Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.






2. Natural occurrence in circuits that are in close proximity






3. Forgery of the sender's email address in an email header.






4. A test conducted on a specific component of a plan - in isolation from other components - typically under simulated operating conditions.






5. Subject based description of a system or a collection of resources






6. For PKI - to store another copy of a key






7. Momentary loss of power






8. A database that contains the name - type - range of values - source and authorization for access for each data element






9. Organized group of compromised computers






10. Calculation encompassing threats - vulnerabilities and assets






11. Physical description on the exterior of an object that communicates the existence of a label






12. Recovery alternative - complete duplication of services including personnel






13. Intermediate level - pertaining to planning






14. Malware that subverts the detective controls of an operating system






15. A state for operating system tasks only






16. A protocol for the efficient transmission of voice over the Internet






17. Segmented memory addressing - encapsulation of objects - time multiplexing of shared resources - naming distinctions - and virtual mapping.






18. Dictate that data collected by govt. agencies must be collected fairly and lawfully - must be used only for the purpose for which they were collected - must only be held for a reasonable amount of time - and must be accurate and timely.






19. A template for the designing the architecture






20. Renders the record inaccessible to the database management system






21. Robust project management process of new systems with at least the following phases: design and development - production - distribution - operation - maintenance - retirement - and disposal






22. Determines the impact of the loss of an operational or technological resource. The loss of a system - network or other critical resource may affect a number of business processes.






23. A collection of data or information that has a name






24. The least formatted and therefore most portable form of text for computerized documents. ASCII files are often called plaintext files.






25. The first rating that requires security labels






26. Computing power will double every 18 months

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


27. A library of commands maintained by a system for other programs to use - provides consistency and integrity for the programs






28. One entity with two competing allegiances






29. Try a list of words in passwords or encryption keys






30. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.






31. Processes data at different classifications (security levels) and users with different clearances (security levels) can use the system.






32. Effort/time needed to overcome a protective measure






33. The time period between a disaster and a return to normal functions - during which the disaster recovery plan is employed.






34. To break a business process into separate functions and assign to different people






35. To be admissible in court they have to be made and collected in the normal course of business - not specially generated for a case in court. They can easily be considered hearsay if no firsthand proof of their accuracy and reliability exists






36. Quantity of risk remaining after a control is applied






37. May render the data inaccessible to the application intended to be used in processing the file - but may not actually remove the data






38. Alerts personnel to the presence of a fire






39. Potentially compromising leakage of electrical or acoustical signals.






40. Forging of an IP address.






41. Sudden rise in voltage in the power supply.






42. Object based description of a single resource and the permission each subject






43. An event that triggers an IDS to produce an alarm and react as though a real attack were in progress






44. A signal suggesting a system has been or is being attacked.






45. To execute more than one instruction at an instant in time






46. The chance that something negative will occur






47. Fault tolerance for power






48. Narrow scope examination of a system






49. The study of cryptography and cryptanalysis






50. Implementation of operating system protection mechanism - where more sensitive built upon the layering concept