Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. High degree of visual control






2. A mobilized resource purchased or contracted for the purpose of business recovery.






3. Business and technical process of applying security software updates in a regulated periodic way






4. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.






5. Dedicated fast memory located on the same board as the CPU






6. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.






7. Redundant component that provides failover capability in the event of failure or interruption of a primary component.






8. All of the protection mechanism in a computer system






9. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources






10. What is will remain - persistence






11. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.






12. Inappropriate data






13. A failure of an IDS to detect an actual attack






14. Disruption of operation of an electronic device due to a competing electromagnetic field.






15. The time period between a disaster and a return to normal functions - during which the disaster recovery plan is employed.






16. Another subject cannot see an ongoing or pending update until it is complete






17. A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.






18. An asymmetric cryptography mechanism that provides authentication.






19. Can be statistical (monitor behavior) or signature based (watch for known attacks)






20. More than one process in the middle of executing at a time






21. Archival Data is information that is not directly accessible to the user of a computer system but that the organization maintains for long-term storage and record keeping purposes.






22. The first rating that requires security labels






23. A comprehensive set of controls comprising best practices in information security and provides guidelines on how to set up and maintain security programs.






24. Property that data is represented in the same manner at all times






25. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.






26. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."






27. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data






28. Employment education done once per position or at significant change of function






29. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.






30. Recovery alternative - complete duplication of services including personnel






31. A test conducted on one or more components of a plan under actual operating conditions.






32. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals






33. A subnetwork with storage devices servicing all servers on the attached network.






34. The one person responsible for data - its classification and control setting






35. The property that data meet with a priority expectation of quality and that the data can be relied upon.






36. Measures followed to restore critical functions following a security incident.






37. Malware that uses the trust on a website to redirect users to untrusted websites which captures data or installs more malware






38. Two certificate authorities that trust each other






39. A structured group of teams ready to take control of the recovery operations if a disaster should occur.






40. A practice execution of the plan takes place. A specific scenario is established - and the simulation continues up to the point of actual relocation to the alternate site.






41. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive






42. A signal suggesting a system has been or is being attacked.






43. A process state - to be either be unable to run waiting for an external event or terminated






44. To reduce fire






45. Unauthorized access of network devices.






46. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.






47. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.






48. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.






49. Mathematical function that determines the cryptographic operations






50. To know more than one job