Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Total number of keys available that may be selected by the user of a cryptosystem






2. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.






3. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.






4. A process state - (blocked) needing input before continuing






5. Requires two of the three user authentication attributes (knows - is or has) - e.g. you have an ATM card and enter a PIN






6. A database backup type which records at the transaction level






7. The first rating that requires security labels






8. The collection and summation of risk data relating to a particular asset and controls for that asset






9. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.






10. Physical description on the exterior of an object that communicates the existence of a label






11. Amount of time for restoring a business process or function to normal operations without major loss






12. To assert or claim credentialing to an authentication system






13. System of law based upon precedence - with major divisions of criminal - tort - and administrative






14. A condition in which neither party is willing to stop their activity for the other to complete






15. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid






16. The managerial approval to operate a system based upon knowledge of risk to operate






17. Recovery alternative - a building only with sufficient power - and HVAC






18. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






19. Less granular organization of controls -






20. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.






21. A passive network attack involving monitoring of traffic.






22. A copy of transaction data - designed for querying and reporting






23. A backup of data located where staff can gain access immediately






24. Fault tolerance for power






25. Binary decision by a system of permitting or denying access to the entire system






26. Rapid switching back and forth between programs from the computer's perspective and appearing to do more that one thing at a time from the user's perspective






27. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


28. Cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components






29. Joining two pieces of text






30. Enclosure of electronic communication devices to prevent leakage of electromagnetic signals.






31. An activity that is performed for the purpose of training and conditioning team members - and improving their performance.






32. A value an organization places on an IDS based on past performance and analysis to help determine its ability to effectively identify an attack






33. Written step-by-step actions






34. Property that data is represented in the same manner at all times






35. A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the security policy






36. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.






37. A trusted issuer of digital certificates






38. Standard for the establishment - implementation - control - and improvement of the Information Security Management System






39. Mediates communication between un-trusted hosts on behalf of the hosts that it protects.






40. A programming design concept which abstracts one set of functions from another in a serialized fashion






41. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives






42. Objects or programming that looks the different but act same






43. A mail server that improperly allows inbound SMTP connections for domains it does not serve.






44. Renders the record inaccessible to the database management system






45. Moving letters around






46. An opportunity for a threat to cause loss. (terminology that encompasses many recent risk terms)






47. The hard drive






48. Controls for termination of attempt to access object






49. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.






50. A backup of data located where staff can gain access readily and a localized disaster will not cause harm