Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A form of data hiding which protects running threads of execution from using each other's memory






2. Representatives from each functional area or department get together and walk through the plan from beginning to end.






3. Potentially retrievable data residue that remains following intended erasure of data.






4. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.






5. Location to perform the business function






6. More than one CPU on a single board






7. Momentary loss of power






8. One method of exercising teams in which participants are challenged to determine the actions they would take in the event of a specific disaster scenario. Mock disasters usually involve all - or most - of the applicable teams.






9. Organization's prior arrangements made to maintain the functions and processes important to the existence of the organization






10. Dedicated fast memory located on the same board as the CPU






11. The document that defines the resources - actions - tasks and data required to manage the business recovery process in the event of a business interruption within the stated disaster recovery goals.






12. Robust project management process of new systems with at least the following phases: design and development - production - distribution - operation - maintenance - retirement - and disposal






13. One way encryption






14. Information about a particular data set






15. A Denial of Service attack initiated by sending spoofed UDP echo request to IP broadcast addresses. (See Smurf)






16. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.






17. Information that - if made public or even shared around the organization - could seriously impede the organization's operations






18. Weakness or flaw in an asset






19. The managerial approval to operate a system based upon knowledge of risk to operate






20. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.






21. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






22. A trusted issuer of digital certificates






23. Recognition of an individual's assertion of identity.






24. The collection and summation of risk data relating to a particular asset and controls for that asset






25. Written core statements that rarely change






26. Of a system without prior knowledge by the tester or the tested






27. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.






28. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.






29. A program that waits for a condition or time to occur that executes an inappropriate activity






30. Responsibility of a user for the actions taken by their account which requires unique identification






31. Trading one for another






32. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.






33. OOP concept of an object's abilities - what it does






34. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






35. The hard drive






36. The problems solving state - the opposite of supervisor mode






37. A programming design concept which abstracts one set of functions from another in a serialized fashion






38. A condition in which neither party is willing to stop their activity for the other to complete






39. Mediation of covert channels must be addressed






40. Eavesdropping on network communications by a third party.






41. A Denial of Service attack that floods the target system with connection requests that are not finalized.






42. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.






43. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






44. Memory management technique which allows data to be moved from one memory address to another






45. Scrambled form of the message or data






46. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated






47. Method for determine functions - identifying function failure - assessing it - and were failure is most likely to occur






48. The guardian of asset(s) - a maintenance activity






49. Periodic - automatic and transparent backup of data in bulk.






50. One of the key benefits of a network is the ability to share files stored on the server among several users.