Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.






2. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






3. The current internationally accepted set of standards and processes for information security products evaluation and assurance - which joins function and assurance requirements






4. Disruption of operation of an electronic device due to a competing electromagnetic field.






5. Control category- to discourage an adversary from attempting to access






6. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?






7. Control category - more than one control on a single asset






8. A BCP testing type - a test that answers the question: Can the organization operate at the alternate location only?






9. Provides a physical cross connect point for devices.






10. Computing power will double every 18 months

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


11. To stop damage from spreading






12. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.






13. Control category- to record an adversary's actions






14. Summary of a communication for the purpose of integrity






15. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity






16. Object based description of a system or a collection of resources






17. The study of cryptography and cryptanalysis






18. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.






19. A Denial of Service attack that floods the target system with connection requests that are not finalized.






20. Unsolicited advertising software






21. Part of a transaction control for a database which informs the database of the last recorded transaction






22. To start business continuity processes






23. For PKI - to have more than one person in charge of a sensitive function






24. Adversary intercepts encrypted communications - decrypts - views - encrypts - and send along to the true destination






25. Objects or programming that looks the different but act same






26. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


27. A planned or unplanned interruption in system availability.






28. Organization's prior arrangements made to maintain the functions and processes important to the existence of the organization






29. Natural occurrence in circuits that are in close proximity






30. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services






31. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems






32. OOP concept of a taking attributes from the original or parent






33. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.






34. A signal suggesting a system has been or is being attacked.






35. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.






36. Process whereby data is removed from active files and other data storage structures






37. One way encryption






38. The technical and risk assesment of a system within the context of the operating environment






39. Scrambled form of the message or data






40. Amount of time for restoring a business process or function to normal operations without major loss






41. A collection of information designed to reduce duplication and increase integrity






42. A database backup type which records at the transaction level






43. A system that enforces an access control policy between two networks.






44. An encryption method that has a key as long as the message






45. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.






46. DoS - Spoofing - dictionary - brute force - wardialing






47. Potentially compromising leakage of electrical or acoustical signals.






48. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.






49. Transaction controls for a database - a return to a previous state






50. Momentary loss of power