Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Identification and notification of an unauthorized and/or undesired action






2. Evidence must be: admissible - authentic - complete - accurate - and convincing






3. A type a computer memory that temporarily stores frequently used information for quick access.






4. A cooperative collection of business processes and technologies used for the purpose of binding individuals to a digital certificate






5. Record history of incident






6. Something that happened






7. Lower frequency noise






8. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)






9. Forgery of the sender's email address in an email header.






10. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.






11. Unchecked data which spills into another location in memory






12. A BCP testing type - a test that answers the question: Can the organization replicate the business process?






13. A failure of an IDS to detect an actual attack






14. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.






15. High level - pertaining to planning






16. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


17. A group of hard drives working as one storage unit for the purpose of speed and fault tolerance






18. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.






19. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources






20. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






21. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.






22. Methodical research of an incident with the purpose of finding the root cause






23. Long term knowledge building






24. Line by line translation from a high level language to machine code






25. Method for determine functions - identifying function failure - assessing it - and were failure is most likely to occur






26. Responsibility for actions






27. Review of data






28. What is will remain - persistence






29. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities






30. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).






31. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.






32. A shield against leakage of electromagnetic signals.






33. A layer 3 device that used to connect two or more network segments and regulate traffic.






34. Act of scrambling the cleartext message by using a key.






35. To collect many small pieces of data






36. Of a system without prior knowledge by the tester or the tested






37. A collection of information designed to reduce duplication and increase integrity






38. DoS - Spoofing - dictionary - brute force - wardialing






39. Memory management technique that allows two processes to run concurrently without interaction






40. The level and label given to an individual for the purpose of compartmentalization






41. Deals with discretionary protection






42. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.






43. Organization way of classifying data by factors such as criticality - sensitivity and ownership.






44. A covert storage channel on the file attribute






45. A Denial of Service attack that floods the target system with connection requests that are not finalized.






46. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.






47. An event which stops business from continuing.






48. Location where coordination and execution of BCP or DRP is directed






49. Maximum tolerance for loss of certain business function - basis of strategy






50. An exact bit-by-bit copy of the entire physical hard drive or floppy disk - including slack and unallocated space. Only forensic copy quality will hold up in court.