Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. False memory reference
Safeguard
Disaster
Dangling Pointer
Recovery Time Objectives

2. Something that happened
Data Dictionary
Investigation
Event
Risk

3. The collection and summation of risk data relating to a particular asset and controls for that asset
Permutation /Transposition
Data Owner
Birthday Attack
Risk Assessment

4. Memory management technique that allows two processes to run concurrently without interaction
Policy
Qualitative
Protection
Denial Of Service

5. A group of hard drives working as one storage unit for the purpose of speed and fault tolerance
Education
HTTP Response Splitting
Intrusion Detection Systems
Redundant Array Of Independent Drives (RAID)

6. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?
Coaxial Cable
Walk Though
Analysis
Incident Handling

7. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive
Criminal Law
Rogue Access Points
Virtual Memory
Archival Data

8. Key
Cryptovariable
Isolation
Recovery Strategy
Digital Signature

9. Pertaining to law - no omissions
Mandatory
Complete
Architecture
Quantitative

10. Security Policy - Personnel Controls - Supervisory Structure - Security Awareness Training - Testing
Service Bureau
Administrative Access Controls
State Machine Model
EMI

11. OOP concept of a distinct copy of the class
3 Types of harm Addressed in computer crime laws
Object
Emanations
Failure Modes and Effect Analysis (FEMA)

12. To collect many small pieces of data
Life Cycle of Evidence
Classification
Polymorphism
Aggregation

13. Reduces causes of fire
Mirrored Site
Fire Prevention
Checksum
Rollback

14. Memory management technique which allows data to be moved from one memory address to another
Orange Book C2 Classification
Business Recovery Timeline
Relocation
Worm

15. Amount of time for restoring a business process or function to normal operations without major loss
Maximum Tolerable Downtime (MTD)
Assembler
Firmware
Lattice

16. A temporary public file to inform others of a compromised digital certificate
Key Clustering
Certificate Revocation List (CRL)
Metadata
Cross-Site Scripting

17. Cooperative hardware and operating system notification process for prioritizing execution due to the change in state of components
Firmware
Mixed Law System
Masked/Interruptible
Gateway

18. Intellectual property protection for the expression of an idea
Buffer Overflow
Secondary Storage
Event
Copyright

19. A subnetwork with storage devices servicing all servers on the attached network.
Storage Area Network (SAN)
Orange Book A Classification
TIFF (Tagged Image File Format)
Repeaters

20. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.
Hot Spares
Mirroring
Radio Frequency Interference (RFI)
Deleted File

21. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

22. After being seized - the investigator should make a bit mirror image copy of the storage media before doing anything else.
ITSEC
Computer System Evidence
Moore's Law
Strong Authentication

23. A signal suggesting a system has been or is being attacked.
Alert/Alarm
Job Training
Legacy Data
Durability

24. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing
Vital Record
Technical Access Controls
Access Control Matrix
Disaster Recovery Tape

25. The level and label given to an individual for the purpose of compartmentalization
Security Clearance
Security Domain
Multi-Core
Degauss

26. A layer 3 device that used to connect two or more network segments and regulate traffic.
Routers
Salami
Spam
Fraggle

27. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions
Open Mail Relay Servers
Resumption
Picking
Spyware

28. Using small special tools all tumblers of the lock are aligned - opening the door
E-Mail Spoofing
Certification Authority
Picking
Embedded

29. Record history of incident
Tracking
Surge
Enticement
Blind Testing

30. Binary decision by a system of permitting or denying access to the entire system
Data Recovery
Policy
Admissible
Authentication

31. A world-wide wireless technology
Initialization Vector
Wireless Fidelity (Wi-Fi )
Accreditation
Deterrent

32. A description of a database
ISO/IEC 27002
Encapsulation
Risk Assessment
Data Dictionary

33. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.
Examples of non-technical security components
Metadata
Authentic
Twisted Pair

34. Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.
Ethics
Initialization Vector
Fiber Optics
Fire Suppression

35. To execute more than one instruction at an instant in time
Locard's Principle
Desk Check Test
Distributed Processing
Multi-Processing

36. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.
Labeling
Simulation Test
Trusted Computing Base
Business Interruption

37. Define the way in which the organization operates.
Patch Management
Pointer
Proprietary
Crisis

38. A cooperative collection of business processes and technologies used for the purpose of binding individuals to a digital certificate
Critical Records
Public Key Infrastructure (PKI)
Coaxial Cable
Threat Agent

39. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner
Life Cycle of Evidence
Codec
Data Dictionary
Covert Channel

40. Policy or stated actions
Due Care
Shielding
Mobile Site
Brouter

41. An availability attack - to consume resources to the point of exhaustion
Job Rotation
Denial Of Service
Covert Channel
False Attack Stimulus

42. A basic level of network access control that is based upon information contained in the IP packet header.
Packet Filtering
Business Continuity Steering Committee
Overlapping Fragment Attack
Honeypot

43. Program instructions based upon the CPU's specific architecture
Machine Language (Machine Code)
Information Owner
Asymmetric
Classification Scheme

44. A secure connection to another network.
True Attack Stimulus
Safeguard
Gateway
Corrective

45. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.
Confidence Value
Inrush Current
Orange Book A Classification
Access Point

46. Inappropriate data
Business Records
Risk Mitigation
Business Recovery Team
Malformed Input

47. To assert or claim credentialing to an authentication system
Top Secret
Burn
Infrastructure
Identification

48. A practice execution of the plan takes place. A specific scenario is established - and the simulation continues up to the point of actual relocation to the alternate site.
Workaround Procedures
Simulation Test
Checklist Test
Business Continuity Program

49. A protocol for the efficient transmission of voice over the Internet
Key Escrow
Voice Over IP (VOIP)
Message Digest
Data Owner

50. Substitution at the word or phrase level
Business Continuity Planning (BCP)
Work Factor
Admissible
Code