Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Planning with a goal of returning to the normal business function






2. Momentary loss of power






3. Uses a role-based method to determine access rights and permissions. Role based access control is based on the user's role and responsibilities within the company.






4. A database backup type which records at the transaction level






5. Mathematical function that determines the cryptographic operations






6. An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy.






7. Some systems are actually run at the alternate site






8. A Denial of Service attack that exploits systems that are not able to handle malicious - overlapping and oversized IP fragments.






9. Is secondhand and usually not admissible in court






10. Malware that subverts the detective controls of an operating system






11. Actions measured against either a policy or what a reasonable person would do






12. Requirement to take time off






13. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists






14. Information which has retained its importance - but which has been created or stored by software/hardware that has been rendered obsolete.






15. A codename that refers to the study and mitigation of information disclosure via electromagnetic emanations from electronic equipment.






16. Lower frequency noise






17. The collection and summation of risk data relating to a particular asset and controls for that asset






18. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data






19. Process of statistically testing a data set for the likelihood of relevant information.






20. The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster - including personnel - essential records - communication facilities - fax - mail services - etc.






21. The document that defines the resources - actions - tasks and data required to manage the business recovery process in the event of a business interruption within the stated disaster recovery goals.






22. A programming design philosophy and a type of programming language - which breaks a program into smaller units. Each unit has its own function.






23. Wrongs committed against individuals or companies that result in injury or damages. Civil law does not use prison time - usually a fine is paid






24. To load the first piece of software that starts a computer.






25. Intermediate level - pertaining to planning






26. Record of system activity - which provides for monitoring and detection.






27. Deals with discretionary protection






28. People who interact with assets






29. Only the key protects the encrypted information

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


30. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions






31. What is will remain - persistence






32. Moving the alphabet intact a certain number spaces






33. The core of a computer that calculates






34. Line noise that is superimposed on the supply circuit.






35. An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed - resources are allocated and - recovery and continuity strategies and procedures are completed and tested.






36. Includes identification and collection of the evidence - its storage - preservation - transportation - presentation in court - and return to the owner






37. Intellectual property protection for the expression of an idea






38. Intellectual property protection for marketing efforts






39. One way encryption






40. Forging of an IP address.






41. Regular operations are stopped and where processing is moved to the alternate site.






42. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.






43. Intellectual property management technique for identifying after distribution






44. A mathematical tool for verifying no unintentional changes have been made






45. Potential danger to information or systems






46. Used to code/decode a digital data stream.






47. Pertaining to law - accepted by a court






48. Means the systems design and level of protection are verifiable and provide the highest level of assurance and trust.






49. Information about data or records






50. Scrambled form of the message or data