Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.






2. Using many alphabets






3. A Denial of Service attack that floods the target system with connection requests that are not finalized.






4. A control after attack






5. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?






6. OOP concept of a template that consist of attributes and behaviors






7. Potential danger to information or systems






8. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives






9. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.






10. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.






11. RADIUS - TACACS+ - Diameter






12. To move from location to location - keeping the same function






13. A BCP testing type - a test that answers the question: Can the organization replicate the business process?






14. One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions






15. A shield against leakage of electromagnetic signals.






16. Act of scrambling the cleartext message by using a key.






17. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources






18. Try a list of words in passwords or encryption keys






19. An asymmetric cryptography mechanism that provides authentication.






20. Unauthorized wireless network access device.






21. A program that waits for a condition or time to occur that executes an inappropriate activity






22. To break a business process into separate functions and assign to different people






23. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.






24. OOP concept of a taking attributes from the original or parent






25. Event(s) that cause harm






26. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress






27. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)






28. Physical description on the exterior of an object that communicates the existence of a label






29. Cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components






30. Computing power will double every 18 months

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


31. A Denial of Service attack that exploits packet filter firewalls that only inspect the initial fragment of a fragmented packet.






32. Claiming another's identity at a physical level






33. Uses a role-based method to determine access rights and permissions. Role based access control is based on the user's role and responsibilities within the company.






34. Subset of operating systems components dedicated to protection mechanisms






35. After being seized - the investigator should make a bit mirror image copy of the storage media before doing anything else.






36. Subject based description of a system or a collection of resources






37. Code making






38. Interception of a communication session by an attacker.






39. Inappropriate data






40. Pertaining to law - high degree of veracity






41. Most granular organization of controls






42. Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.






43. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.






44. Autonomous malware that requires a flaw in a service






45. Requirement to take time off






46. Policy or stated actions






47. An event which stops business from continuing.






48. Unused storage capacity






49. Quantity of risk remaining after a control is applied






50. An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy.