Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Intermediate level - pertaining to planning






2. A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.






3. Heavily populated areas - particularly susceptible to high-intensity earthquakes - floods - tsunamis - or other disasters - for which emergency response may be necessary in the event of a disaster.






4. Copies of the plan are handed out to each functional area to ensure the plan properly deals with the area's needs and vulnerabilities






5. Vehicle or tool that exploits a weakness






6. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists






7. All of the protection mechanism in a computer system






8. Location to perform the business function






9. The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity






10. A BCP testing type - (structured walkthrough) - a test that answers the question: Is everything need for recovery available?






11. Total number of keys available that may be selected by the user of a cryptosystem






12. Less granular organization of controls -






13. Methodical research of an incident with the purpose of finding the root cause






14. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs






15. State of computer - to be running a process






16. Identification and notification of an unauthorized and/or undesired action






17. A failure of an IDS to detect an actual attack






18. Memory management technique that allows two processes to run concurrently without interaction






19. To stop damage from spreading






20. A backup of data located where staff can gain access readily and a localized disaster will not cause harm






21. Forgery of the sender's email address in an email header.






22. Malware that uses the trust on a website to redirect users to untrusted websites which captures data or installs more malware






23. Intellectual property protection for an invention






24. Malware that subverts the detective controls of an operating system






25. Short period of low voltage.






26. A process state - to be either be unable to run waiting for an external event or terminated






27. Memory management technique which allows data to be moved from one memory address to another






28. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


29. The problems solving state - the opposite of supervisor mode






30. An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business - as well as legal or regulatory impacts.






31. A backup type - for databases at a point in time






32. Regular operations are stopped and where processing is moved to the alternate site.






33. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).






34. A committee of decision makers - business owners - technology experts and continuity professionals - tasked with making strategic recovery and continuity planning decisions for the organization.






35. An unintended communication path






36. Real-time - automatic and transparent backup of data.






37. Unauthorized access of network devices.






38. An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy.






39. Rapid switching back and forth between programs from the computer's perspective and appearing to do more that one thing at a time from the user's perspective






40. Asymmetric encryption of a hash of message






41. Recording activities at the keyboard level






42. An attack involving the hijacking of a TCP session by predicting a sequence number.






43. A Trojan horse with the express underlying purpose of controlling host from a distance






44. Unsolicited advertising software






45. Return to a normal state






46. OOP concept of a template that consist of attributes and behaviors






47. Subjects will not interact with each other's objects






48. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.






49. A secure connection to another network.






50. A mail server that improperly allows inbound SMTP connections for domains it does not serve.