Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Some systems are actually run at the alternate site






2. A technology that reduces the size of a file.






3. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.






4. A risk assessment method - intrinsic value






5. Vehicle stopping object






6. To stop damage from spreading






7. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.






8. A device that converts between digital and analog representation of data.






9. Controls deployed to avert unauthorized and/or undesired actions.






10. To ensure that evidence will be admissible in court by showing it was properly controlled and handled before being presented in court






11. Recovery alternative - short-term - high cost movable processing location






12. Memory - RAM






13. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.






14. Computing power will double every 18 months

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


15. Memory management technique that allows two processes to run concurrently without interaction






16. Written suggestions that direct choice to a few alternatives






17. A choice in risk management - to implement a control that limits or lessens negative effects






18. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data






19. Not fulfilling legally recognized obligation - failure to conform to a standard of care that results in injury or damage - and proximate causation - not practicing due diligence - or due care - not following prudent person (doing due diligence in due






20. The process of categorizing attack alerts produced from an IDS in order to distinguish false positives from actual attacks






21. Requirement of access to data for a clearly defined purpose






22. A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.






23. Potential danger to information or systems






24. The chance that something negative will occur






25. Redundant component that provides failover capability in the event of failure or interruption of a primary component.






26. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.






27. An attack involving the hijacking of a TCP session by predicting a sequence number.






28. A software design technique for abstraction of a process






29. Information about a particular data set






30. Intellectual property protection for marketing efforts






31. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity






32. OOP concept of an object's abilities - what it does






33. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)






34. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists






35. Framework that defines goals for the controls that should be used to properly manage IT - consists of 4 domains: - Plan and Organize - - Acquire and Implement - Deliver and Support - Monitor and Evaluate






36. Control category- to restore to a previous state by removing the adversary and or the results of their actions






37. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.






38. An alert or alarm that is triggered when no actual attack has taken place






39. Code breaking - practice of defeating the protective properties of cryptography.






40. Location where coordination and execution of BCP or DRP is directed






41. Binary decision by a system of permitting or denying access to the entire system






42. Process of statistically testing a data set for the likelihood of relevant information.






43. To jump to a conclusion






44. Consume resources to a point of exhaustion - loss of availability






45. Adversary intercepts encrypted communications - decrypts - views - encrypts - and send along to the true destination






46. A backup of data located where staff can gain access immediately






47. An attack that breaks up malicious code into fragments - in an attempt to elude detection.






48. Tool which mediates access






49. Real-time - automatic and transparent backup of data.






50. An image compression standard for photographs







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests