Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.






2. Uncleared buffers or media






3. Of a system without prior knowledge by the tester or the tested






4. Line by line translation from a high level language to machine code






5. Code making






6. The process of identifying - accessing - reducing risk to an acceptable level - and implementing the right countermeasure to maintain that level of risk






7. Cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components






8. Using many alphabets






9. Control category- to give instructions or inform






10. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.






11. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.






12. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities






13. System of law based upon what is good for society






14. Subjects will not interact with each other's objects






15. Program instructions based upon the CPU's specific architecture






16. A BCP testing type - a test that answers the question: Can the organization operate at the alternate location only?






17. The risk that remains after management implements internal controls - or some other response to risk - (Threats x Vulnerability x Asset Value) x Controls Gap = Residual Risk






18. A group of hard drives working as one storage unit for the purpose of speed and fault tolerance






19. Summary of a communication for the purpose of integrity






20. Binary decision by a system of permitting or denying access to the entire system






21. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.






22. An availability attack - to consume resources to the point of exhaustion






23. A failure of an IDS to detect an actual attack






24. Reduces causes of fire






25. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.






26. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?






27. Evidence must be: admissible - authentic - complete - accurate - and convincing






28. Alerts personnel to the presence of a fire






29. Potentially retrievable data residue that remains following intended erasure of data.






30. A device that provides the functions of both a bridge and a router.






31. Threats x Vulnerability x Asset Value = Total Risk






32. Small data warehouse






33. A subnetwork with storage devices servicing all servers on the attached network.






34. A set of best practices for programmers to seek in all application or data base design: Atomicity - Consistency - Isolation - Durability






35. Calculation encompassing threats - vulnerabilities and assets






36. Server optimized for providing file-based data storage to the network. Unlike a File Server - a NAS unit has no input or output devices - and the OS is dedicated for providing storage services.






37. Moving the alphabet intact a certain number spaces






38. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner






39. Loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.






40. Lower frequency noise






41. Mediation of subject and object interactions






42. Sphere of influence






43. An attack that breaks up malicious code into fragments - in an attempt to elude detection.






44. To reduce fire






45. Malware that makes many small changes over time to a single data point or system






46. Natural or human-readable form of message






47. Mathematical function that determines the cryptographic operations






48. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.






49. Standard for the establishment - implementation - control - and improvement of the Information Security Management System






50. An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business - as well as legal or regulatory impacts.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests