Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Subjects will not interact with each other's objects






2. A covert storage channel on the file attribute






3. An alert or alarm that is triggered when no actual attack has taken place






4. Recovery alternative - short-term - high cost movable processing location






5. A electronic attestation of identity by a certificate authority






6. Loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.






7. Communicate to stakeholders






8. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?






9. Intellectual property protection for an invention






10. An availability attack - to consume resources to the point of exhaustion






11. A programming device use in development to circumvent controls






12. After being seized - the investigator should make a bit mirror image copy of the storage media before doing anything else.






13. A technology that reduces the size of a file.






14. A protocol for the efficient transmission of voice over the Internet






15. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.






16. Natural or human-readable form of message






17. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists






18. Unsolicited commercial email






19. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


20. Effort/time needed to overcome a protective measure






21. A program with an inappropriate second purpose






22. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated






23. A database that contains the name - type - range of values - source and authorization for access for each data element






24. A state where two subjects can access the same object without proper mediation






25. Small data files written to a user's hard drive by a web server.






26. To break a business process into separate functions and assign to different people






27. Two different keys decrypt the same cipher text






28. Mathematical function that determines the cryptographic operations






29. A back up type - where the organization has excess capacity in another location.






30. Asymmetric encryption of a hash of message






31. Joining two pieces of text






32. Rapid switching back and forth between programs from the computer's perspective and appearing to do more that one thing at a time from the user's perspective






33. Continuous surveillance - to provide for detection and response of any failure in preventive controls.






34. The chance that something negative will occur






35. Unsolicited advertising software






36. Subset of operating systems components dedicated to protection mechanisms






37. Someone who wants to cause harm






38. OOP concept of a distinct copy of the class






39. Implementation of measures to deter specific threats to the continuity of business operations - and/or respond to any occurrence of such threats in a timely and appropriate manner.






40. Object based description of a system or a collection of resources






41. An unintended communication path






42. Malware that uses the trust on a website to redirect users to untrusted websites which captures data or installs more malware






43. Real-time data backup ( Data Mirroring)






44. Scrambled form of the message or data






45. Regular operations are stopped and where processing is moved to the alternate site.






46. Recording the Who What When Where How of evidence






47. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.






48. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.






49. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.






50. Recovery alternative which outsources a business function at a cost