Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Evidence must be: admissible - authentic - complete - accurate - and convincing






2. Autonomous malware that requires a flaw in a service






3. The document that defines the resources - actions - tasks and data required to manage the business recovery process in the event of a business interruption within the stated disaster recovery goals.






4. The process of identifying - accessing - reducing risk to an acceptable level - and implementing the right countermeasure to maintain that level of risk






5. A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the security policy






6. Recovery alternative - everything needed for the business function - except people and last backup






7. To know more than one job






8. Inference about encrypted communications






9. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.






10. Recognition of an individual's assertion of identity.






11. Hitting a filed down key in a lock with a hammer to open without real key






12. Real-time - automatic and transparent backup of data.






13. A risk assessment method - intrinsic value






14. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.






15. Periodic - automatic and transparent backup of data in bulk.






16. Methodical research of an incident with the purpose of finding the root cause






17. To load the first piece of software that starts a computer.






18. Location where coordination and execution of BCP or DRP is directed






19. A mail server that improperly allows inbound SMTP connections for domains it does not serve.






20. Individuals and departments responsible for the storage and safeguarding of computerized data.






21. A cooperative collection of business processes and technologies used for the purpose of binding individuals to a digital certificate






22. A device that provides the functions of both a bridge and a router.






23. Enclosure of electronic communication devices to prevent leakage of electromagnetic signals.






24. Method for determine functions - identifying function failure - assessing it - and were failure is most likely to occur






25. Fault tolerance for power






26. To start business continuity processes






27. Motive - opportunity - and means; when looking for suspects it is important to consider these 3 things






28. Renders the record inaccessible to the database management system






29. Renders the file inaccessible to the operating system - available to reuse for data storage.






30. Security policy - procedures - and compliance enforcement






31. The time period between a disaster and a return to normal functions - during which the disaster recovery plan is employed.






32. A perpetrator leaves something behind or takes something with them at the scene of a crime

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


33. Converts source code to an executable






34. A Trojan horse with the express underlying purpose of controlling host from a distance






35. A type of attack involving attempted insertion - deletion or altering of data.






36. Firewalls - encryption - and access control lists






37. Momentary loss of power






38. A record that must be preserved and available for retrieval if needed.






39. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.






40. Communication of a security incident to stakeholders and data owners.






41. Mathematical function that determines the cryptographic operations






42. A choice in risk management - to convince another to assume risk - typically by payment






43. An individuals conduct that violates government laws developed to protect the public






44. The current internationally accepted set of standards and processes for information security products evaluation and assurance - which joins function and assurance requirements






45. A disturbance that degrades performance of electronic devices and electronic communications.






46. Subjects will not interact with each other's objects






47. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."






48. Review of data






49. Framework that defines goals for the controls that should be used to properly manage IT - consists of 4 domains: - Plan and Organize - - Acquire and Implement - Deliver and Support - Monitor and Evaluate






50. Written step-by-step actions