Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An attack involving the hijacking of a TCP session by predicting a sequence number.






2. Reduces causes of fire






3. Natural or human-readable form of message






4. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.






5. Line noise that is superimposed on the supply circuit.






6. Abstract and mathematical in nature - defining all possible states - transitions and operations






7. The document that defines the resources - actions - tasks and data required to manage the business recovery process in the event of a business interruption within the stated disaster recovery goals.






8. An access policy that uses a security label system. Users have clearances - and resources have security labels that contain data classifications. MAC compares these two attributes to determine access control capabilies - most commonly used in governm






9. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.






10. Memory management technique which allows data to be moved from one memory address to another






11. Standard for the establishment - implementation - control - and improvement of the Information Security Management System






12. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.






13. A backup of data located where staff can gain access readily and a localized disaster will not cause harm






14. Granular decision by a system of permitting or denying access to a particular resource on the system






15. The one person responsible for data - its classification and control setting






16. State of computer - to be running a process






17. Encryption system using shared key/private key/single key/secret key






18. A system that enforces an access control policy between two networks.






19. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






20. A technology that reduces the size of a file.






21. A perpetrator leaves something behind or takes something with them at the scene of a crime

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


22. Forgery of the sender's email address in an email header.






23. A system designed to prevent unauthorized access to or from a private network.






24. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements






25. Converts source code to an executable






26. The core of a computer that calculates






27. Measures followed to restore critical functions following a security incident.






28. Written internalized or nationalized norms that are internal to an organization






29. Transaction controls for a database - a return to a previous state






30. Return to a normal state






31. Memory management technique which allows subjects to use the same resource






32. Tool which mediates access






33. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.






34. A race condition where the security changes during the object's access






35. An attack that breaks up malicious code into fragments - in an attempt to elude detection.






36. Prolonged loss of commercial power






37. Is secondhand and usually not admissible in court






38. A state where two subjects can access the same object without proper mediation






39. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.






40. A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.






41. Object based description of a system or a collection of resources






42. Intellectual property protection for an invention






43. To smooth out reductions or increases in power






44. Indivisible - data field must contain only one value that either all transactions take place or none do






45. Periodic - automatic and transparent backup of data in bulk.






46. Uncleared buffers or media






47. Control category- to give instructions or inform






48. A test conducted on multiple components of a plan - in conjunction with each other - typically under simulated operating conditions






49. Less granular organization of controls -






50. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.