Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An opportunity for a threat to cause loss. (terminology that encompasses many recent risk terms)






2. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.






3. Object based description of a single resource and the permission each subject






4. OOP concept of an object at runtime






5. Evaluation of a system without prior knowledge by the tester






6. Intellectual property protection for marketing efforts






7. Inappropriate data






8. Memory - RAM






9. A design methodology which executes in a linear one way fashion






10. One of the most important first steps in the planning development. Qualitative and quantitative data needs to be gathered - analyzed - interpreted and presented to management






11. Mediates communication between un-trusted hosts on behalf of the hosts that it protects.






12. Converts source code to an executable






13. Converts a high level language into machine language






14. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.






15. A social engineering attack that uses spoofed email or websites to persuade people to divulge information.






16. A software design technique for abstraction of a process






17. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.






18. Line by line translation from a high level language to machine code






19. A type of multitasking that allows for more even distribution of computing time among competing request






20. Hiding the fact that communication has occurred






21. A process state - (blocked) needing input before continuing






22. Disruption of operation of an electronic device due to a competing electromagnetic field.






23. To set the clearance of a subject or the classification of an object






24. Third party processes used to organize the implementation of an architecture






25. The time period between a disaster and a return to normal functions - during which the disaster recovery plan is employed.






26. Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.






27. Asymmetric encryption of a hash of message






28. Intermediate level - pertaining to planning






29. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).






30. A state for operating system tasks only






31. Total number of keys available that may be selected by the user of a cryptosystem






32. Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).






33. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.






34. Planning with a goal of returning to the normal business function






35. Collection of data on business functions which determines the strategy of resiliency






36. Computing power will double every 18 months

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


37. Method for determine functions - identifying function failure - assessing it - and were failure is most likely to occur






38. A test conducted on multiple components of a plan - in conjunction with each other - typically under simulated operating conditions






39. Of a system without prior knowledge by the tester or the tested






40. Memory management technique which allows data to be moved from one memory address to another






41. State of computer - to be running a process






42. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.






43. Unauthorized wireless network access device.






44. An availability attack - to consume resources to the point of exhaustion






45. A trusted issuer of digital certificates






46. The study of cryptography and cryptanalysis






47. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code






48. Dedicated fast memory located on the same board as the CPU






49. Identification and notification of an unauthorized and/or undesired action






50. What is will remain - persistence