Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. A test conducted on one or more components of a plan under actual operating conditions.
Highly Confidential
Operational Test
Ethics
Access Control

2. A basic level of network access control that is based upon information contained in the IP packet header.
Quantitative Risk Analysis
Packet Filtering
Redundant Array Of Independent Drives (RAID)
Security Kernel

3. A perpetrator leaves something behind or takes something with them at the scene of a crime

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

4. Methodical research of an incident with the purpose of finding the root cause
Disk Mirroring
Hot Site
Processes are Isolated By
Investigation

5. Share security concerns with embedded devices - Often security has been scarified for richer user experience during low power - Prime target for data loss as they transmit and store information in ways that can't be controlled.
Tactical
Compiler
Pervasive Computing and Mobile Computing Devices
Uninterruptible Power Supply (UPS)

6. A document designed to periodically exercise specific action tasks and procedures to ensure viability in a real disaster or severe outage situation.
Convincing
Test Plan
Control
Checklist Test

7. Most granular organization of controls
Stopped
Running
Compiler
Control Category

8. A disturbance that degrades performance of electronic devices and electronic communications.
Radio Frequency Interference (RFI)
MOM
Plan Maintenance Procedures
Hot Spares

9. Security Policy - Personnel Controls - Supervisory Structure - Security Awareness Training - Testing
Incident Response Team
Concentrator
Mandatory Access Control (MAC)
Administrative Access Controls

10. Mathematical function that determines the cryptographic operations
Kerckhoff's Principle
Mixed Law System
Eavesdropping
Algorithm

11. Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.
SQL Injection
Complete
CobiT
Fragmented Data

12. To reduce fire
Steganography
Firmware
Capability Tables
Fire Suppression

13. A backup of data located where staff can gain access immediately
Coaxial Cable
On-Site
Evidence
Mirroring

14. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data
Internal Use Only
Byte Level Deletion
Coaxial Cable
Certification

15. Object based description of a system or a collection of resources
Highly Confidential
Chain Of Custody
Data Marts
Access Control Matrix

16. For PKI - to have more than one person in charge of a sensitive function
Multi-Party Control
Surge
Security Domain
Satellite

17. A protocol for the efficient transmission of voice over the Internet
Revocation
Access Control Matrix
Voice Over IP (VOIP)
Access Point

18. Converts source code to an executable
Message Digest
Satellite
Keyed-Hashing For Message Authentication
Compiler

19. A design methodology which executes in a linear one way fashion
Waterfall
Structured Walkthrough
Administrative Access Controls
Instance

20. A software design technique for abstraction of a process
Bollard
Cipher Text
Data Hiding
Critical Functions

21. Wrong against society
Running
Criminal Law
File Shadowing
Centralized Access Control Technologies

22. A condition in which neither party is willing to stop their activity for the other to complete
Workaround Procedures
Deadlock
Digital Certificate
Safeguard

23. Impossibility of denying authenticity and identity
Business Records
Alternate Site
Non-Repudiation
Contact List

24. Code breaking - practice of defeating the protective properties of cryptography.
Mobile Site
Corrective
Cryptanalysis
Access Control Attacks

25. Indivisible - data field must contain only one value that either all transactions take place or none do
Atomicity
Metadata
Parallel Test
Interpreter

26. A state where two subjects can access the same object without proper mediation
Inference
False Negative
Distributed Processing
Race Condition

27. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.
Standalone Test
Identification
Infrastructure
Steganography

28. Loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.
Basics Of Secure Design
Internal Use Only
Substitution
Risk Assessment / Analysis

29. Policy or stated actions
Due Care
Microwave
Multi-Programming
Preemptive

30. The hard drive
Security Blueprint
Secondary Storage
Time Of Check/Time Of Use
Central Processing Unit (CPU)

31. Moving the alphabet intact a certain number spaces
Authentication
Shift Cipher (Caesar)
Brownout
Detection

32. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.
Business Unit Recovery
Contingency Plan
ISO/IEC 27002
Multi-Tasking

33. OOP concept of a distinct copy of the class
Deadlock
Tracking
Object
Simulation

34. An index entry in the directory of any storage medium that identifies the space on the medium in which an electronic document resides - thereby preventing that space from being overwritten by other data.
Pointer
Faraday Cage/ Shield
Process Isolation
Kernel

35. Converts a high level language into machine language
Threat Agent
Assembler
Firewalls
Checksum

36. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.
Job Rotation
Business Continuity Planning (BCP)
File Extension
Degauss

37. More than one CPU on a single board
Dangling Pointer
Multi-Core
Checklist Test
Multilevel Security System

38. The chance that something negative will occur
Control
Interpreter
Job Training
Risk

39. Organized group of compromised computers
Botnet
Decipher
Process Isolation
Containment

40. A programming device use in development to circumvent controls
Territoriality
Site Policy Awareness
Honeynet
Trapdoors (Backdoors) (Maintenance Hooks)

41. To execute more than one instruction at an instant in time
Alternate Site
Business Records
Multi-Processing
Adware

42. Deals with discretionary protection
Discretionary
Orange Book C Classification
Interpreter
Fault

43. Initial surge of current
Structured Walk-Through Test
Packet Filtering
Inrush Current
Business Interruption Insurance

44. A structured group of teams ready to take control of the recovery operations if a disaster should occur.
Trusted Computing Base
Sequence Attacks
Disaster Recovery Teams (Business Recovery Teams)
IDS Intrusion Detection System

45. Communication of a security incident to stakeholders and data owners.
Satellite
Atomicity
Accurate
Notification

46. Review of data
Analysis
Phishing
Rogue Access Points
Inheritance

47. A running key using a random key that is never used again
ITSEC
IP Fragmentation
One Time Pad
Digital Certificate

48. Statistical probabilities of a collision are more likely than one thinks
Running Key
Birthday Attack
Mantrap (Double Door System)
Supervisor Mode (monitor - system - privileged)

49. Pertaining to law - lending it self to one side of an argument
Bumping
Access Control Matrix
Convincing
Prevention

50. Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization - community - nation - etc
Operational
Incident Response Team
Education
Critical Infrastructure