Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Two certificate authorities that trust each other






2. Forgery of the sender's email address in an email header.






3. To stop damage from spreading






4. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.






5. A backup of data located where staff can gain access immediately






6. A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.






7. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.






8. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.






9. A temporary public file to inform others of a compromised digital certificate






10. A program with an inappropriate second purpose






11. A record that must be preserved and available for retrieval if needed.






12. The past internationally accepted set of standards and processes for information security products evaluation and assurance - which separates function and assurance requirements






13. Program instructions based upon the CPU's specific architecture






14. Provides a physical cross connect point for devices.






15. A backup type which creates a complete copy






16. Adversary intercepts encrypted communications - decrypts - views - encrypts - and send along to the true destination






17. Guidelines within an organization that control the rules and configurations of an IDS






18. Server optimized for providing file-based data storage to the network. Unlike a File Server - a NAS unit has no input or output devices - and the OS is dedicated for providing storage services.






19. For PKI - to have more than one person in charge of a sensitive function






20. Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.






21. A device that converts between digital and analog representation of data.






22. Uses a role-based method to determine access rights and permissions. Role based access control is based on the user's role and responsibilities within the company.






23. Attempts to assign real and meaningful numbers to all elements of the risk analysis process.






24. Methodical research of an incident with the purpose of finding the root cause






25. The level and label given to an individual for the purpose of compartmentalization






26. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.






27. Encryption system using shared key/private key/single key/secret key






28. Of a system without prior knowledge by the tester or the tested






29. Standard for the establishment - implementation - control - and improvement of the Information Security Management System






30. A process state - to be either be unable to run waiting for an external event or terminated






31. Sudden rise in voltage in the power supply.






32. The process of planning for and/or implementing the restarting of defined business operations following a disaster - usually beginning with the most critical or time-sensitive functions






33. A comprehensive set of controls comprising best practices in information security and provides guidelines on how to set up and maintain security programs.






34. Requirement of access to data for a clearly defined purpose






35. Computing power will double every 18 months

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


36. Potentially compromising leakage of electrical or acoustical signals.






37. A backup type - for databases at a point in time






38. To move from location to location - keeping the same function






39. A perpetrator leaves something behind or takes something with them at the scene of a crime

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


40. System Access - Network Architecture - Network Access - Encryption and Protocols - and Auditing






41. Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.






42. Must be legally permissible - meaning it was seized legally and the chain of custody was not broken. To be admissible in court - it needs to be relevant - sufficient - and reliable.






43. Effort/time needed to overcome a protective measure






44. Rapid switching back and forth between programs from the computer's perspective and appearing to do more that one thing at a time from the user's perspective






45. Unsolicited commercial email






46. A control after attack






47. Communication of a security incident to stakeholders and data owners.






48. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions






49. Unauthorized access of network devices.






50. Low level - pertaining to planning