Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A choice in risk management - to convince another to assume risk - typically by payment






2. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.






3. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.






4. A world-wide wireless technology






5. Process of statistically testing a data set for the likelihood of relevant information.






6. Planning for the delegation of authority required when decisions must be made without the normal chain of command






7. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements






8. Evaluation of a system without prior knowledge by the tester






9. Substitution at the word or phrase level






10. Uses a role-based method to determine access rights and permissions. Role based access control is based on the user's role and responsibilities within the company.






11. Malware that makes small random changes to many data points






12. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.






13. Control category- to discourage an adversary from attempting to access






14. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated






15. A BCP testing type - a test that answers the question: Can the organization operate at the alternate location only?






16. An asymmetric cryptography mechanism that provides authentication.






17. Object based description of a single resource and the permission each subject






18. A type of attack involving attempted insertion - deletion or altering of data.






19. A documented battle plan for coordinating response to incidents.






20. Actions measured against either a policy or what a reasonable person would do






21. An image compression standard for photographs






22. To reduce fire






23. Control category- to restore to a previous state by removing the adversary and or the results of their actions






24. A cooperative collection of business processes and technologies used for the purpose of binding individuals to a digital certificate






25. A device that provides the functions of both a bridge and a router.






26. Summary of a communication for the purpose of integrity






27. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)






28. Recovery alternative - complete duplication of services including personnel






29. Rapid switching back and forth between programs from the computer's perspective and appearing to do more that one thing at a time from the user's perspective






30. A type of multitasking that allows for more even distribution of computing time among competing request






31. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives






32. A process state - to be executing a process on the CPU






33. Controls for termination of attempt to access object






34. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.






35. More than one CPU on a single board






36. To jump to a conclusion






37. A temporary public file to inform others of a compromised digital certificate






38. Cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components






39. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.






40. An attack involving the hijacking of a TCP session by predicting a sequence number.






41. Property that data is represented in the same manner at all times






42. To know more than one job






43. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.






44. Total number of keys available that may be selected by the user of a cryptosystem






45. Vehicle stopping object






46. A description of a database






47. A layer 3 device that used to connect two or more network segments and regulate traffic.






48. Induces a crime - tricks a person - and is illegal






49. A backup type - for databases at a point in time






50. One way encryption