Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Intellectual property protection for the expression of an idea






2. A system designed to prevent unauthorized access to or from a private network.






3. People who interact with assets






4. Measures followed to restore critical functions following a security incident.






5. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?






6. Wrong against society






7. Lower frequency noise






8. A mobilized resource purchased or contracted for the purpose of business recovery.






9. Actions measured against either a policy or what a reasonable person would do






10. Mitigation of system or component loss or interruption through use of backup capability.






11. A risk assessment method - intrinsic value






12. System mediation of access with the focus on the context of the request






13. A mail server that improperly allows inbound SMTP connections for domains it does not serve.






14. Vehicle stopping object






15. A process state - to be executing a process on the CPU






16. An alert or alarm that is triggered when no actual attack has taken place






17. Object based description of a single resource and the permission each subject






18. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.






19. A backup of data located where staff can gain access readily and a localized disaster will not cause harm






20. Small data warehouse






21. Communicate to stakeholders






22. Unauthorized access of network devices.






23. Summary of a communication for the purpose of integrity






24. Renders the file inaccessible to the operating system - available to reuse for data storage.






25. Pertaining to law - high degree of veracity






26. A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the security policy






27. A choice in risk management - to convince another to assume risk - typically by payment






28. Searching for wireless networks in a moving car.






29. A risk assessment method - measurable real money cost






30. A technology that reduces the size of a file.






31. An availability attack - to consume resources to the point of exhaustion






32. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.






33. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive






34. Regular operations are stopped and where processing is moved to the alternate site.






35. A unit of execution






36. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.






37. With enough computing power trying all possible combinations






38. Information about data or records






39. Consume resources to a point of exhaustion - loss of availability






40. Control category - more than one control on a single asset






41. An opportunity for a threat to cause loss. (terminology that encompasses many recent risk terms)






42. Subject based description of a system or a collection of resources






43. A world-wide wireless technology






44. Review of data






45. An individuals conduct that violates government laws developed to protect the public






46. Encryption system using shared key/private key/single key/secret key






47. What is will remain - persistence






48. A layer 2 device that used to connect two or more network segments and regulate traffic.






49. The partial or full duplication of data from a source database to one or more destination databases.






50. To set the clearance of a subject or the classification of an object