Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A record that must be preserved and available for retrieval if needed.






2. Intellectual property protection for the expression of an idea






3. Mathematical function that determines the cryptographic operations






4. Potential danger to information or systems






5. A database backup type which records at the transaction level






6. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






7. A planned or unplanned interruption in system availability.






8. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.






9. A type of attack involving attempted insertion - deletion or altering of data.






10. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive






11. Forging of an IP address.






12. Memory management technique that allows two processes to run concurrently without interaction






13. Written step-by-step actions






14. Renders the record inaccessible to the database management system






15. Physical description on the exterior of an object that communicates the existence of a label






16. The principles a person sets for themselves to follow






17. Owner directed mediation of access






18. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.






19. System of law based upon precedence - with major divisions of criminal - tort - and administrative






20. An asymmetric cryptography mechanism that provides authentication.






21. A set of best practices for programmers to seek in all application or data base design: Atomicity - Consistency - Isolation - Durability






22. Process whereby data is removed from active files and other data storage structures






23. Mitigation of system or component loss or interruption through use of backup capability.






24. The risk that remains after management implements internal controls - or some other response to risk - (Threats x Vulnerability x Asset Value) x Controls Gap = Residual Risk






25. Rapid switching back and forth between programs from the computer's perspective and appearing to do more that one thing at a time from the user's perspective






26. Enclosure of electronic communication devices to prevent leakage of electromagnetic signals.






27. Those who initiate the attack






28. A program with an inappropriate second purpose






29. Recovery alternative - short-term - high cost movable processing location






30. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.






31. Business and technical process of applying security software updates in a regulated periodic way






32. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.






33. Granular decision by a system of permitting or denying access to a particular resource on the system






34. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements






35. An event which stops business from continuing.






36. Momentary loss of power






37. A process state - (blocked) needing input before continuing






38. A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.






39. A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the security policy






40. Unauthorized access of network devices.






41. Natural occurrence in circuits that are in close proximity






42. One method of exercising teams in which participants are challenged to determine the actions they would take in the event of a specific disaster scenario. Mock disasters usually involve all - or most - of the applicable teams.






43. Maintenance procedures outline the process for the review and update of business continuity plans.






44. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.






45. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code






46. A computer designed for the purpose of studying adversaries






47. Outputs within a given function are the same result






48. Asymmetric encryption of a hash of message






49. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements






50. Of a system without prior knowledge by the tester or the tested







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests