Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Act of luring an intruder and is legal.






2. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).






3. A value an organization places on an IDS based on past performance and analysis to help determine its ability to effectively identify an attack






4. Initial surge of current






5. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






6. An asymmetric cryptography mechanism that provides authentication.






7. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services






8. Lower frequency noise






9. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.






10. The problems solving state - the opposite of supervisor mode






11. To jump to a conclusion






12. The chance that something negative will occur






13. Abstract and mathematical in nature - defining all possible states - transitions and operations






14. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.






15. Mediation of covert channels must be addressed






16. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?






17. Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.






18. Pertaining to law - accepted by a court






19. A perpetrator leaves something behind or takes something with them at the scene of a crime

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


20. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.






21. A backup of data located where staff can gain access immediately






22. Define the way in which the organization operates.






23. Owner directed mediation of access






24. A subnetwork with storage devices servicing all servers on the attached network.






25. Encryption system using shared key/private key/single key/secret key






26. Implementation of operating system protection mechanism - where more sensitive built upon the layering concept






27. Weak evidence






28. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions






29. A structured group of teams ready to take control of the recovery operations if a disaster should occur.






30. A list of team members and/or key players to be contacted including their backups. The list will include the necessary contact information (i.e. Home phone - pager - cell - etc.) And in most cases be considered confidential.






31. Small data warehouse






32. Code making






33. An alert or alarm that is triggered when no actual attack has taken place






34. A program with an inappropriate second purpose






35. Controls for logging and alerting






36. Malware that subverts the detective controls of an operating system






37. High level design or model with a goal of consistency - integrity - and balance






38. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.






39. OOP concept of a distinct copy of the class






40. Continuous surveillance - to provide for detection and response of any failure in preventive controls.






41. To know more than one job






42. Converts a high level language into machine language






43. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.






44. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.






45. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.






46. Two different keys decrypt the same cipher text






47. The process of identifying - accessing - reducing risk to an acceptable level - and implementing the right countermeasure to maintain that level of risk






48. High frequency noise






49. Effort/time needed to overcome a protective measure






50. Business and technical process of applying security software updates in a regulated periodic way






Can you answer 50 questions in 15 minutes?



Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests