Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A record that must be preserved and available for retrieval if needed.






2. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.






3. Unauthorized wireless network access device.






4. A system designed to prevent unauthorized access to or from a private network.






5. Subject based description of a system or a collection of resources






6. Intellectual property protection for an invention






7. A programming device use in development to circumvent controls






8. Hitting a filed down key in a lock with a hammer to open without real key






9. A process state - to be executing a process on the CPU






10. Encryption system using shared key/private key/single key/secret key






11. A practice execution of the plan takes place. A specific scenario is established - and the simulation continues up to the point of actual relocation to the alternate site.






12. Recovery alternative - short-term - high cost movable processing location






13. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






14. An attack technique that exploits systems that do not perform input validation by embedding partial SQL queries inside input.






15. Memory - RAM






16. May be responsible for overall recovery of an organization or unit(s).






17. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.






18. A race condition where the security changes during the object's access






19. Sphere of influence






20. A basic level of network access control that is based upon information contained in the IP packet header.






21. A legal enforceable agreement between: two people - two organizations - a person and an organization.






22. Process whereby data is removed from active files and other data storage structures






23. Recording activities at the keyboard level






24. For PKI - to have more than one person in charge of a sensitive function






25. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.






26. Potential danger to information or systems






27. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.






28. A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources (e.e workaround procedures - alternate work area - etc.)






29. Amount of time for restoring a business process or function to normal operations without major loss






30. Granular decision by a system of permitting or denying access to a particular resource on the system






31. A signal suggesting a system has been or is being attacked.






32. Converts a high level language into machine language






33. To move from location to location - keeping the same function






34. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.






35. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.






36. Highly sensitive internal documents that could seriously damage the organization if such information were lost or made public.






37. Notification that a potential disaster situation exists or has occurred; direction for recipient to stand by for possible activation of disaster recovery plan.






38. A state for operating system tasks only






39. With enough computing power trying all possible combinations






40. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)






41. A social engineering attack that uses spoofed email or websites to persuade people to divulge information.






42. Asymmetric encryption of a hash of message






43. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.






44. Initial surge of current






45. Subjects will not interact with each other's objects






46. Reduces causes of fire






47. System of law based upon what is good for society






48. A perpetrator leaves something behind or takes something with them at the scene of a crime

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


49. Short period of low voltage.






50. A type of multitasking that allows for more even distribution of computing time among competing request