Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Unauthorized access of network devices.






2. Deals with discretionary protection






3. A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources (e.e workaround procedures - alternate work area - etc.)






4. Object based description of a system or a collection of resources






5. People who interact with assets






6. Less granular organization of controls -






7. Uses two or more legal systems






8. Short period of low voltage.






9. Regular operations are stopped and where processing is moved to the alternate site.






10. A value an organization places on an IDS based on past performance and analysis to help determine its ability to effectively identify an attack






11. An individuals conduct that violates government laws developed to protect the public






12. A system designed to prevent unauthorized access to or from a private network.






13. Controls deployed to avert unauthorized and/or undesired actions.






14. People protect their domain






15. Object based description of a single resource and the permission each subject






16. A record that must be preserved and available for retrieval if needed.






17. Some systems are actually run at the alternate site






18. Granular decision by a system of permitting or denying access to a particular resource on the system






19. Initial surge of current






20. A subnetwork with storage devices servicing all servers on the attached network.






21. Authentication protocol which only uses symmetric session keys between principals distributed by a 3rd party using different preshared symmetric keys






22. The process of logging changes or updates to a database since the last full backup. Journals can be used to recover previous versions of a file before updates were made - or to facilitate disaster recovery.






23. A process state - to be either be unable to run waiting for an external event or terminated






24. Loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.






25. Individuals and departments responsible for the storage and safeguarding of computerized data.






26. Mediates communication between un-trusted hosts on behalf of the hosts that it protects.






27. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.






28. Code breaking - practice of defeating the protective properties of cryptography.






29. Key






30. The restoration of computer files from backup media to restore programs and production data to the state that existed at the time of the last safe backup.






31. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid






32. Guidelines within an organization that control the rules and configurations of an IDS






33. Trading one for another






34. Intellectual property protection for marketing efforts






35. One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions






36. Something that happened






37. Encryption system using shared key/private key/single key/secret key






38. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


39. The process of assessing damage - following a disaster - to computer hardware - vital records - office facilities - etc. And determining what can be salvaged or restored and what must be replaced.






40. An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business - as well as legal or regulatory impacts.






41. High degree of visual control






42. Recovery alternative - short-term - high cost movable processing location






43. Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.






44. A disturbance that degrades performance of electronic devices and electronic communications.






45. Hiding the fact that communication has occurred






46. A set of best practices for programmers to seek in all application or data base design: Atomicity - Consistency - Isolation - Durability






47. A race condition where the security changes during the object's access






48. Control category - more than one control on a single asset






49. Information residing on computer systems - that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion - modification or reconstruction.






50. A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.