Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.






2. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






3. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive






4. Adversary intercepts encrypted communications - decrypts - views - encrypts - and send along to the true destination






5. False memory reference






6. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


7. Fault tolerance for power






8. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.






9. A temporary public file to inform others of a compromised digital certificate






10. To jump to a conclusion






11. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.






12. A type a computer memory that temporarily stores frequently used information for quick access.






13. Control category- to restore to a previous state by removing the adversary and or the results of their actions






14. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.






15. Asymmetric encryption of a hash of message






16. Security policy - procedures - and compliance enforcement






17. A copy of transaction data - designed for querying and reporting






18. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.






19. Momentary loss of power






20. A programming device use in development to circumvent controls






21. An attack technique that exploits systems that do not perform input validation by embedding partial SQL queries inside input.






22. Hitting a filed down key in a lock with a hammer to open without real key






23. uropean standard for IT security criteria. Wasn't universally adopted. - Consists of four components:1. "Security Target" 2. "Target of Evaluation" or ToE. 3. Functional Levels. 4. Assurance Levels.






24. Threats x Vulnerability x Asset Value = Total Risk






25. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.






26. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)






27. A planned or unplanned interruption in system availability.






28. What is will remain - persistence






29. A process state - to be executing a process on the CPU






30. Converts a high level language into machine language






31. Final purpose or result






32. Recovery alternative - short-term - high cost movable processing location






33. Recovery alternative - everything needed for the business function - except people and last backup






34. The principles a person sets for themselves to follow






35. A physical enclosure for verifying identity before entry to a facility






36. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)






37. Uncheck data input which results in redirection






38. Control type- that is communication based - typically written or oral






39. Vehicle stopping object






40. A software design technique for abstraction of a process






41. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.






42. Two different keys decrypt the same cipher text






43. Object based description of a system or a collection of resources






44. High degree of visual control






45. Uses a role-based method to determine access rights and permissions. Role based access control is based on the user's role and responsibilities within the company.






46. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.






47. Recognition of an individual's assertion of identity.






48. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.






49. A device that converts between digital and analog representation of data.






50. Written internalized or nationalized norms that are internal to an organization