Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Final purpose or result






2. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress






3. Subject based description of a system or a collection of resources






4. Maintenance procedures outline the process for the review and update of business continuity plans.






5. Business activities or information that could not be interrupted or unavailable for several business days without significantly jeopardizing operation of the organization.






6. Encryption system using a pair of mathematically related unequal keys






7. Sudden rise in voltage in the power supply.






8. Natural occurrence in circuits that are in close proximity






9. A mathematical tool for verifying no unintentional changes have been made






10. To reduce fire






11. An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy.






12. Firewalls - encryption - and access control lists






13. A risk assessment method - intrinsic value






14. Planning with a goal of returning to the normal business function






15. Renders the record inaccessible to the database management system






16. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






17. A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.






18. The hard drive






19. Binary decision by a system of permitting or denying access to the entire system






20. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.






21. Reduction of voltage by the utility company for a prolonged period of time






22. The level and label given to an individual for the purpose of compartmentalization






23. A trusted issuer of digital certificates






24. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






25. A hash that has been further encrypted with a symmetric algorithm






26. A layer 2 device that used to connect two or more network segments and regulate traffic.






27. Mitigation of spamming and other attacks by delaying incoming connections as long as possible.






28. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


29. Any event - whether anticipated (i.e. - public service strike) or unanticipated (i.e. - blackout) which disrupts the normal course of business operations at an organization location.






30. An individuals conduct that violates government laws developed to protect the public






31. A temporary public file to inform others of a compromised digital certificate






32. A signal suggesting a system has been or is being attacked.






33. Copies of the plan are handed out to each functional area to ensure the plan properly deals with the area's needs and vulnerabilities






34. A tag of three or four letters - preceded by a period - which identifies a data file's format or the application used to create the file.






35. Intellectual property management technique for identifying after distribution






36. The core logic engine of an operating system which almost never changes






37. Requires two of the three user authentication attributes (knows - is or has) - e.g. you have an ATM card and enter a PIN






38. A backup type which creates a complete copy






39. Code making






40. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.






41. Recovery alternative - short-term - high cost movable processing location






42. A comprehensive set of controls comprising best practices in information security and provides guidelines on how to set up and maintain security programs.






43. A world-wide wireless technology






44. A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.






45. Loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.






46. Recording the Who What When Where How of evidence






47. Interception of a communication session by an attacker.






48. Mediation of subject and object interactions






49. The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.






50. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.