Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The core logic engine of an operating system which almost never changes






2. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.






3. A temporary public file to inform others of a compromised digital certificate






4. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






5. Subjects will not interact with each other's objects






6. Dedicated fast memory located on the same board as the CPU






7. A hash that has been further encrypted with a symmetric algorithm






8. A codename that refers to the study and mitigation of information disclosure via electromagnetic emanations from electronic equipment.






9. Employment education done once per position or at significant change of function






10. Encryption system using a pair of mathematically related unequal keys






11. Standard for the establishment - implementation - control - and improvement of the Information Security Management System






12. It is embedded as part of a complete device often including hardware and mechanical parts - Features a limited OS - Mobile phones - routers and wireless devices take a similar approach - Less than robust security features - Difficult to patch.






13. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements






14. What is will remain - persistence






15. A BCP testing type - a test that answers the question: Can the organization operate at the alternate location only?






16. To stop damage from spreading






17. To break a business process into separate functions and assign to different people






18. A Denial of Service attack that exploits packet filter firewalls that only inspect the initial fragment of a fragmented packet.






19. A structured group of teams ready to take control of the recovery operations if a disaster should occur.






20. Code breaking - practice of defeating the protective properties of cryptography.






21. Implementation of operating system protection mechanism - where more sensitive built upon the layering concept






22. Something that happened






23. A distributed system's transaction control that requires updates to complete or rollback






24. A unit of execution






25. Redundant component that provides failover capability in the event of failure or interruption of a primary component.






26. Computing power will double every 18 months

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


27. Total number of keys available that may be selected by the user of a cryptosystem






28. Controls deployed to avert unauthorized and/or undesired actions.






29. Mitigation of system or component loss or interruption through use of backup capability.






30. Motive - opportunity - and means; when looking for suspects it is important to consider these 3 things






31. Substitution at the word or phrase level






32. Mediation of subject and object interactions






33. A backup of data located where staff can gain access readily and a localized disaster will not cause harm






34. Requirement of access to data for a clearly defined purpose






35. Periodic - automatic and transparent backup of data in bulk.






36. The one person responsible for data - its classification and control setting






37. uropean standard for IT security criteria. Wasn't universally adopted. - Consists of four components:1. "Security Target" 2. "Target of Evaluation" or ToE. 3. Functional Levels. 4. Assurance Levels.






38. Organization's prior arrangements made to maintain the functions and processes important to the existence of the organization






39. Creation distribution update and deletion






40. Disruption of operation of an electronic device due to a competing electromagnetic field.






41. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






42. Recognition of an individual's assertion of identity.






43. A document designed to periodically exercise specific action tasks and procedures to ensure viability in a real disaster or severe outage situation.






44. Guidelines within an organization that control the rules and configurations of an IDS






45. To segregate for the purposes of labeling






46. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.






47. Long term knowledge building






48. Memory management technique that allows two processes to run concurrently without interaction






49. Two certificate authorities that trust each other






50. Unchecked data which spills into another location in memory