Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.






2. Security Policy - Personnel Controls - Supervisory Structure - Security Awareness Training - Testing






3. Autonomous malware that requires a flaw in a service






4. Reprogrammable basic startup instructions






5. Scrambled form of the message or data






6. Substitution at the word or phrase level






7. Lower frequency noise






8. Unsolicited commercial email






9. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?






10. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing






11. Outputs within a given function are the same result






12. Act of luring an intruder and is legal.






13. A secure connection to another network.






14. Business and technical process of applying security software updates in a regulated periodic way






15. A backup type which creates a complete copy






16. Granular decision by a system of permitting or denying access to a particular resource on the system






17. A device that sequentially switches multiple analog inputs to the output.






18. An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy.






19. Organized group of compromised computers






20. Return to a normal state






21. The process of assessing damage - following a disaster - to computer hardware - vital records - office facilities - etc. And determining what can be salvaged or restored and what must be replaced.






22. Try a list of words in passwords or encryption keys






23. A list of team members and/or key players to be contacted including their backups. The list will include the necessary contact information (i.e. Home phone - pager - cell - etc.) And in most cases be considered confidential.






24. Less granular organization of controls -






25. Subjects will not interact with each other's objects






26. A program that waits for a condition or time to occur that executes an inappropriate activity






27. Calculation encompassing threats - vulnerabilities and assets






28. Interim procedures that may be used by a business unit to enable it to continue to perform its critical functions during temporary unavailability of information and/or resources






29. Pertaining to law - accepted by a court






30. Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).






31. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.






32. More than one processor sharing same memory - also know as parallel systems






33. Joining two pieces of text






34. Requirement of access to data for a clearly defined purpose






35. A disturbance that degrades performance of electronic devices and electronic communications.






36. A layer 2 device that used to connect two or more network segments and regulate traffic.






37. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.






38. DoS - Spoofing - dictionary - brute force - wardialing






39. Interception of a communication session by an attacker.






40. Alerts personnel to the presence of a fire






41. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






42. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.






43. A perpetrator leaves something behind or takes something with them at the scene of a crime

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


44. Written step-by-step actions






45. Asymmetric encryption of a hash of message






46. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.






47. A collection of information designed to reduce duplication and increase integrity






48. Final purpose or result






49. The past U.S. military accepted set of standards and processes for network evaluation and assurance - which combines function and assurance requirements






50. Loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.