Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Highly sensitive internal documents that could seriously damage the organization if such information were lost or made public.






2. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists






3. Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives - including timeframes - technologies - offsite storage - and will ensuretime objectives can be met.






4. A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives






5. Identification and notification of an unauthorized and/or undesired action






6. High frequency - highly directional radio signals. Attackers target interception attempts at transmission and relay stations.






7. Mediates communication between un-trusted hosts on behalf of the hosts that it protects.






8. Renders the record inaccessible to the database management system






9. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.






10. An event which stops business from continuing.






11. Inference about encrypted communications






12. Two different keys decrypt the same cipher text






13. Employment education done once per position or at significant change of function






14. Unsolicited advertising software






15. A process state - to be either be unable to run waiting for an external event or terminated






16. A comprehensive set of controls comprising best practices in information security and provides guidelines on how to set up and maintain security programs.






17. Forgery of the sender's email address in an email header.






18. To set the clearance of a subject or the classification of an object






19. Authentication protocol which only uses symmetric session keys between principals distributed by a 3rd party using different preshared symmetric keys






20. A BCP testing type - a test that answers the question: Can the organization replicate the business process?






21. A collection of information designed to reduce duplication and increase integrity






22. Converts source code to an executable






23. Eavesdropping on network communications by a third party.






24. Responsibility for actions






25. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


26. A control before attack






27. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.






28. Someone who want to know how something works - typically by taking it apart






29. To start business continuity processes






30. Information about a particular data set






31. A description of a database






32. Controls for logging and alerting






33. Location where coordination and execution of BCP or DRP is directed






34. Physical description on the exterior of an object that communicates the existence of a label






35. Natural or human-readable form of message






36. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity






37. Abstract and mathematical in nature - defining all possible states - transitions and operations






38. To know more than one job






39. One entity with two competing allegiances






40. Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive






41. Moving letters around






42. A simple - inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.






43. A layer 2 device that used to connect two or more network segments and regulate traffic.






44. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress






45. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?






46. Most granular organization of controls






47. Unused storage capacity






48. A layer 3 device that used to connect two or more network segments and regulate traffic.






49. An asymmetric cryptography mechanism that provides authentication.






50. Third party processes used to organize the implementation of an architecture