Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The first rating that requires security labels






2. Requires two of the three user authentication attributes (knows - is or has) - e.g. you have an ATM card and enter a PIN






3. Information about data or records






4. The level and label given to an individual for the purpose of compartmentalization






5. Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated






6. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.






7. OOP concept of a taking attributes from the original or parent






8. A risk assessment method - intrinsic value






9. Fault tolerance for power






10. The problems solving state - the opposite of supervisor mode






11. Statistical probabilities of a collision are more likely than one thinks






12. Written core statements that rarely change






13. Control category- to give instructions or inform






14. Security policy - procedures - and compliance enforcement






15. Object based description of a single resource and the permission each subject






16. Key






17. For PKI - decertify an entities certificate






18. Real-time - automatic and transparent backup of data.






19. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.






20. A signal suggesting a system has been or is being attacked.






21. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions






22. A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.






23. Communicate to stakeholders






24. A type a computer memory that temporarily stores frequently used information for quick access.






25. Organized group of compromised computers






26. Disk space it used to occupy has been designated by the computer as available for reuse. The deleted file remains intact until it has been overwritten with a new file.






27. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.






28. The document that defines the resources - actions - tasks and data required to manage the business recovery process in the event of a business interruption within the stated disaster recovery goals.






29. A distributed system's transaction control that requires updates to complete or rollback






30. Measures followed to restore critical functions following a security incident.






31. An availability attack - to consume resources to the point of exhaustion from multiple vectors






32. Converts source code to an executable






33. A device that converts between digital and analog representation of data.






34. Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents - and for the restoration of normal operations at the primary site.






35. Claiming another's identity at a physical level






36. Eavesdropping on network communications by a third party.






37. A shield against leakage of electromagnetic signals.






38. Loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.






39. Control category- to record an adversary's actions






40. A perpetrator leaves something behind or takes something with them at the scene of a crime

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


41. Natural or human-readable form of message






42. Interception of a communication session by an attacker.






43. A critical event - which - if not handled in an appropriate manner - may dramatically impact an organization's profitability - reputation - or ability to operate.






44. Methodical research of an incident with the purpose of finding the root cause






45. Are bound to objects and indicate what subjects can use them - typically kept by a network device (router - switch and so on) to control access to or from the device for a number of services






46. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.






47. A layer 3 device that used to connect two or more network segments and regulate traffic.






48. A device that sequentially switches multiple analog inputs to the output.






49. Can be statistical (monitor behavior) or signature based (watch for known attacks)






50. An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business - as well as legal or regulatory impacts.