Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A computer designed for the purpose of studying adversaries






2. Return to a normal state






3. To reduce sudden rises in current






4. Implementation of operating system protection mechanism - where more sensitive built upon the layering concept






5. Control type- that is communication based - typically written or oral






6. A planned or unplanned interruption in system availability.






7. Review of data






8. Object based description of a single resource and the permission each subject






9. Used to code/decode a digital data stream.






10. A codename that refers to the study and mitigation of information disclosure via electromagnetic emanations from electronic equipment.






11. Intermediate level - pertaining to planning






12. One of the most important first steps in the planning development. Qualitative and quantitative data needs to be gathered - analyzed - interpreted and presented to management






13. Location where coordination and execution of BCP or DRP is directed






14. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities






15. Redundant component that provides failover capability in the event of failure or interruption of a primary component.






16. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.






17. Control category - more than one control on a single asset






18. Using small special tools all tumblers of the lock are aligned - opening the door






19. Subset of operating systems components dedicated to protection mechanisms






20. A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.






21. A process state - to be either be unable to run waiting for an external event or terminated






22. Uncleared buffers or media






23. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems






24. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.






25. One of the key benefits of a network is the ability to share files stored on the server among several users.






26. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.






27. Continuous surveillance - to provide for detection and response of any failure in preventive controls.






28. Regular operations are stopped and where processing is moved to the alternate site.






29. Two certificate authorities that trust each other






30. Need to understand both the assets that need to be protected and management's priorities - Also be prepared to adjust the design over time - and verify the design has been implemented correctly - need to be good negotiator - artist and analyst.






31. To create a copy of data as a precaution against the loss or damage of the original data.






32. An attack technique that exploits systems that do not perform input validation by embedding partial SQL queries inside input.






33. Written step-by-step actions






34. Intellectual property protection for an invention






35. Also known as regulatory laws - covers standards of performance or conduct expected by government agencies from companies - industries - and certain officials






36. Planning with a goal of returning to the normal business function






37. Copies of the plan are handed out to each functional area to ensure the plan properly deals with the area's needs and vulnerabilities






38. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.






39. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress






40. A type of multitasking that allows for more even distribution of computing time among competing request






41. Intellectual property protection for the expression of an idea






42. A documented battle plan for coordinating response to incidents.






43. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements






44. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?






45. Communicate to stakeholders






46. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing






47. Pertaining to law - high degree of veracity






48. Pertaining to law - no omissions






49. Written suggestions that direct choice to a few alternatives






50. A programming device use in development to circumvent controls