Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Memory management technique which allows subjects to use the same resource






2. Is secondhand and usually not admissible in court






3. Reduction of voltage by the utility company for a prolonged period of time






4. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.






5. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services






6. Potentially compromising leakage of electrical or acoustical signals.






7. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions






8. OOP concept of a taking attributes from the original or parent






9. Creation distribution update and deletion






10. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.






11. People protect their domain






12. Business activities or information that could not be interrupted or unavailable for several business days without significantly jeopardizing operation of the organization.






13. Inference about encrypted communications






14. Location where coordination and execution of BCP or DRP is directed






15. The principles a person sets for themselves to follow






16. Pertaining to law - high degree of veracity






17. The study of cryptography and cryptanalysis






18. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






19. A program with an inappropriate second purpose






20. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive






21. To move from location to location - keeping the same function






22. A type of attack involving attempted insertion - deletion or altering of data.






23. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.






24. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






25. More than one CPU on a single board






26. Recovery alternative - a building only with sufficient power - and HVAC






27. A choice in risk management - to convince another to assume risk - typically by payment






28. A trusted issuer of digital certificates






29. False memory reference






30. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.






31. Deals with discretionary protection






32. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.






33. Summary of a communication for the purpose of integrity






34. Mediation of covert channels must be addressed






35. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity






36. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.






37. Requirement of access to data for a clearly defined purpose






38. Line by line translation from a high level language to machine code






39. Information which has retained its importance - but which has been created or stored by software/hardware that has been rendered obsolete.






40. Record of system activity - which provides for monitoring and detection.






41. High degree of visual control






42. For PKI - to store another copy of a key






43. An administrative unit or a group of objects and subjects controlled by one reference monitor






44. Security policy - procedures - and compliance enforcement






45. Methodical research of an incident with the purpose of finding the root cause






46. A shield against leakage of electromagnetic signals.






47. Unsolicited advertising software






48. Using small special tools all tumblers of the lock are aligned - opening the door






49. Try a list of words in passwords or encryption keys






50. What is will remain - persistence