Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Sphere of influence






2. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


3. Uses two or more legal systems






4. Initial surge of current






5. Power surge






6. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.






7. Evidence must be: admissible - authentic - complete - accurate - and convincing






8. Notification that a potential disaster situation exists or has occurred; direction for recipient to stand by for possible activation of disaster recovery plan.






9. A programming device use in development to circumvent controls






10. Some systems are actually run at the alternate site






11. An availability attack - to consume resources to the point of exhaustion from multiple vectors






12. A mail server that improperly allows inbound SMTP connections for domains it does not serve.






13. Someone who want to know how something works - typically by taking it apart






14. Unauthorized wireless network access device.






15. Lower frequency noise






16. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a hub).






17. Subset of operating systems components dedicated to protection mechanisms






18. A collection of data or information that has a name






19. To execute more than one instruction at an instant in time






20. Written step-by-step actions






21. Uncleared buffers or media






22. Consume resources to a point of exhaustion - loss of availability






23. A Denial of Service attack initiated by sending spoofed UDP echo request to IP broadcast addresses. (See Smurf)






24. Dedicated fast memory located on the same board as the CPU






25. A technology that reduces the size of a file.






26. Induces a crime - tricks a person - and is illegal






27. System of law based upon precedence - with major divisions of criminal - tort - and administrative






28. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)






29. A device that converts between digital and analog representation of data.






30. Granular decision by a system of permitting or denying access to a particular resource on the system






31. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements






32. Weakness or flaw in an asset






33. Security Policy - Personnel Controls - Supervisory Structure - Security Awareness Training - Testing






34. A failure of an IDS to detect an actual attack






35. Intellectual property protection for an invention






36. A backup of data located where staff can not gain access readily and a regional disaster will not cause harm






37. Individuals and departments responsible for the storage and safeguarding of computerized data.






38. Pertaining to law - lending it self to one side of an argument






39. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress






40. Maximum tolerance for loss of certain business function - basis of strategy






41. Forgery of the sender's email address in an email header.






42. The study of cryptography and cryptanalysis






43. Recording the Who What When Where How of evidence






44. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive






45. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.






46. Mediation of subject and object interactions






47. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.






48. Information about a particular data set






49. Mitigation of system or component loss or interruption through use of backup capability.






50. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions