Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The managerial approval to operate a system based upon knowledge of risk to operate






2. OOP concept of a distinct copy of the class






3. A design methodology which executes in a linear one way fashion






4. Information that - if made public or even shared around the organization - could seriously impede the organization's operations






5. Initial surge of current






6. Computing power will double every 18 months

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


7. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a hub).






8. OOP concept of a template that consist of attributes and behaviors






9. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.






10. For PKI - to store another copy of a key






11. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.






12. Weakness or flaw in an asset






13. A condition in which neither party is willing to stop their activity for the other to complete






14. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).






15. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.






16. Intermediate level - pertaining to planning






17. A program that waits for a condition or time to occur that executes an inappropriate activity






18. A group of individuals responsible for maintaining the business recovery procedures and coordinating the recovery of business functions and processes.






19. Indivisible - data field must contain only one value that either all transactions take place or none do






20. Those who initiate the attack






21. To segregate for the purposes of labeling






22. The process of identifying - accessing - reducing risk to an acceptable level - and implementing the right countermeasure to maintain that level of risk






23. The core of a computer that calculates






24. A template for the designing the architecture






25. A risk assessment method - intrinsic value






26. Statistical probabilities of a collision are more likely than one thinks






27. After being seized - the investigator should make a bit mirror image copy of the storage media before doing anything else.






28. The partial or full duplication of data from a source database to one or more destination databases.






29. Two different keys decrypt the same cipher text






30. Just enough access to do the job






31. Pertaining to law - no omissions






32. Unsolicited advertising software






33. To create a copy of data as a precaution against the loss or damage of the original data.






34. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.






35. The problems solving state - the opposite of supervisor mode






36. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.






37. An image compression standard for photographs






38. Heavily populated areas - particularly susceptible to high-intensity earthquakes - floods - tsunamis - or other disasters - for which emergency response may be necessary in the event of a disaster.






39. Transaction controls for a database - a return to a previous state






40. Business and technical process of applying security software updates in a regulated periodic way






41. Employment education done once per position or at significant change of function






42. One of the most important first steps in the planning development. Qualitative and quantitative data needs to be gathered - analyzed - interpreted and presented to management






43. A mail server that improperly allows inbound SMTP connections for domains it does not serve.






44. Amount of time for restoring a business process or function to normal operations without major loss






45. The response of an organization to a disaster or other significant event that may significantly impact the organization - its people - or its ability to function productively.






46. Notification that a potential disaster situation exists or has occurred; direction for recipient to stand by for possible activation of disaster recovery plan.






47. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid






48. Pertaining to law - accepted by a court






49. A state where two subjects can access the same object without proper mediation






50. Recovery alternative - complete duplication of services including personnel