Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Firewalls - encryption - and access control lists






2. Measures followed to restore critical functions following a security incident.






3. A program that waits for a condition or time to occur that executes an inappropriate activity






4. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.






5. Memory management technique which allows data to be moved from one memory address to another






6. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.






7. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.






8. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.






9. Copies of the plan are handed out to each functional area to ensure the plan properly deals with the area's needs and vulnerabilities






10. Moving letters around






11. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.






12. A Denial of Service attack that exploits packet filter firewalls that only inspect the initial fragment of a fragmented packet.






13. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.






14. To reduce sudden rises in current






15. A running key using a random key that is never used again






16. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.






17. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.






18. Object based description of a single resource and the permission each subject






19. A test conducted on multiple components of a plan - in conjunction with each other - typically under simulated operating conditions






20. An activity that is performed for the purpose of training and conditioning team members - and improving their performance.






21. Some systems are actually run at the alternate site






22. The chance that something negative will occur






23. The event signaling an IDS to produce an alarm when no attack has taken place






24. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






25. Subject based description of a system or a collection of resources






26. Descrambling the encrypted message with the corresponding key






27. A BCP testing type - a test that answers the question: Can the organization operate at the alternate location only?






28. Planning with a goal of returning to the normal business function






29. Heavily populated areas - particularly susceptible to high-intensity earthquakes - floods - tsunamis - or other disasters - for which emergency response may be necessary in the event of a disaster.






30. A shield against leakage of electromagnetic signals.






31. Communication of a security incident to stakeholders and data owners.






32. Information that - if made public or even shared around the organization - could seriously impede the organization's operations






33. A form of data hiding which protects running threads of execution from using each other's memory






34. Code making






35. Intermediate level - pertaining to planning






36. People protect their domain






37. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid






38. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.






39. The principles a person sets for themselves to follow






40. Third party processes used to organize the implementation of an architecture






41. The current internationally accepted set of standards and processes for information security products evaluation and assurance - which joins function and assurance requirements






42. Reduces causes of fire






43. One entity with two competing allegiances






44. A template for the designing the architecture






45. Converts a high level language into machine language






46. Converts source code to an executable






47. OOP concept of an object at runtime






48. A comprehensive set of controls comprising best practices in information security and provides guidelines on how to set up and maintain security programs.






49. A trusted issuer of digital certificates






50. Wrong against society







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests