Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.






2. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.






3. A failure of an IDS to detect an actual attack






4. A program with an inappropriate second purpose






5. Requirement to take time off






6. Abstract and mathematical in nature - defining all possible states - transitions and operations






7. Evidence must be: admissible - authentic - complete - accurate - and convincing






8. A documented battle plan for coordinating response to incidents.






9. To ensure that evidence will be admissible in court by showing it was properly controlled and handled before being presented in court






10. High level design or model with a goal of consistency - integrity - and balance






11. Threats x Vulnerability x Asset Value = Total Risk






12. Unauthorized wireless network access device.






13. A type a computer memory that temporarily stores frequently used information for quick access.






14. Unauthorized intrusion - unauthorized alteration or destruction - and using malicious code






15. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


16. Mediation of covert channels must be addressed






17. A programming device use in development to circumvent controls






18. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.






19. The chronological sequence of recovery activities - or critical path - that must be followed to resume an acceptable level of operations following a business interruption.






20. Records or documents that - if damaged or destroyed - would cause considerable inconvenience and/or require replacement or recreation at considerable expense.






21. The time period between a disaster and a return to normal functions - during which the disaster recovery plan is employed.






22. Lower frequency noise






23. Periodic - automatic and transparent backup of data in bulk.






24. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."






25. One method of exercising teams in which participants are challenged to determine the actions they would take in the event of a specific disaster scenario. Mock disasters usually involve all - or most - of the applicable teams.






26. A collection of information designed to reduce duplication and increase integrity






27. Just enough access to do the job






28. Line noise that is superimposed on the supply circuit.






29. Motive - opportunity - and means; when looking for suspects it is important to consider these 3 things






30. A test conducted on multiple components of a plan - in conjunction with each other - typically under simulated operating conditions






31. Text that does not include special formatting features and therefore can be exchanged and read by most computer systems






32. The duplication of data on separate disks in real time to ensure its continuous availability - currency and accuracy. True mirroring will enable a zero recovery point objective.






33. A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources (e.e workaround procedures - alternate work area - etc.)






34. A legal enforceable agreement between: two people - two organizations - a person and an organization.






35. Wrong against society






36. A mail server that improperly allows inbound SMTP connections for domains it does not serve.






37. Eavesdropping on network communications by a third party.






38. Descrambling the encrypted message with the corresponding key






39. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.






40. Potentially retrievable data residue that remains following intended erasure of data.






41. A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)






42. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.






43. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.






44. System directed mediation of access with labels






45. Is secondhand and usually not admissible in court






46. Inference about encrypted communications






47. A passive network attack involving monitoring of traffic.






48. An attack that breaks up malicious code into fragments - in an attempt to elude detection.






49. A Denial of Service attack that floods the target system with connection requests that are not finalized.






50. A database backup type which records at the transaction level