Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The process of categorizing attack alerts produced from an IDS in order to distinguish false positives from actual attacks






2. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.






3. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.






4. A template for the designing the architecture






5. Object based description of a single resource and the permission each subject






6. Loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.






7. A BCP testing type - a test that answers the question: Can the organization replicate the business process?






8. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives






9. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.






10. Long term knowledge building






11. To assert or claim credentialing to an authentication system






12. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated






13. Someone who want to know how something works - typically by taking it apart






14. Unsolicited commercial email






15. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data






16. Unchecked data which spills into another location in memory






17. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)






18. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code






19. Control category - more than one control on a single asset






20. Control category- to give instructions or inform






21. Mathematical function that determines the cryptographic operations






22. Robust project management process of new systems with at least the following phases: design and development - production - distribution - operation - maintenance - retirement - and disposal






23. Recognition of an individual's assertion of identity.






24. Intellectual property protection for an confidential and critical process






25. A shield against leakage of electromagnetic signals.






26. Program that inappropriately collects private data or activity






27. A backup of data located where staff can not gain access readily and a regional disaster will not cause harm






28. Unauthorized access of network devices.






29. OOP concept of an object's abilities - what it does






30. A computer designed for the purpose of studying adversaries






31. A structured group of teams ready to take control of the recovery operations if a disaster should occur.






32. Employment education done once per position or at significant change of function






33. To collect many small pieces of data






34. Vehicle stopping object






35. Adversary intercepts encrypted communications - decrypts - views - encrypts - and send along to the true destination






36. An image compression standard for photographs






37. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs






38. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






39. Interception of a communication session by an attacker.






40. Object reuse protection and auditing






41. Malware that makes small random changes to many data points






42. May be responsible for overall recovery of an organization or unit(s).






43. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.






44. Regular operations are stopped and where processing is moved to the alternate site.






45. A test conducted on one or more components of a plan under actual operating conditions.






46. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress






47. A device that sequentially switches multiple analog inputs to the output.






48. A copy of transaction data - designed for querying and reporting






49. Eavesdropping on network communications by a third party.






50. Redundant component that provides failover capability in the event of failure or interruption of a primary component.