Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A layer 3 device that used to connect two or more network segments and regulate traffic.






2. Highest level of authority at EOC with knowledge of the business process and the resources available






3. Renders the file inaccessible to the operating system - available to reuse for data storage.






4. Control type- that is communication based - typically written or oral






5. A choice in risk management - to convince another to assume risk - typically by payment






6. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources






7. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)






8. Property that data is represented in the same manner at all times






9. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data






10. Most granular organization of controls






11. The event signaling an IDS to produce an alarm when no attack has taken place






12. High level - pertaining to planning






13. Real-time data backup ( Data Mirroring)






14. An activity that is performed for the purpose of training and conditioning team members - and improving their performance.






15. Part of a transaction control for a database which informs the database of the last recorded transaction






16. An availability attack - to consume resources to the point of exhaustion






17. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity






18. The technical and risk assesment of a system within the context of the operating environment






19. Business and technical process of applying security software updates in a regulated periodic way






20. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements






21. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress






22. A programming design concept which abstracts one set of functions from another in a serialized fashion






23. A passive network attack involving monitoring of traffic.






24. The guardian of asset(s) - a maintenance activity






25. Method for determine functions - identifying function failure - assessing it - and were failure is most likely to occur






26. A technology that reduces the size of a file.






27. Autonomous malware that requires a flaw in a service






28. Impossibility of denying authenticity and identity






29. Potentially compromising leakage of electrical or acoustical signals.






30. To ensure that evidence will be admissible in court by showing it was properly controlled and handled before being presented in court






31. Recognition of an individual's assertion of identity.






32. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.






33. Deals with discretionary protection






34. A signal suggesting a system has been or is being attacked.






35. Potential danger to information or systems






36. An opportunity for a threat to cause loss. (terminology that encompasses many recent risk terms)






37. An individuals conduct that violates government laws developed to protect the public






38. A test that answers the questions: Does the organization have the documentation it needs? Can it be located?






39. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






40. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






41. Hitting a filed down key in a lock with a hammer to open without real key






42. A computer designed for the purpose of studying adversaries






43. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.






44. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive






45. Return to a normal state






46. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner






47. A risk assessment method - intrinsic value






48. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities






49. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.






50. Redundant component that provides failover capability in the event of failure or interruption of a primary component.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests