Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The guardian of asset(s) - a maintenance activity






2. Policy or stated actions






3. A database backup type which records at the transaction level






4. Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).






5. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs






6. Creation distribution update and deletion






7. A state for operating system tasks only






8. Process whereby data is removed from active files and other data storage structures






9. Data or interference that can trigger a false positive






10. Pertaining to law - high degree of veracity






11. A program with an inappropriate second purpose






12. The response of an organization to a disaster or other significant event that may significantly impact the organization - its people - or its ability to function productively.






13. To collect many small pieces of data






14. A value an organization places on an IDS based on past performance and analysis to help determine its ability to effectively identify an attack






15. Autonomous malware that requires a flaw in a service






16. Moving letters around






17. The one person responsible for data - its classification and control setting






18. Owner directed mediation of access






19. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.






20. Motive - opportunity - and means; when looking for suspects it is important to consider these 3 things






21. Recovery alternative - a building only with sufficient power - and HVAC






22. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.






23. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)






24. Archival Data is information that is not directly accessible to the user of a computer system but that the organization maintains for long-term storage and record keeping purposes.






25. An attack that breaks up malicious code into fragments - in an attempt to elude detection.






26. Of a system without prior knowledge by the tester or the tested






27. A test conducted on multiple components of a plan - in conjunction with each other - typically under simulated operating conditions






28. Physical description on the exterior of an object that communicates the existence of a label






29. Uncheck data input which results in redirection






30. A documented battle plan for coordinating response to incidents.






31. Organized group of compromised computers






32. Maximum tolerance for loss of certain business function - basis of strategy






33. People protect their domain






34. An alert or alarm that is triggered when no actual attack has taken place






35. Tool which mediates access






36. Disruption of operation of an electronic device due to a competing electromagnetic field.






37. The property that data meet with a priority expectation of quality and that the data can be relied upon.






38. A system designed to prevent unauthorized access to or from a private network.






39. Notification that a potential disaster situation exists or has occurred; direction for recipient to stand by for possible activation of disaster recovery plan.






40. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.






41. To evaluate the current situation and make basic decisions as to what to do






42. To execute more than one instruction at an instant in time






43. The core logic engine of an operating system which almost never changes






44. Object based description of a system or a collection of resources






45. Narrow scope examination of a system






46. Less granular organization of controls -






47. One of the key benefits of a network is the ability to share files stored on the server among several users.






48. Dedicated fast memory located on the same board as the CPU






49. Intellectual property protection for an invention






50. Server optimized for providing file-based data storage to the network. Unlike a File Server - a NAS unit has no input or output devices - and the OS is dedicated for providing storage services.