Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Memory - RAM






2. Written step-by-step actions






3. Moving the alphabet intact a certain number spaces






4. Can be statistical (monitor behavior) or signature based (watch for known attacks)






5. Subject based description of a system or a collection of resources






6. Mitigation of system or component loss or interruption through use of backup capability.






7. Business and technical process of applying security software updates in a regulated periodic way






8. The process of identifying - accessing - reducing risk to an acceptable level - and implementing the right countermeasure to maintain that level of risk






9. The managerial approval to operate a system based upon knowledge of risk to operate






10. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.






11. The one person responsible for data - its classification and control setting






12. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.






13. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.






14. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






15. A choice in risk management - to convince another to assume risk - typically by payment






16. Deals with discretionary protection






17. A mobilized resource purchased or contracted for the purpose of business recovery.






18. Eight bits.






19. Act of scrambling the cleartext message by using a key.






20. A computer designed for the purpose of studying adversaries






21. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






22. A Trojan horse with the express underlying purpose of controlling host from a distance






23. Narrow scope examination of a system






24. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.






25. An asymmetric cryptography mechanism that provides authentication.






26. A BCP testing type - a test that answers the question: Can the organization operate at the alternate location only?






27. A type of multitasking that allows for more even distribution of computing time among competing request






28. A protocol for the efficient transmission of voice over the Internet






29. A backup of data located where staff can gain access immediately






30. A control after attack






31. Malware that makes many small changes over time to a single data point or system






32. Low level - pertaining to planning






33. Momentary loss of power






34. Code making






35. A temporary public file to inform others of a compromised digital certificate






36. To ensure that evidence will be admissible in court by showing it was properly controlled and handled before being presented in court






37. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.






38. Real-time data backup ( Data Mirroring)






39. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.






40. Descrambling the encrypted message with the corresponding key






41. The response of an organization to a disaster or other significant event that may significantly impact the organization - its people - or its ability to function productively.






42. A BCP testing type - a test that answers the question: Can the organization replicate the business process?






43. Code breaking - practice of defeating the protective properties of cryptography.






44. Object reuse protection and auditing






45. A secure connection to another network.






46. A backup of data located where staff can gain access readily and a localized disaster will not cause harm






47. Information about a particular data set






48. One way encryption






49. A world-wide wireless technology






50. To reduce sudden rises in current