Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A process state - to be executing a process on the CPU






2. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.






3. Recovery alternative - short-term - high cost movable processing location






4. A passive network attack involving monitoring of traffic.






5. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources






6. A backup of data located where staff can gain access readily and a localized disaster will not cause harm






7. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.






8. Intellectual property management technique for identifying after distribution






9. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.






10. Guidelines within an organization that control the rules and configurations of an IDS






11. A shield against leakage of electromagnetic signals.






12. OOP concept of a class's details to be hidden from object






13. Control category- to discourage an adversary from attempting to access






14. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.






15. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services






16. Asymmetric encryption of a hash of message






17. Sphere of influence






18. A process state - to be either be unable to run waiting for an external event or terminated






19. DoS - Spoofing - dictionary - brute force - wardialing






20. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.






21. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.






22. Another subject cannot see an ongoing or pending update until it is complete






23. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






24. Policy or stated actions






25. Rapid switching back and forth between programs from the computer's perspective and appearing to do more that one thing at a time from the user's perspective






26. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.






27. A race condition where the security changes during the object's access






28. A document designed to periodically exercise specific action tasks and procedures to ensure viability in a real disaster or severe outage situation.






29. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.






30. Control category- to give instructions or inform






31. Reduces causes of fire






32. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.






33. OOP concept of an object's abilities - what it does






34. A test conducted on one or more components of a plan under actual operating conditions.






35. A electronic attestation of identity by a certificate authority






36. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.






37. One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions






38. To reduce fire






39. One entity with two competing allegiances






40. Notification that a potential disaster situation exists or has occurred; direction for recipient to stand by for possible activation of disaster recovery plan.






41. Unauthorized access of network devices.






42. Memory - RAM






43. Use of specialized techniques for recovery - authentication - and analysis of electronic data






44. A mail server that improperly allows inbound SMTP connections for domains it does not serve.






45. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.






46. Substitution at the word or phrase level






47. System directed mediation of access with labels






48. Granular decision by a system of permitting or denying access to a particular resource on the system






49. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.






50. A database backup type which records at the transaction level