Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Recording activities at the keyboard level






2. Potentially compromising leakage of electrical or acoustical signals.






3. A device that provides the functions of both a bridge and a router.






4. For PKI - to have more than one person in charge of a sensitive function






5. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.






6. A template for the designing the architecture






7. The risk that remains after management implements internal controls - or some other response to risk - (Threats x Vulnerability x Asset Value) x Controls Gap = Residual Risk






8. Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).






9. Intellectual property protection for the expression of an idea






10. An unintended communication path






11. Momentary loss of power






12. Uses two or more legal systems






13. Inference about encrypted communications






14. To break a business process into separate functions and assign to different people






15. A process state - to be either be unable to run waiting for an external event or terminated






16. An individuals conduct that violates government laws developed to protect the public






17. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions






18. Regular operations are stopped and where processing is moved to the alternate site.






19. System directed mediation of access with labels






20. Evidence must be: admissible - authentic - complete - accurate - and convincing






21. A failure of an IDS to detect an actual attack






22. Pertaining to law - no omissions






23. A covert storage channel on the file attribute






24. A device that sequentially switches multiple analog inputs to the output.






25. An alert or alarm that is triggered when no actual attack has taken place






26. A Denial of Service attack that exploits packet filter firewalls that only inspect the initial fragment of a fragmented packet.






27. Granular decision by a system of permitting or denying access to a particular resource on the system






28. Converts source code to an executable






29. Requirement of access to data for a clearly defined purpose






30. Threats x Vulnerability x Asset Value = Total Risk






31. A social engineering attack that uses spoofed email or websites to persuade people to divulge information.






32. A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources (e.e workaround procedures - alternate work area - etc.)






33. Control category- to restore to a previous state by removing the adversary and or the results of their actions






34. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid






35. A mathematical tool for verifying no unintentional changes have been made






36. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.






37. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.






38. Information about a particular data set






39. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






40. Data or interference that can trigger a false positive






41. Controls for logging and alerting






42. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.






43. The first rating that requires security labels






44. Information which has retained its importance - but which has been created or stored by software/hardware that has been rendered obsolete.






45. More than one processor sharing same memory - also know as parallel systems






46. Total number of keys available that may be selected by the user of a cryptosystem






47. OOP concept of a distinct copy of the class






48. Sphere of influence






49. Object reuse protection and auditing






50. A perpetrator leaves something behind or takes something with them at the scene of a crime

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183



Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests