Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Eavesdropping on network communications by a third party.






2. A programming design concept which abstracts one set of functions from another in a serialized fashion






3. Control type- that is communication based - typically written or oral






4. Layer 1 network device that is used to connect network segments together - but provides no traffic control (a concentrator).






5. Narrow scope examination of a system






6. Weakness or flaw in an asset






7. A failure of an IDS to detect an actual attack






8. To set the clearance of a subject or the classification of an object






9. Renders the record inaccessible to the database management system






10. Measures followed to restore critical functions following a security incident.






11. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.






12. Those who initiate the attack






13. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.






14. The property that data meet with a priority expectation of quality and that the data can be relied upon.






15. Encryption system using a pair of mathematically related unequal keys






16. Responsibility for actions






17. Inference about encrypted communications






18. A cable consisting of a core - inner conductor that is surrounding by an insulator - an outer cylindrical conductor






19. A backup type - for databases at a point in time






20. Business activities or information that could not be interrupted or unavailable for several business days without significantly jeopardizing operation of the organization.






21. Process of statistically testing a data set for the likelihood of relevant information.






22. Continuous surveillance - to provide for detection and response of any failure in preventive controls.






23. Mediation of subject and object interactions






24. Autonomous malware that requires a flaw in a service






25. A process state - to be either be unable to run waiting for an external event or terminated






26. Wrong against society






27. A race condition where the security changes during the object's access






28. Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."






29. To move from location to location - keeping the same function






30. Maintaining full control over requests - implementation - traceability - and proper documentation of changes.






31. Collection of data on business functions which determines the strategy of resiliency






32. Part of a transaction control for a database which informs the database of the last recorded transaction






33. Not fulfilling legally recognized obligation - failure to conform to a standard of care that results in injury or damage - and proximate causation - not practicing due diligence - or due care - not following prudent person (doing due diligence in due






34. A electronic attestation of identity by a certificate authority






35. Computing power will double every 18 months

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


36. Moving letters around






37. Hitting a filed down key in a lock with a hammer to open without real key






38. A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.






39. The guardian of asset(s) - a maintenance activity






40. Controls for logging and alerting






41. Inappropriate data






42. Owner directed mediation of access






43. Minimal Protection - and is used for systems that were evaluated but failed to meet the criteria for higher divisions






44. Malware that uses the trust on a website to redirect users to untrusted websites which captures data or installs more malware






45. An attack that breaks up malicious code into fragments - in an attempt to elude detection.






46. Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.






47. A mathematical tool for verifying no unintentional changes have been made






48. Malware that makes small random changes to many data points






49. Descrambling the encrypted message with the corresponding key






50. Employment education done once per position or at significant change of function