Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An access policy that uses a security label system. Users have clearances - and resources have security labels that contain data classifications. MAC compares these two attributes to determine access control capabilies - most commonly used in governm






2. Planning with a goal of returning to the normal business function






3. Someone who wants to cause harm






4. Indivisible - data field must contain only one value that either all transactions take place or none do






5. Record of system activity - which provides for monitoring and detection.






6. Highly sensitive internal documents that could seriously damage the organization if such information were lost or made public.






7. Induces a crime - tricks a person - and is illegal






8. Real-time data backup ( Data Mirroring)






9. Intellectual property management technique for identifying after distribution






10. To segregate for the purposes of labeling






11. Joining two pieces of text






12. An opportunity for a threat to cause loss. (terminology that encompasses many recent risk terms)






13. Identification and notification of an unauthorized and/or undesired action






14. To know more than one job






15. A backup type which creates a complete copy






16. Return to a normal state






17. Momentary loss of power






18. To collect many small pieces of data






19. Alerts personnel to the presence of a fire






20. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.






21. With enough computing power trying all possible combinations






22. Also known as regulatory laws - covers standards of performance or conduct expected by government agencies from companies - industries - and certain officials






23. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.






24. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).






25. The process of identifying - accessing - reducing risk to an acceptable level - and implementing the right countermeasure to maintain that level of risk






26. A database backup type which records at the transaction level






27. Process of statistically testing a data set for the likelihood of relevant information.






28. Independent malware that requires user interaction to execute






29. A form of data hiding which protects running threads of execution from using each other's memory






30. Wrong against society






31. Deals with discretionary protection






32. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.






33. A device that converts between digital and analog representation of data.






34. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.






35. Security policy - procedures - and compliance enforcement






36. Reprogrammable basic startup instructions






37. A design methodology which addresses risk early and often






38. To move from location to location - keeping the same function






39. The hard drive






40. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.






41. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.






42. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals






43. Two different keys decrypt the same cipher text






44. RADIUS - TACACS+ - Diameter






45. Asymmetric encryption of a hash of message






46. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.






47. Not fulfilling legally recognized obligation - failure to conform to a standard of care that results in injury or damage - and proximate causation - not practicing due diligence - or due care - not following prudent person (doing due diligence in due






48. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems






49. Record history of incident






50. Threats x Vulnerability x Asset Value = Total Risk







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests