Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. One entity with two competing allegiances






2. The connection between a wireless and wired network.






3. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)






4. May be responsible for overall recovery of an organization or unit(s).






5. Data or interference that can trigger a false positive






6. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?






7. OOP concept of a class's details to be hidden from object






8. Information which has retained its importance - but which has been created or stored by software/hardware that has been rendered obsolete.






9. Collection of data on business functions which determines the strategy of resiliency






10. An individuals conduct that violates government laws developed to protect the public






11. Hitting a filed down key in a lock with a hammer to open without real key






12. A computer designed for the purpose of studying adversaries






13. Define the way in which the organization operates.






14. A program that waits for a condition or time to occur that executes an inappropriate activity






15. A type of multitasking that allows for more even distribution of computing time among competing request






16. Creation distribution update and deletion






17. Two different keys decrypt the same cipher text






18. Reprogrammable basic startup instructions






19. A electronic attestation of identity by a certificate authority






20. For PKI - decertify an entities certificate






21. A running key using a random key that is never used again






22. A design methodology which executes in a linear one way fashion






23. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.






24. Information that - if made public or even shared around the organization - could seriously impede the organization's operations






25. Intellectual property protection for an confidential and critical process






26. Subset of operating systems components dedicated to protection mechanisms






27. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements






28. To start business continuity processes






29. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






30. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






31. A codename that refers to the study and mitigation of information disclosure via electromagnetic emanations from electronic equipment.






32. Just enough access to do the job






33. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.






34. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)






35. Final purpose or result






36. A test conducted on multiple components of a plan - in conjunction with each other - typically under simulated operating conditions






37. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a hub).






38. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






39. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.






40. Highly sensitive internal documents that could seriously damage the organization if such information were lost or made public.






41. An unintended communication path






42. To stop damage from spreading






43. Malware that uses the trust on a website to redirect users to untrusted websites which captures data or installs more malware






44. Enclosure of electronic communication devices to prevent leakage of electromagnetic signals.






45. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.






46. Control category- to give instructions or inform






47. A race condition where the security changes during the object's access






48. Converts a high level language into machine language






49. Momentary loss of power






50. A basic level of network access control that is based upon information contained in the IP packet header.