Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Unused storage capacity






2. System mediation of access with the focus on the context of the request






3. Weakness or flaw in an asset






4. A form of data hiding which protects running threads of execution from using each other's memory






5. Converts source code to an executable






6. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.






7. To evaluate the current situation and make basic decisions as to what to do






8. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.






9. Business activities or information that could not be interrupted or unavailable for several business days without significantly jeopardizing operation of the organization.






10. Record of system activity - which provides for monitoring and detection.






11. Pertaining to law - high degree of veracity






12. Unauthorized access of network devices.






13. The current internationally accepted set of standards and processes for information security products evaluation and assurance - which joins function and assurance requirements






14. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.






15. Security Policy - Personnel Controls - Supervisory Structure - Security Awareness Training - Testing






16. To move from location to location - keeping the same function






17. One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions






18. A layer 2 device that used to connect two network segments and regulate traffic.






19. Sphere of influence






20. A unit of execution






21. Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).






22. An attack that breaks up malicious code into fragments - in an attempt to elude detection.






23. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.






24. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






25. A software design technique for abstraction of a process






26. Malware that subverts the detective controls of an operating system






27. A choice in risk management - to implement a control that limits or lessens negative effects






28. Requires two of the three user authentication attributes (knows - is or has) - e.g. you have an ATM card and enter a PIN






29. Another subject cannot see an ongoing or pending update until it is complete






30. Mitigate damage by isolating compromised systems from the network.






31. A structured group of teams ready to take control of the recovery operations if a disaster should occur.






32. One of the key benefits of a network is the ability to share files stored on the server among several users.






33. A state for operating system tasks only






34. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.






35. Data or interference that can trigger a false positive






36. Joining two pieces of text






37. The time period between a disaster and a return to normal functions - during which the disaster recovery plan is employed.






38. Return to a normal state






39. Reduction of voltage by the utility company for a prolonged period of time






40. A social engineering attack that uses spoofed email or websites to persuade people to divulge information.






41. An availability attack - to consume resources to the point of exhaustion from multiple vectors






42. A disturbance that degrades performance of electronic devices and electronic communications.






43. Interception of a communication session by an attacker.






44. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.






45. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements






46. Control category - more than one control on a single asset






47. Business and technical process of applying security software updates in a regulated periodic way






48. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.






49. The event signaling an IDS to produce an alarm when no attack has taken place






50. Memory management technique which allows subjects to use the same resource







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests