Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Written suggestions that direct choice to a few alternatives






2. Authentication protocol which only uses symmetric session keys between principals distributed by a 3rd party using different preshared symmetric keys






3. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.






4. An unintended communication path






5. For PKI - decertify an entities certificate






6. Computing power will double every 18 months

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


7. A mobilized resource purchased or contracted for the purpose of business recovery.






8. Requires two of the three user authentication attributes (knows - is or has) - e.g. you have an ATM card and enter a PIN






9. Review of data






10. Natural or human-readable form of message






11. A disturbance that degrades performance of electronic devices and electronic communications.






12. More than one process in the middle of executing at a time






13. Intellectual property management technique for identifying after distribution






14. Control category- to record an adversary's actions






15. Regular operations are stopped and where processing is moved to the alternate site.






16. The restoration of computer files from backup media to restore programs and production data to the state that existed at the time of the last safe backup.






17. A mathematical tool for verifying no unintentional changes have been made






18. Objects or programming that looks the different but act same






19. Asymmetric encryption of a hash of message






20. Two certificate authorities that trust each other






21. Substitution at the word or phrase level






22. Short period of low voltage.






23. A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.






24. Narrow scope examination of a system






25. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.






26. Standard for the establishment - implementation - control - and improvement of the Information Security Management System






27. OOP concept of an object's abilities - what it does






28. Abstract and mathematical in nature - defining all possible states - transitions and operations






29. Creation distribution update and deletion






30. The document that defines the resources - actions - tasks and data required to manage the business recovery process in the event of a business interruption within the stated disaster recovery goals.






31. Act of luring an intruder and is legal.






32. Used to code/decode a digital data stream.






33. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.






34. A system that enforces an access control policy between two networks.






35. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.






36. The event signaling an IDS to produce an alarm when no attack has taken place






37. A form of data hiding which protects running threads of execution from using each other's memory






38. Something that happened






39. A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the security policy






40. Written core statements that rarely change






41. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.






42. A group or network of honeypots






43. A program that waits for a condition or time to occur that executes an inappropriate activity






44. A layer 2 device that used to connect two or more network segments and regulate traffic.






45. Specific format of technical and physical controls that support the chosen framework and the architecture






46. A documented battle plan for coordinating response to incidents.






47. A test conducted on one or more components of a plan under actual operating conditions.






48. Use of specialized techniques for recovery - authentication - and analysis of electronic data






49. Define the way in which the organization operates.






50. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.