Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A collection of data or information that has a name






2. Information about a particular data set






3. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.






4. Disruption of operation of an electronic device due to a competing electromagnetic field.






5. Regular operations are stopped and where processing is moved to the alternate site.






6. A description of a database






7. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.






8. Planning with a goal of returning to the normal business function






9. Reduction of voltage by the utility company for a prolonged period of time






10. Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization - community - nation - etc






11. Loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.






12. Define the way in which the organization operates.






13. Ertaining to a number system that has just two unique digits.






14. A process state - to be either be unable to run waiting for an external event or terminated






15. A risk assessment method - intrinsic value






16. Try a list of words in passwords or encryption keys






17. Weakness or flaw in an asset






18. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.






19. A distributed system's transaction control that requires updates to complete or rollback






20. Converts a high level language into machine language






21. Long term knowledge building






22. A group of hard drives working as one storage unit for the purpose of speed and fault tolerance






23. A program with an inappropriate second purpose






24. A technology that reduces the size of a file.






25. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.






26. An attack technique that exploits systems that do not perform input validation by embedding partial SQL queries inside input.






27. Potential danger to information or systems






28. A backup type - for databases at a point in time






29. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)






30. Use of specialized techniques for recovery - authentication - and analysis of electronic data






31. Periodic - automatic and transparent backup of data in bulk.






32. Return to a normal state






33. A copy of transaction data - designed for querying and reporting






34. A unit of execution






35. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.






36. A collection of information designed to reduce duplication and increase integrity






37. Eight bits.






38. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.






39. A telephone exchange for a specific office or business.






40. Subject based description of a system or a collection of resources






41. Encryption system using shared key/private key/single key/secret key






42. A back up type - where the organization has excess capacity in another location.






43. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






44. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.






45. A design methodology which addresses risk early and often






46. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.






47. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.






48. With enough computing power trying all possible combinations






49. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.






50. A hash that has been further encrypted with a symmetric algorithm