Test your basic knowledge |

CISSP Certified Information Systems Security Professional

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A state for operating system tasks only






2. Information about data or records






3. The back up of system - application - program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.






4. Authentication protocol which only uses symmetric session keys between principals distributed by a 3rd party using different preshared symmetric keys






5. Control category- to record an adversary's actions






6. A process state - to be either be unable to run waiting for an external event or terminated






7. The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.






8. For PKI - decertify an entities certificate






9. An image compression standard for photographs






10. Abstract and mathematical in nature - defining all possible states - transitions and operations






11. A collection of information designed to reduce duplication and increase integrity






12. Weak evidence






13. Control type- that is communication based - typically written or oral






14. Inference about encrypted communications






15. The partial or full duplication of data from a source database to one or more destination databases.






16. It is embedded as part of a complete device often including hardware and mechanical parts - Features a limited OS - Mobile phones - routers and wireless devices take a similar approach - Less than robust security features - Difficult to patch.






17. Real-time data backup ( Data Mirroring)






18. OOP concept of a template that consist of attributes and behaviors






19. Eavesdropping on network communications by a third party.






20. Granular decision by a system of permitting or denying access to a particular resource on the system






21. Define the way in which the organization operates.






22. Executive responsibilities of goal setting - delegation - and verification - based upon the mission.






23. Computing power will double every 18 months

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


24. A covert storage channel on the file attribute






25. A state where two subjects can access the same object without proper mediation






26. Weakness or flaw in an asset






27. A committee of decision makers - business owners - technology experts and continuity professionals - tasked with making strategic recovery and continuity planning decisions for the organization.






28. Methodical research of an incident with the purpose of finding the root cause






29. An alert or alarm that is triggered when no actual attack has taken place






30. Redundant component that provides failover capability in the event of failure or interruption of a primary component.






31. Searching for wireless networks in a moving car.






32. Security Policy - Personnel Controls - Supervisory Structure - Security Awareness Training - Testing






33. Requirement to take time off






34. Recovery alternative which includes cold site and some equipment and infrastructure is available






35. Electronically forwarding backup data to an offsite server or storage facility. Vaulting eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.






36. One method of testing a specific component of a plan. Typically - a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.






37. An access policy determined by the owner of a file (or other resource). The owner decides who's allowed access to the file and what privileges they have - most commonly used in the PC environment (i.e. file permissions).






38. Record of system activity - which provides for monitoring and detection.






39. Location where coordination and execution of BCP or DRP is directed






40. The point in time to which systems and data must be recovered after an outage. (e.g. End of previous day's processing). Rpos are often used as the basis for the development of backup strategies.






41. Process of identifying the risks to an organization - assessing the critical functions - defining the controls in place to reduce organization exposure and evaluating the cost for such controls.






42. For PKI - to store another copy of a key






43. Provides a physical cross connect point for devices.






44. Encryption system using a pair of mathematically related unequal keys






45. A signal suggesting a system has been or is being attacked.






46. A group or network of honeypots






47. Controls for logging and alerting






48. Sudden rise in voltage in the power supply.






49. Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.






50. Policy or stated actions