Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Encryption system using shared key/private key/single key/secret key






2. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services






3. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives






4. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.






5. Loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.






6. Collection of data on business functions which determines the strategy of resiliency






7. Also known as regulatory laws - covers standards of performance or conduct expected by government agencies from companies - industries - and certain officials






8. Computing power will double every 18 months

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


9. An attack that breaks up malicious code into fragments - in an attempt to elude detection.






10. Responsibility for actions






11. Employment education done once per position or at significant change of function






12. Malware that makes many small changes over time to a single data point or system






13. Security policy - procedures - and compliance enforcement






14. Memory - RAM






15. System mediation of access with the focus on the context of the request






16. A failure of an IDS to detect an actual attack






17. Uses two or more legal systems






18. DoS - Spoofing - dictionary - brute force - wardialing






19. A layer 2 device that used to connect two network segments and regulate traffic.






20. Using many alphabets






21. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.






22. Outputs within a given function are the same result






23. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.






24. Owner directed mediation of access






25. Indivisible - data field must contain only one value that either all transactions take place or none do






26. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs






27. Controls for logging and alerting






28. A Denial of Service attack that exploits packet filter firewalls that only inspect the initial fragment of a fragmented packet.






29. Notification that a potential disaster situation exists or has occurred; direction for recipient to stand by for possible activation of disaster recovery plan.






30. Those who initiate the attack






31. A computer designed for the purpose of studying adversaries






32. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.






33. Companies should have their own team - made up of ppl from management - IT leagal - HR - and public relations - security and other key areas






34. Planning for the delegation of authority required when decisions must be made without the normal chain of command






35. Inference about encrypted communications






36. Interception of a communication session by an attacker.






37. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists






38. A backup of data located where staff can gain access immediately






39. People who interact with assets






40. One method of exercising teams in which participants are challenged to determine the actions they would take in the event of a specific disaster scenario. Mock disasters usually involve all - or most - of the applicable teams.






41. A layer 2 device that used to connect two or more network segments and regulate traffic.






42. Line by line translation from a high level language to machine code






43. OOP concept of an object's abilities - what it does






44. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.






45. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.






46. More than one CPU on a single board






47. Organized group of compromised computers






48. To move from location to location - keeping the same function






49. A description of a database






50. The risk that remains after management implements internal controls - or some other response to risk - (Threats x Vulnerability x Asset Value) x Controls Gap = Residual Risk







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests