Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."






2. Small data files written to a user's hard drive by a web server.






3. Malware that makes many small changes over time to a single data point or system






4. A planned or unplanned interruption in system availability.






5. A collection of information designed to reduce duplication and increase integrity






6. Granular decision by a system of permitting or denying access to a particular resource on the system






7. Less granular organization of controls -






8. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.






9. A mobilized resource purchased or contracted for the purpose of business recovery.






10. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.






11. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.






12. Most granular organization of controls






13. Recording activities at the keyboard level






14. A layer 2 device that used to connect two network segments and regulate traffic.






15. Control category- to restore to a previous state by removing the adversary and or the results of their actions






16. Record history of incident






17. To create a copy of data as a precaution against the loss or damage of the original data.






18. Memory management technique which allows data to be moved from one memory address to another






19. A device that converts between digital and analog representation of data.






20. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.






21. A control before attack






22. A covert storage channel on the file attribute






23. Key






24. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.






25. To jump to a conclusion






26. Notification that a potential disaster situation exists or has occurred; direction for recipient to stand by for possible activation of disaster recovery plan.






27. For PKI - to have more than one person in charge of a sensitive function






28. Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization - community - nation - etc






29. Outputs within a given function are the same result






30. Quantity of risk remaining after a control is applied






31. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.






32. Requirement of access to data for a clearly defined purpose






33. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.






34. Creation distribution update and deletion






35. Third party processes used to organize the implementation of an architecture






36. A document designed to periodically exercise specific action tasks and procedures to ensure viability in a real disaster or severe outage situation.






37. High level design or model with a goal of consistency - integrity - and balance






38. A committee of decision makers - business owners - technology experts and continuity professionals - tasked with making strategic recovery and continuity planning decisions for the organization.






39. Forgery of the sender's email address in an email header.






40. Ertaining to a number system that has just two unique digits.






41. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.






42. High degree of visual control






43. Amount of time for restoring a business process or function to normal operations without major loss






44. Consume resources to a point of exhaustion - loss of availability






45. Uses two or more legal systems






46. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.






47. Collection of data on business functions which determines the strategy of resiliency






48. Provides a physical cross connect point for devices.






49. An image compression standard for photographs






50. Joining two pieces of text