Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A backup of data located where staff can not gain access readily and a regional disaster will not cause harm






2. Implementation of measures to deter specific threats to the continuity of business operations - and/or respond to any occurrence of such threats in a timely and appropriate manner.






3. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.






4. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


5. Reduction of voltage by the utility company for a prolonged period of time






6. A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.






7. Effort/time needed to overcome a protective measure






8. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.






9. Written core statements that rarely change






10. Eavesdropping on network communications by a third party.






11. Line by line translation from a high level language to machine code






12. Code making






13. Natural or human-readable form of message






14. Reprogrammable basic startup instructions






15. Act of luring an intruder and is legal.






16. uropean standard for IT security criteria. Wasn't universally adopted. - Consists of four components:1. "Security Target" 2. "Target of Evaluation" or ToE. 3. Functional Levels. 4. Assurance Levels.






17. Eavesdropping on network communications by a third party.






18. Intellectual property protection for an confidential and critical process






19. Real-time data backup ( Data Mirroring)






20. An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy.






21. False memory reference






22. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.






23. Robust project management process of new systems with at least the following phases: design and development - production - distribution - operation - maintenance - retirement - and disposal






24. Dedicated fast memory located on the same board as the CPU






25. A computer designed for the purpose of studying adversaries






26. To load the first piece of software that starts a computer.






27. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources






28. Hiding the fact that communication has occurred






29. Implementation of operating system protection mechanism - where more sensitive built upon the layering concept






30. Not fulfilling legally recognized obligation - failure to conform to a standard of care that results in injury or damage - and proximate causation - not practicing due diligence - or due care - not following prudent person (doing due diligence in due






31. Archival Data is information that is not directly accessible to the user of a computer system but that the organization maintains for long-term storage and record keeping purposes.






32. Recovery alternative - complete duplication of services including personnel






33. The core logic engine of an operating system which almost never changes






34. A collection of information designed to reduce duplication and increase integrity






35. Recovery alternative - everything needed for the business function - except people and last backup






36. A temporary public file to inform others of a compromised digital certificate






37. Intellectual property management technique for identifying after distribution






38. A backup of data located where staff can gain access immediately






39. Disruption of operation of an electronic device due to a competing electromagnetic field.






40. A description of a database






41. Periodic - automatic and transparent backup of data in bulk.






42. Requires two of the three user authentication attributes (knows - is or has) - e.g. you have an ATM card and enter a PIN






43. Hardware or software that is part of a larger system






44. Hitting a filed down key in a lock with a hammer to open without real key






45. To move from location to location - keeping the same function






46. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.






47. A hash that has been further encrypted with a symmetric algorithm






48. Policy or stated actions






49. A system designed to prevent unauthorized access to or from a private network.






50. Individuals - normally managers or directors - who have responsibility .for the integrity - accurate reporting and use of computerized data.