Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To set the clearance of a subject or the classification of an object






2. Using many alphabets






3. Summary of a communication for the purpose of integrity






4. A practice execution of the plan takes place. A specific scenario is established - and the simulation continues up to the point of actual relocation to the alternate site.






5. A template for the designing the architecture






6. Property that data is represented in the same manner at all times






7. RADIUS - TACACS+ - Diameter






8. Computing power will double every 18 months

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


9. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.






10. Record of system activity - which provides for monitoring and detection.






11. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services






12. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.






13. Memory management technique which allows subjects to use the same resource






14. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.






15. A secure connection to another network.






16. A Denial of Service attack that exploits packet filter firewalls that only inspect the initial fragment of a fragmented packet.






17. One of the key benefits of a network is the ability to share files stored on the server among several users.






18. Long term knowledge building






19. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.






20. Forgery of the sender's email address in an email header.






21. False memory reference






22. The process of assessing damage - following a disaster - to computer hardware - vital records - office facilities - etc. And determining what can be salvaged or restored and what must be replaced.






23. A subnetwork with storage devices servicing all servers on the attached network.






24. A signal suggesting a system has been or is being attacked.






25. The event signaling an IDS to produce an alarm when no attack has taken place






26. Initial surge of current






27. The core logic engine of an operating system which almost never changes






28. For PKI - to have more than one person in charge of a sensitive function






29. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.






30. Program that inappropriately collects private data or activity






31. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.






32. Control category- to restore to a previous state by removing the adversary and or the results of their actions






33. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.






34. High level - pertaining to planning






35. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.






36. Two different keys decrypt the same cipher text






37. Used to code/decode a digital data stream.






38. OOP concept of an object's abilities - what it does






39. All of the protection mechanism in a computer system






40. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)






41. A software design technique for abstraction of a process






42. Controls deployed to avert unauthorized and/or undesired actions.






43. Planning for the delegation of authority required when decisions must be made without the normal chain of command






44. Loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.






45. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.






46. Alternate facility - other than the primary production site - where duplicated vital records and documentation may be stored for use during disaster recovery.






47. Inappropriate data






48. Can be statistical (monitor behavior) or signature based (watch for known attacks)






49. Claiming another's identity at a physical level






50. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)