3. Of a system without prior knowledge by the tester or the tested






4. Memory management technique which allows data to be moved from one memory address to another






5. Representatives from each functional area or department get together and walk through the plan from beginning to end.






6. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.






7. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.






8. Real-time - automatic and transparent backup of data.






9. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.






10. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.






11. Prolonged loss of commercial power






12. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.






13. Recovery alternative - complete duplication of services including personnel






14. Intermediate level - pertaining to planning






15. Pertaining to law - high degree of veracity






16. Calculation encompassing threats - vulnerabilities and assets






17. Object based description of a single resource and the permission each subject






18. Maximum tolerance for loss of certain business function - basis of strategy






19. Code breaking - practice of defeating the protective properties of cryptography.






20. A backup of data located where staff can gain access readily and a localized disaster will not cause harm






21. People who interact with assets






22. Use of specialized techniques for recovery - authentication - and analysis of electronic data






23. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.






24. Forging of an IP address.






25. Property that data is represented in the same manner at all times






26. Key






27. Individuals and departments responsible for the storage and safeguarding of computerized data.






28. Pertaining to law - lending it self to one side of an argument






29. System mediation of access with the focus on the context of the request






30. To move from location to location - keeping the same function






31. Sphere of influence






32. Those who initiate the attack






33. A design methodology which executes in a linear one way fashion






34. Unauthorized wireless network access device.






35. An individuals conduct that violates government laws developed to protect the public






36. To start business continuity processes






37. Mitigate damage by isolating compromised systems from the network.






38. Something that happened






39. Uncleared buffers or media






40. A signal suggesting a system has been or is being attacked.






41. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






42. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.






43. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements






44. An opportunity for a threat to cause loss. (terminology that encompasses many recent risk terms)






45. It is embedded as part of a complete device often including hardware and mechanical parts - Features a limited OS - Mobile phones - routers and wireless devices take a similar approach - Less than robust security features - Difficult to patch.






46. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.






47. Information which has retained its importance - but which has been created or stored by software/hardware that has been rendered obsolete.






48. Line noise that is superimposed on the supply circuit.






49. Process whereby data is removed from active files and other data storage structures






50. Wrong against society