Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A set of best practices for programmers to seek in all application or data base design: Atomicity - Consistency - Isolation - Durability






2. A risk assessment method - measurable real money cost






3. To load the first piece of software that starts a computer.






4. Dedicated fast memory located on the same board as the CPU






5. Maximum tolerance for loss of certain business function - basis of strategy






6. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.






7. Uses a role-based method to determine access rights and permissions. Role based access control is based on the user's role and responsibilities within the company.






8. Mediates communication between un-trusted hosts on behalf of the hosts that it protects.






9. High level - pertaining to planning






10. The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance - which combines function and assurance requirements






11. An attack technique that exploits systems that do not perform input validation by embedding partial SQL queries inside input.






12. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.






13. A type of attack involving attempted insertion - deletion or altering of data.






14. Recovery alternative which includes cold site and some equipment and infrastructure is available






15. Someone who wants to cause harm






16. An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business - as well as legal or regulatory impacts.






17. Regular operations are stopped and where processing is moved to the alternate site.






18. A perpetrator leaves something behind or takes something with them at the scene of a crime

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


19. Recovery alternative - a building only with sufficient power - and HVAC






20. An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy.






21. Location where coordination and execution of BCP or DRP is directed






22. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.






23. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid






24. A software design technique for abstraction of a process






25. A mathematical tool for verifying no unintentional changes have been made






26. Planning for the delegation of authority required when decisions must be made without the normal chain of command






27. Outputs within a given function are the same result






28. Unauthorized access of information (e.g. Tapping - sniffing - unsecured wireless communication - emanations)






29. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.






30. Requires security labels for all subjects and devices - the existence of a trusted path - routine covert channel analysis - and provision of separate administrator functionality.






31. Mediation of covert channels must be addressed






32. An internal list of contact information used for the communication of incident information - designed in a distributed manor so that no one person is responsible for contacting everyone.






33. Return to a normal state






34. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.






35. Induces a crime - tricks a person - and is illegal






36. Searching for wireless networks in a moving car.






37. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.






38. Small data warehouse






39. Some systems are actually run at the alternate site






40. A process state - to be executing a process on the CPU






41. Natural occurrence in circuits that are in close proximity






42. Those who initiate the attack






43. A control after attack






44. Physical description on the exterior of an object that communicates the existence of a label






45. To set the clearance of a subject or the classification of an object






46. Consume resources to a point of exhaustion - loss of availability






47. Power surge






48. Control type- that is communication based - typically written or oral






49. Demonstrate the actual ability to recover and can verify the compatibility of backup facilities






50. Authentication protocol which only uses symmetric session keys between principals distributed by a 3rd party using different preshared symmetric keys







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests