Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A state where two subjects can access the same object without proper mediation






2. Employment education done once per position or at significant change of function






3. A process state - to be either be unable to run waiting for an external event or terminated






4. Planning for the delegation of authority required when decisions must be made without the normal chain of command






5. A signal suggesting a system has been or is being attacked.






6. Control category- to give instructions or inform






7. A test conducted on one or more components of a plan under actual operating conditions.






8. The restoration of computer files from backup media to restore programs and production data to the state that existed at the time of the last safe backup.






9. To execute more than one instruction at an instant in time






10. A technology that reduces the size of a file.






11. Dedicated fast memory located on the same board as the CPU






12. Mitigate damage by isolating compromised systems from the network.






13. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.






14. Need to understand both the assets that need to be protected and management's priorities - Also be prepared to adjust the design over time - and verify the design has been implemented correctly - need to be good negotiator - artist and analyst.






15. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


16. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.






17. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.






18. A record that must be preserved and available for retrieval if needed.






19. Location to perform the business function






20. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.






21. Subject based description of a system or a collection of resources






22. Weak evidence






23. A Denial of Service attack initiated by sending spoofed UDP echo request to IP broadcast addresses. (See Smurf)






24. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services






25. Used to code/decode a digital data stream.






26. Renders the record inaccessible to the database management system






27. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities






28. Recovery alternative - everything needed for the business function - except people and last backup






29. Information that - if made public or even shared around the organization - could seriously impede the organization's operations






30. Just enough access to do the job






31. To ensure that evidence will be admissible in court by showing it was properly controlled and handled before being presented in court






32. Authentication protocol which only uses symmetric session keys between principals distributed by a 3rd party using different preshared symmetric keys






33. Representatives from each functional area or department get together and walk through the plan from beginning to end.






34. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






35. Someone who wants to cause harm






36. Alternate facility - other than the primary production site - where duplicated vital records and documentation may be stored for use during disaster recovery.






37. Control category- to record an adversary's actions






38. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements






39. A planned or unplanned interruption in system availability.






40. A backup of data located where staff can gain access readily and a localized disaster will not cause harm






41. A sudden - unexpected event requiring immediate action due to potential threat to health and safety - the environment - or property.






42. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity






43. Outputs within a given function are the same result






44. Eavesdropping on network communications by a third party.






45. Granular decision by a system of permitting or denying access to a particular resource on the system






46. Is secondhand and usually not admissible in court






47. Eight bits.






48. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.






49. The asynchronous duplication of the production database on separate media to ensure data availability - currency and accuracy. File shadowing can be used as a disaster recovery solution if performed remotely.






50. Natural occurrence in circuits that are in close proximity