Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Computing power will double every 18 months

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


2. A temporary public file to inform others of a compromised digital certificate






3. Recognition of an individual's assertion of identity.






4. The level and label given to an individual for the purpose of compartmentalization






5. Periodic - automatic and transparent backup of data in bulk.






6. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code






7. Impossibility of denying authenticity and identity






8. A process state - to be executing a process on the CPU






9. A physical enclosure for verifying identity before entry to a facility






10. Eavesdropping on network communications by a third party.






11. A. Common Combustibles B. Liquid C. Electrical D Combustible Metals






12. The principles a person sets for themselves to follow






13. Final purpose or result






14. A secure connection to another network.






15. System mediation of access with the focus on the context of the request






16. Not fulfilling legally recognized obligation - failure to conform to a standard of care that results in injury or damage - and proximate causation - not practicing due diligence - or due care - not following prudent person (doing due diligence in due






17. A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)






18. Recording the Who What When Where How of evidence






19. Third party processes used to organize the implementation of an architecture






20. Planning with a goal of returning to the normal business function






21. Outputs within a given function are the same result






22. Two certificate authorities that trust each other






23. Control category- to discourage an adversary from attempting to access






24. Power surge






25. Maximum tolerance for loss of certain business function - basis of strategy






26. Indivisible - data field must contain only one value that either all transactions take place or none do






27. Is secondhand and usually not admissible in court






28. Employment education done once per position or at significant change of function






29. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.






30. Framework that defines goals for the controls that should be used to properly manage IT - consists of 4 domains: - Plan and Organize - - Acquire and Implement - Deliver and Support - Monitor and Evaluate






31. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.






32. An attack involving the hijacking of a TCP session by predicting a sequence number.






33. Key






34. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.






35. Slang for making (burning) a CD-ROM copy of data - whether it is music - software - or other data.






36. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.






37. Inappropriate data






38. The time period between a disaster and a return to normal functions - during which the disaster recovery plan is employed.






39. Natural occurrence in circuits that are in close proximity






40. Requirement to take time off






41. DoS - Spoofing - dictionary - brute force - wardialing






42. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.






43. A perpetrator leaves something behind or takes something with them at the scene of a crime

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


44. Control category- to restore to a previous state by removing the adversary and or the results of their actions






45. Mediation of subject and object interactions






46. Review of data






47. Pertaining to law - accepted by a court






48. Long term knowledge building






49. People protect their domain






50. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.