Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Objects or programming that looks the different but act same






2. Controls for logging and alerting






3. Something that happened






4. High frequency noise






5. Tool which mediates access






6. Uses two or more legal systems






7. All of the protection mechanism in a computer system






8. Third party processes used to organize the implementation of an architecture






9. Outputs within a given function are the same result






10. Threats x Vulnerability x Asset Value = Total Risk






11. Policy or stated actions






12. A Denial of Service attack that exploits systems that are not able to handle malicious - overlapping and oversized IP fragments.






13. The process of assessing damage - following a disaster - to computer hardware - vital records - office facilities - etc. And determining what can be salvaged or restored and what must be replaced.






14. A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.






15. Real-time data backup ( Data Mirroring)






16. Reduces causes of fire






17. Evaluation of a system without prior knowledge by the tester






18. Used to code/decode a digital data stream.






19. A list of team members and/or key players to be contacted including their backups. The list will include the necessary contact information (i.e. Home phone - pager - cell - etc.) And in most cases be considered confidential.






20. Memory management technique which allows data to be moved from one memory address to another






21. A risk assessment method - measurable real money cost






22. An availability attack - to consume resources to the point of exhaustion






23. System of law based upon what is good for society






24. A device that converts between digital and analog representation of data.






25. Moving the alphabet intact a certain number spaces






26. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)






27. Computing power will double every 18 months

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


28. A value an organization places on an IDS based on past performance and analysis to help determine its ability to effectively identify an attack






29. Those who initiate the attack






30. A set of best practices for programmers to seek in all application or data base design: Atomicity - Consistency - Isolation - Durability






31. Descrambling the encrypted message with the corresponding key






32. Autonomous malware that requires a flaw in a service






33. Intellectual property protection for an invention






34. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


35. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






36. A program with an inappropriate second purpose






37. To create a copy of data as a precaution against the loss or damage of the original data.






38. Intellectual property protection for marketing efforts






39. A planned or unplanned interruption in system availability.






40. Object reuse protection and auditing






41. The collection and summation of risk data relating to a particular asset and controls for that asset






42. Natural occurrence in circuits that are in close proximity






43. Abstract and mathematical in nature - defining all possible states - transitions and operations






44. The time period between a disaster and a return to normal functions - during which the disaster recovery plan is employed.






45. The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.






46. Program instructions based upon the CPU's specific architecture






47. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)






48. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists






49. Just enough access to do the job






50. The hard drive