Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements






2. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals






3. Planning with a goal of returning to the normal business function






4. To collect many small pieces of data






5. Encryption system using shared key/private key/single key/secret key






6. Short period of low voltage.






7. Memory management technique that allows two processes to run concurrently without interaction






8. Code breaking - practice of defeating the protective properties of cryptography.






9. To assert or claim credentialing to an authentication system






10. Memory - RAM






11. Joining two pieces of text






12. An asymmetric cryptography mechanism that provides authentication.






13. Memory management technique which allows data to be moved from one memory address to another






14. Unchecked data which spills into another location in memory






15. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.






16. State of computer - to be running a process






17. Recovery alternative - complete duplication of services including personnel






18. A perpetrator leaves something behind or takes something with them at the scene of a crime

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


19. The event signaling an IDS to produce an alarm when no attack has taken place






20. A mathematical tool for verifying no unintentional changes have been made






21. The study of cryptography and cryptanalysis






22. A risk assessment method - measurable real money cost






23. A layer 2 device that used to connect two or more network segments and regulate traffic.






24. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)






25. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data






26. The first rating that requires security labels






27. Try a list of words in passwords or encryption keys






28. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.






29. Reconnaissance technique - involving automated - brute force identification of potentially vulnerable modems.






30. Business activities or information that could not be interrupted or unavailable for several business days without significantly jeopardizing operation of the organization.






31. The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.






32. A social engineering attack that uses spoofed email or websites to persuade people to divulge information.






33. Companies should have their own team - made up of ppl from management - IT leagal - HR - and public relations - security and other key areas






34. For PKI - to store another copy of a key






35. Intellectual property protection for an confidential and critical process






36. Mediation of covert channels must be addressed






37. A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?






38. To smooth out reductions or increases in power






39. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)






40. System of law based upon precedence - with major divisions of criminal - tort - and administrative






41. A legal enforceable agreement between: two people - two organizations - a person and an organization.






42. System mediation of access with the focus on the context of the request






43. A committee of decision makers - business owners - technology experts and continuity professionals - tasked with making strategic recovery and continuity planning decisions for the organization.






44. Something that happened






45. The core logic engine of an operating system which almost never changes






46. A secure connection to another network.






47. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.






48. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements






49. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?






50. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.