Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Security Policy - Personnel Controls - Supervisory Structure - Security Awareness Training - Testing






2. Objects or programming that looks the different but act same






3. A state for operating system tasks only






4. The managerial approval to operate a system based upon knowledge of risk to operate






5. Unauthorized access of network devices.






6. Less granular organization of controls -






7. Enclosure of electronic communication devices to prevent leakage of electromagnetic signals.






8. To start business continuity processes






9. A state where two subjects can access the same object without proper mediation






10. System directed mediation of access with labels






11. Program instructions based upon the CPU's specific architecture






12. Planning with a goal of returning to the normal business function






13. Organization's prior arrangements made to maintain the functions and processes important to the existence of the organization






14. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.






15. Unused storage capacity






16. Cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components






17. To break a business process into separate functions and assign to different people






18. A process state - to be executing a process on the CPU






19. One way encryption






20. DoS - Spoofing - dictionary - brute force - wardialing






21. Disruption of operation of an electronic device due to a competing electromagnetic field.






22. The event signaling an IDS to produce an alarm when no attack has taken place






23. A choice in risk management - to implement a control that limits or lessens negative effects






24. A perpetrator leaves something behind or takes something with them at the scene of a crime

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


25. The property that data meet with a priority expectation of quality and that the data can be relied upon.






26. Weak evidence






27. Something that happened






28. Guidelines within an organization that control the rules and configurations of an IDS






29. Record of system activity - which provides for monitoring and detection.






30. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.






31. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated






32. High frequency noise






33. To set the clearance of a subject or the classification of an object






34. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.






35. May be responsible for overall recovery of an organization or unit(s).






36. Used to code/decode a digital data stream.






37. Two certificate authorities that trust each other






38. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.






39. Pertaining to law - no omissions






40. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?






41. Property that data is represented in the same manner at all times






42. The risk that remains after management implements internal controls - or some other response to risk - (Threats x Vulnerability x Asset Value) x Controls Gap = Residual Risk






43. Recovery alternative - everything needed for the business function - except people and last backup






44. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.






45. Business and technical process of applying security software updates in a regulated periodic way






46. Process whereby data is removed from active files and other data storage structures






47. A program with an inappropriate second purpose






48. Calculation encompassing threats - vulnerabilities and assets






49. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






50. Maximum tolerance for loss of certain business function - basis of strategy