Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP > 8 - Legal, Regulations, Investigations and Compliance > Flashcards

8 - Legal, Regulations, Investigations and Compliance Flashcards

1
Q
  1. Which RFC contains the Internet Activity Board’s “Ethics and the Internet” documentation? a. RFC 1918b. RFC 1394c. RFC 1024d. RFC 1087
A

D: RFC 1087 contains the Internet Activity Board’s “Ethics and the Internet” documentation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. Which of the following is not defined as unethical and unacceptable activity by Internet Activity Board’s “Ethics and the Internet” documentation?a. Soliciting for non-profit organization donationsb. Wasting resources (people, capacity, computer) through such actionsc. Destroying the integrity of computer-based informationd. Compromising the privacy of users
A

A: This is not listed or defined as unethical and unacceptable activity by RFC 1087.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. The theft of small amounts of information from many sources to compile or infer data about something private or classified is known as?a. Masqueradingb. The Salami techniquec. Data diddlingd. Espionage
A

B: The theft of small amounts of information from many sources to compile or infer data about something private or classified is known as the Salami technique.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. Which of the following is not technically a crime according to the law?a. espionageb. fraudc. piracyd. resource waste
A

D: Resource waste is an inappropriate activity but not an actual crime.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. Which of the following defined the unauthorized possession of information without the intent to profit from the information as a crime?a. 1991 U.S. Federal Sentencing Guidelinesb. U.S. Computer Fraud and Abuse Actc. U.S. Privacy Act 1974d. U.S. National Information Infrastructure Protection Act 1996
A

A: The 1991 U.S. Federal Sentencing Guidelines defined the unauthorized possession of information without the intent to profit from the information as a crime.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. Evidence should be all but which of the following in order to be used in court?a. Reliableb. Sufficientc. Relevantd. Permissible
A

B: Evidence need not be sufficient.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. Which of the following is not an element or aspect of the ISC(2) code of ethics?a. CISSP certification holders are required by law to uphold the ISC(2) code of ethicsb. CISSP certification holders should adhere to the highest ethical standards of behaviorc. A condition of CISSP certification is adherence to the ISC(2) code of ethics.d. Protect society, the commonwealth, and the infrastructure
A

A: This is not element or aspect of the ISC(2) code of ethics, the code is not enforceable by law.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. Violation of the ISC(2) code of ethics can result in?a. Arrestb. Revocation of certificationc. Financial penaltiesd. Community service hours
A

B: A consequence of violating the ISC(2) code of ethics is revocation of certification.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. Which of the following is not directly specified in the cannons of the ISC(2) code of ethics?a. Act honorably, honestly, justly, responsibly, and legallyb. Provide diligent and competent service to principals.c. Don’t write malicious code such as virusesd. Advance and protect the profession
A

C: This is not addressed in the cannons of the ISC(2) code of ethics.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. The crime of impersonation or spoofing is also known as?a. Spammingb. Data diddlingc. Masqueradingd. Social engineering
A

C: Masquerading is another name for the crime of impersonation or spoofing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. Unauthorized modification of data is known as?a. The salami technique b. Spoofingc. Malicious coded. Data diddling
A

D: Data diddling is the act of unauthorized modification of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. TEMPEST is concerned with?a. Emanation eavesdroppingb. Distributed Denial of Service attacks.c. Password theftd. Dumpster diving
A

A: TEMPEST is concerned with emanation eavesdropping.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. The act of extracting information from discarded materials is known as?a. Fraudb. Dumpster divingc. Information warfared. Superzapping
A

B: The act of extracting information from discarded materials is known as

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. Which of the following is not supported by the ISC2’s CISSP code of ethics? a. promote understanding of securityb. provide competent servicec. do not disclose confidential information from clientsd. report crimes to ISC2
A

D: The ISC2’s CISSP code of ethics indicates that knowledge of crimes should be appropriately reported. Appropriately reporting crimes would be to inform the management of the organization and/or law enforcement. Informing ISC2 is not appropriate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. Which of the following is not considered a violation of computer ethics?a. working overtime on an IT projectb. browsing files on the file serverc. using proprietary software without compensationd. employing another’s intellectual property without acknowledgement
A

A: It is not a violation of computer ethics to work overtime.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. Which of the following is not defined as unacceptable and inappropriate by the Internet Activities Board of Ethics and the Internet?a. seeking to gain unauthorized access to resourcesb. conducting commercial activities over the Internetc. destroying the integrity of computer stored informationd. wasting resources
A

B: Conducting commercial activities over the Internet is not defined as an unacceptable and inappropriate activity as defined by the Internet Activities Board of Ethics and the Internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q
  1. Which of the following is not a valid means to identify or label computer evidence?a. writing on printouts with permanent markersb. recording serial numbersc. writing a contents and ID tag file to a hard drived. photographing the contents displayed on the monitor
A

C: Writing a file to the hard drive may alter the evidence and therefore is an invalid means to label evidence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q
  1. What type of evidence proves or disproves a specific act through oral testimony based on information gathered through the witness’s five senses?a. Hearsay evidenceb. Circumstantial evidencec. Secondary evidenced. Direct evidence
A

D: Direct evidence proves or disproves a specific act through oral testimony based on information gathered through the witness’s five senses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q
  1. Which of the following is not an element in the ISC2’s code of ethics that all CISSP candidates must adhere to?a. conduct themselves with high standards of moral, ethical, and legal behaviorb. do not commit any unlawful actc. do not write malicious coded. report all discovered unlawful activity
A

C: The actual act of authoring malicious code is not a violation of the ISC2’s code of ethics. However, allowing that malicious code to affect systems is a violation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q
  1. Which of the following is not a computer crime?a. social engineeringb. surfing pornographic Web sitesc. password sniffingd. spoofing IP addresses
A

B: Surfing pornographic Web sites is inappropriate in most business environments and often grounds for termination, but it is not a crime.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q
  1. Which of the following is not a crime against a computer?a. intercepting wireless network communicationsb. installing software that has not been properly purchasedc. causing a blackout of the local power grid by damaging a power stationd. testing an intrusion script against a competitor’s Web site
A

C: Causing a blackout of the local power grid by damaging a power station cannot be considered a crime against a computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q
  1. Which of these computer crimes is not like the others?a. spoofingb. Trojan horsec. masqueradingd. data diddling
A

D: Data diddling is the alteration of data, not the use of information to pretend to be something else.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q
  1. Which of the following is not a true statement according to the Generally Accepted Systems Security Principles (GASSP)?a. computer security supports the mission of an organizationb. computer security should be cost effectivec. computer security is not restrained by societyd. computer security should be periodically reassessed
A

C: Computer security is restrained by society according to GASSP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q
  1. The U.S. Department of Health, Education, and Welfare Code of Fair Information Practices requires which of the following?a. people must be able to remove any information about themselves from databases containing personal datab. organizations maintaining personal data do not need to ensure that data isn’t misusedc. data stored about people must be timelyd. the existence of systems that maintain records of a personal nature cannot remain secret
A

D: The U.S. Department of Health, Education, and Welfare Code of Fair Information Practices requires that the existence of systems that maintain records of a personal nature cannot remain secret.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q
  1. Which of the following is considered a crime committed using a computer?a. illegally transferring money from one bank account to another over the Internetb. erasing a hard drive using a degaussing magnetc. setting fire to a buildingd. theft of a notebook from an airport security checkpoint
A

A: Illegally transferring money from one bank account to another over the Internet is a crime committed using a computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q
  1. Which category of common law allows for punishments to include financial penalties but not imprisonment for a conviction?a. civil lawb. criminal lawc. administrative lawd. regulatory law
A

A: Civil law is a category of common law that allows for financial penalties but not imprisonment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q
  1. Which form of law focuses on the violation of government laws focused on the protection of the public?a. civil lawb. criminal lawc. administrative lawd. regulatory law
A

B: Criminal law focuses on the violation of government laws focused on the protection of the public.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q
  1. What form of common law is also known as tort?a. Administrative lawb. Criminal lawc. Civil lawd. Regulatory law
A

C: Civil law is also known as tort.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q
  1. Which of the following is not a valid countermeasure against the interception of radio frequency and other electromagnetic radiation signals by unauthorized individuals?a. sound dampening insulationb. TEMPEST equipmentc. white noise generationd. control zones
A

A: Sound dampening insulation is ineffective as a countermeasure against radio frequency and other electromagnetic radiation signals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q
  1. Which of the following is not considered a computer crime?a. espionageb. natural disastersc. fraudd. embezzlement
A

B: Natural disasters are not a form of computer crime.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q
  1. Which of the following is not one of the types of laws found in the United States that can be used in a court of law?a. statutory lawb. administrative lawc. Islamic lawd. common law
A

C: Islamic law is a religious law that is found in some areas of the US, but it is not used in government courts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q
  1. The code of federal regulations is also known as?a. statutory lawb. common lawc. case digestsd. administrative law
A

D: Administrative laws are also known as the code of federal regulations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q
  1. Which of the following laws addresses confidentiality, integrity, and availability for both data and systems and encourages other countries to adopt the same framework?a. U.S. Privacy Act of 1974b. Paperwork Reduction Act of 1995c. U.S. National Information Infrastructure Protection Act of 1996d. Gramm Leach Bliley Act of 1999
A

C: The U.S. National Information Infrastructure Protection Act of 1996 addresses confidentiality, integrity, and availability for both data and systems and encourages other countries to adopt the same framework.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q
  1. Which of the following requires Federal Agencies to assess the security of their non-classified information systems, to provide a risk assessment, and to report the security needs of its systems?a. U.S. Privacy Act of 1974b. U.S. Computer Fraud and Privacy Act of 1986c. U.S. National Information Infrastructure Protection Act of 1996d. Paperwork Reduction Act of 1995
A

D: The Paperwork Reduction Act of 1995 requires Federal Agencies to assess the security of their non-classified information systems, to provide a risk assessment, and to report the security needs of its systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q
  1. Which of the following defines the trafficking in computer passwords as a federal crime if that activity affects interstate or foreign commerce or permits unauthorized access to government computers?a. U.S. Computer Fraud and Abuse Act of 1986b. Paperwork Reduction Act of 1995 c. U.S. National Information Infrastructure Protection Act of 1996 d. Gramm Leach Bliley Act of 1999
A

A: The U.S. Computer Fraud and Abuse Act of 1986 defines the trafficking in computer passwords as a federal crime if that activity affects interstate or foreign commerce or permits unauthorized access to government computers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q
  1. Which of the following is an amendment to the U.S. Computer Fraud and Privacy Act of 1986?a. U.S. Privacy Act of 1974b. U.S. National Information Infrastructure Protection Act of 1996c. Paperwork Reduction Act of 1995d. Gramm Leach Bliley Act of 1999
A

B: The U.S. National Information Infrastructure Protection Act of 1996 is an amendment to the U.S. Computer Fraud and Abuse Act of 1986. The U.S. National Information Infrastructure Protection Act of 1996 addresses confidentiality, integrity, and availability for both data and systems and encourages other countries to adopt the same framework.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q
  1. Which of the following laws requires that banks give customers the option to prohibit the distribution of personal information with non-affiliated third parties?a. U.S. Privacy Act of 1974b. U.S. Computer Fraud and Abuse Act of 1986c. U.S. National Information Infrastructure Protection Act of 1996d. Gramm Leach Bliley Act of 1999
A

D: The Gramm Leach Bliley Act of 1999 requires that banks give customers the option to prohibit the distribution of personal information with non-affiliated third parties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q
  1. Which of the following laws requires that federal agencies protect information about private individuals that is stored in government databases?a. U.S. Privacy Act of 1974b. U.S. Computer Fraud and Abuse Act of 1986c. Paperwork Reduction Act of 1995 d. Gramm Leach Bliley Act of 1999
A

A: The U.S. Privacy Act of 1974 requires that federal agencies protect information about private individuals that is stored in government databases.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q
  1. Which of the following laws defines the use of a federal interest computer in a crime as a federal offense and reduces the minimum damage required to declare a crime a federal offence?a. U.S. Privacy Act of 1974b. U.S. Computer Fraud and Abuse Act of 1986c. U.S. National Information Infrastructure Protection Act of 1996d. Gramm Leach Bliley Act of 1999
A

B: The U.S. Computer Fraud and Abuse Act of 1986 defines the use of a federal interest computer in a crime as a federal offense and reduces the minimum damage required to declare a crime a federal offence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q
  1. Which of the following statements is true?a. European privacy laws are less restrictive than those of the United States. b. European privacy laws are just as restrictive than those of the United States. c. European privacy laws are more restrictive than those of the United States. d. European privacy laws are completely different than those of the United States.
A

C: European privacy laws are more restrictive than those of the United States.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q
  1. Which of the following is not a tenant of the European privacy laws?a. Data must be collected in accordance with the lawb. Collected information cannot be disclosed to others without the consent of the individualc. Records kept about an individual must be accurate and timelyd. Data can only be collected with the consent of the individual
A

D: The European privacy laws do not require consent for the collection of private data, just the distribution of such data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q
  1. Which of the following is not true in regards to the European privacy laws?a. Data can be retained indefinitelyb. Individuals can correct errors in the data collected about themc. Data can only be used for the original purpose for which it was collectedd. Individuals are entitled to a report detailing the information retained about them
A

A: The European privacy laws require that data be retained for a limited and reasonable period of time defined at the time of gathering the data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q
  1. Which of the following is not a common problem with the storage of personal health and medical data?a. Access granted to a wide range of users, such as outside partners, members, and vendorsb. A high level of granular access control on most systemsc. Internet connectivity increases vulnerabilities to integrity and privacy of datad. misuse of personal medical data can have a significant negative impact on the public perception of an organization
A

B: Most systems do not have a high level of granular access control and thus they are vulnerable to security violations. So, the presence of strong security is not a common problem with the storage of personal health and medical data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q
  1. Which form of intellectual property law protects original works of authorship for 50+ years?a. trademarkb. patentc. copyrightd. trade secret
A

C: A copyright is a form of intellectual property law that protects original works of authorship for 50+ years.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q
  1. Which form of intellectual property law defines data that is confidential and proprietary to a specific organization?a. trademarkb. patentc. copyrightd. trade secret
A

D: A trade secret is a type of data defined by intellectual property law that is confidential and proprietary to a specific organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q
  1. Which form of intellectual property law protects or establishes a word, name, symbol, etc. as an identifying mark for an organization or a product?a. trademarkb. patentc. copyrightd. trade secret
A

A: A trademark is a form of intellectual property law that protects or establishes a word, name, symbol, etc. as an identifying mark for an organization or a product.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q
  1. Which form of intellectual property law provides the owner with 17 years of exclusive use rights?a. trademarkb. patentc. copyrightd. trade secret
A

B: A patent is a form of intellectual property law that provides the owner with 17 years of exclusive use rights.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q
  1. Which of the following statements is true in regards to a well-organized and legitimate monitoring solution that records all e-mail on a business network?a. does not provide a means to track down violations of security policyb. does not provide a guarantee of personal privacyc. does not clearly inform all users of the monitoring activityd. does not make employees aware of the acceptable use of e-mail
A

B: A well-organized and legitimate monitoring solution that records all e-mail on a business network does not provide a guarantee of personal privacy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q
  1. Which of the following treats the unauthorized possession of information without the intent to profit from it as a crime?a. U.S. Computer Fraud and Privacy Act of 1986b. Paperwork Reduction Act of 1995c. 1991 U.S. Federal Sentencing Guidelinesd. Gramm Leach Bliley Act of 1999
A

C: The 1991 U.S. Federal Sentencing Guidelines treats the unauthorized possession of information without the intent to profit from it as a crime.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q
  1. All of the following are true regarding the 1991 U.S. Federal Sentencing Guidelines except for?a. Treats the unauthorized possession of information without the intent to profit from it as a crime b. Applies to both individuals and organizationsc. Makes the degree of punishment a function of the extent to which the organization has demonstrated due diligence in establishing securityd. Makes the use of information that causes $1,000 or more in damages or which impairs medical treatment as a federal crime
A

D: The U.S. Computer Fraud and Abuse Act makes the use of information that causes $1,000 or more in damages or which impairs medical treatment as a federal crime.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q
  1. Which of the following is not a information privacy principles that health care organizations should adhere to?a. grant individuals the means to monitor and correct the data collected about themb. restrict the uses of data to those outlined when the data was originally collectedc. maintain the secrecy of their personal information databased. organizations that gather data should provide adequate protection for that data
A

C: Health care organizations should comply with the privacy principle of making sure that databases containing personal health and medical information about individuals is not kept secret.

52
Q
  1. Which of the following is not true about the Health Insurance Portability and Accountability Act (HIPAA)?a. Establishes the rights for individuals who are subjects of individually identifiable health information b. Defines uses and disclosures of individually identifiable health information that should be authorized or required c. Requires a information security officerd. Defines specific products, standards, guidelines, and procedures for protecting individually identifiable health information
A

D: HIPAA does not provide specifics for a protecting solution, rather it outlines a framework to provide protecting for individually identifiable health information.

53
Q
  1. Which of the following is not a recommended practice for the monitoring of e-mail on a company network?a. establish different levels of monitoring for each organizational staff levelb. Inform all users that monitoring is occurring via clearly visible and frequent banner or similar warning systemc. Monitoring should be performed in a lawful and consistent mannerd. Detail who will be accessing and viewing the archived data and for how long the data will be retained
A

A: The same monitoring procedures and practices should be applied to senior management as to end users. Using different levels of monitoring for different users is not a recommended practice for the monitoring of e-mail on a company network.

54
Q
  1. Which of the following is not visible proof that due care is being practiced by an organization in regards to security?a. physical access controlsb. hardware backupsc. security awareness trainingd. use of plenum cabling
A

D: Use of plenum cabling is often mandated by building code for proper fire rating, however it is not an aspect of due care.

55
Q
  1. Which of the following is not visible proof that due care is being practiced by an organization in regards to security?a. Deploying high-speed networking devicesb. Telecommunications encryption c. Disaster recovery plansd. Development of formalized security infrastructure documentation
A

A: The speed of networking devices is not evidence of due care.

56
Q
  1. Which of the following is not a responsibility of the Computer Incident Response Team?a. Managing public relationsb. Design security policiesc. Investigate intrusionsd. Report incidents
A

B: CIRT is not responsible for designing security policies.

57
Q
  1. The 1991 U.S. Federal Sentencing Guidelines invokes the ______________ that requires that senior management of an organization perform their duties with the same care that any normal person would exercise in the same circumstances.a. Prudent man ruleb. Principle of least privilegec. Tenant of due cared. Separation of duties requirement
A

A: The 1991 U.S. Federal Sentencing Guidelines invokes the prudent man rule that requires that senior management of an organization perform their duties with the same care that any normal person would exercise in the same circumstances.

58
Q
  1. The U.S. Federal Sentencing Guidelines provides for a punishment for convicted senior management that can include?a. imprisonmentb. fines up to $290 millionc. confiscation of assetsd. seizure of public stock offerings
A

B: The U.S. Federal Sentencing Guidelines provide for a punishment of a fine of up to $290 million.

59
Q
  1. For negligence to be proven in court, what must be demonstrated or proved? a. lack of due diligenceb. failure to comply with recognized standardsc. legally recognized obligationd. proximate causation
A

C: Negligence is proven in court by demonstrating a legally recognized obligation.

60
Q
  1. Which decision should not be made after an incident occurs?a. determine how much damage was causedb. determine what backup solutions should be deployedc. determine which safeguards are requiredd. determine if recovery procedures should be triggered to recover from an incident
A

B: Backup solutions should be deployed before an incident, not after. Granted, they may need adjustment after an incident, but if they are not present beforehand you may not be able to recover.

61
Q
  1. When an investigation of a computer crime incident occurs, which of the following is not true?a. there is a compressed time frame within which to conduct the investigationb. the investigation may interfere with the normal operations of businessc. evidence is usually tangibled. evidence may be co-mingled with data needed for normal business activities
A

C: Evidence in a computer crime incident is usually intangible.

62
Q
  1. When an investigation of a computer crime incident occurs, which of the following is not true?a. Evidence can be difficult to gatherb. Evidence may be damaged or altered by the normal operations of businessc. Jurisdictional responsibility may be cloudyd. An expert or specialist is usually not required
A

D: In many instances, evidence gathering for a computer crime incident requires an expert or specialist.

63
Q
  1. Which of the following is not a responsibility of the Computer Incident Response Team?a. Review network logsb. Resolve vulnerabilitiesc. Risk assessmentd. Minimize costs of incidents
A

C: CIRT is not responsible for risk assessment.

64
Q
  1. Emergency response should be planned out before an incident occurs. Which of the following is not an aspect of this type of planning?a. how an incident should be reportedb. when should management be informed of an incidentc. what action should be taken when an incident is detectedd. where should the facility be located for the greatest security
A

D: Locating the facility is an aspect of initial security policy and solution design. It is not an aspect of emergency response planning.

65
Q
  1. Emergency response should be planned out before an incident occurs. Which of the following is not an aspect of this type of planning?a. What constitutes a federal crimeb. What is considered an incidentc. To whom should incidents be reportedd. Who should handle the response to an incident
A

A: Determining the criteria for a federal crime is the responsibility of the federal government, not your organization’s emergency response planning team.

66
Q
  1. If a computer crime is suspected, which of the following is the most important activity to perform?a. generate post incident reportsb. trigger the emergency response teamc. restore non-critical business processesd. do not alert the suspect
A

D: The most important act once a computer crime is suspected is to not alert the suspect.

67
Q
  1. The standard discriminator to determine whether a subject may be the person who committed a crime is to evaluate whether that person had all but which of the following?a. intentionb. meansc. motived. opportunity
A

A: Intention is not one of the standard discriminators.

68
Q
  1. The goal of an ______________ is to find the answers to who, what, when, where, why, and how.a. interrogationb. interviewc. investigationd. interpretation
A

B: The goal of an interview is to find the answers to who, what, when, where, why, and how.

69
Q
  1. The act of an investigation can often have numerous negative consequences for an organization. Which of the following is not an example of one of these?a. Maintaining individual privacyb. The subject committing retaliatory actsc. Negative publicityd. Interruption of business processes
A

A: Maintaining individual privacy is often not possible when an investigation is being conducted. Thus, maintaining individual privacy is not an example of a negative consequence. In reality, individual privacy is often violated during an investigation.

70
Q
  1. A committee to help with the investigation of computer crime incidents should be established. This committee should perform all but which of the following?a. Establish a liaison with law enforcementb. Creating post-incident reports for use as evidence in courtc. Design a procedure for reporting IT crimesd. Inform senior management and affect parties of the progress of an investigation
A

B: In most instances, post-incident reports, especially those generated outside the normal business practices of the organization, are not permissible in court, thus the committee should not produce them.

71
Q
  1. Who has jurisdiction over computer crimes committed in the U.S.?a. Local law enforcement and FBIb. Secret Service and NISTc. FBI and Secret Serviced. NSA and CIA
A

C: The FBI and the Secret Service have jurisdiction over computer crimes in the U.S.

72
Q
  1. Which of the following is not a valid means to collect evidence according to the rules of evidence or the evidence life cycle?a. gather all relevant storage mediab. use degaussing equipmentc. image the hard drived. print out the screen
A

B: Using degaussing equipment is not a valid collection means, in most cases this will destroy the electronically stored evidence data.

73
Q
  1. Which of the following represents the proper order of the chain of evidence or the evidence life cycle?1. Collection2. Discovery3. Identification4. Presentation5. Preservation6. Protection7. Recording8. Return9. Transportationb. 1,2,3,4,5,6,7,9,8c. 2,4,8,9,5,1,3,7,6d. 2,6,7,1,3,5,9,4,8e. 6,5,8,3,4,1,9,7,2
A

C: The correct order is discovery, protection, recording, collection, identification, preservation, transportation, presentation, and return.

74
Q
  1. The goal of an ______________ is to establish enough evidence to consider a subject a witness.a. investigationb. interviewc. interrogationd. interpretation
A

B: The goal of an interview is to establish enough evidence to consider a subject a witness.

75
Q
  1. Which of the following is not true?a. In an interview, an individual becomes a witnessb. In an interview, a subject becomes a witnessc. In an interrogation, a witness becomes a suspectd. In an interrogation, a subject comes a witness
A

D: This is a false statement. The correct statement is: In an interrogation, a witness becomes a suspect.

76
Q
  1. Which of the following is not an element of the chain of custody?a. Whether the evidence is relevantb. Time and location the evidence was gatheredc. Who discovered the evidenced. Who maintained possession of the evidence
A

A: Whether the evidence is relevant is not an element of the chain of custody.

77
Q
  1. Which of the following is not a valid action to take when preserving evidence for admissibility in court?a. avoid smoke and dustb. write protect mediac. storing electronic media in plastic bagsd. avoid magnetic fields
A

C: Storing electronic media in plastic bags is not a valid action since they can cause static discharge and condensation. Paper, cardboard, or special anti-static bags should be used.

78
Q
  1. When attempting to preserve evidence for admissibility in court, which of the following is a valid action to take?a. Run a tripwire on the systemb. Use AES to encrypt the entire storage devicec. Defragment the storage deviced. Create a message digest using SHA
A

D: Creating a SHA message digest of a storage device, as long as that digest is not written to the device itself, can be used to validate the integrity of the storage device at a later time, thus preserving the evidence.

79
Q
  1. The original or primary evidence is also known as?a. best evidenceb. direct evidencec. secondary evidenced. conclusive evidence
A

A: Best evidence is the original or primary evidence.

80
Q
  1. To present evidence in court, it must be all but which of the following?a. relevantb. permissiblec. reliabled. sufficient
A

D: Evidence need not be sufficient to be presented in court.

81
Q
  1. Aspects of the relevance of evidence include all but which of the following? a. has not been alteredb. must show that a crime has been committedc. shows some aspect of the perpetrator’s motivesd. verifies or demonstrates what has occurred
A

A: Whether evidence has been altered is not an aspect of relevance but an aspect of reliability.

82
Q
  1. Which of the following is not a valid means of identification that will allow evidence to be admissible in court?a. Writing on paper printouts with a permanent markerb. Writing a identification file to a storage mediac. A recording of serial numbers from devicesd. Placing evidence in sealed and marked containers
A

B: Writing to a storage media in any way alters that media and can destroy evidence. This is not a valid means of identifying evidence.

83
Q
  1. What is superzap?a. A short-duration high-voltage surge of electricityb. A tool used to discover the source of an Internet attack even when spoofed packets are usedc. A tool used to bypass system security in order to modify or disclose datad. A firewall scanning tool used to detect open and active ports
A

C: Superzap is a tool used to bypass system security in order to modify or disclose data.

84
Q
  1. Which of the following is not a crime committed using a computer?a. Password theftb. Illegal material contentc. Embezzlementd. Physical destruction
A

D: Physical destruction is a crime committed against computers, not using a computer.

85
Q
  1. Which of the following is not malicious code?a. e-mail spamb. A virusc. A Trojan horsed. A worm
A

A: E-mail spam is unwanted, can cause a DoS attack, and it can be the carrier agent of malicious code, but it is not itself considered a form of malicious code.

86
Q
  1. The oral testimony of a witness is known as?a. best evidenceb. direct evidencec. hearsay evidenced. circumstantial evidence
A

B: Direct evidence is the oral testimony of a witness.

87
Q
  1. What type of evidence is generally inadmissible in court?a. best evidenceb. direct evidencec. hearsay evidenced. expert opinion
A

C: Hearsay evidence is generally inadmissible in court.

88
Q
  1. Which of the following is not an exception to the hearsay rule?a. Evidence made during the normal process of business activityb. Evidence in the custody of the witness on a regular basisc. Evidence made at or near the time of the incident being investigatedd. Evidence produced as a result of the incident and exclusively for court presentation
A

D: Evidence is inadmissible as hearsay if the documents are generated after the incident for the sole purpose of producing evidence about the incident.

89
Q
  1. When data needed as evidence is stored with data necessary for business operations and which is not associated with the crime, this is known as?a. Data diddlingb. Co-mingling of datac. Superzappingd. Embezzlement
A

B: When data needed as evidence is stored with data necessary for business operations and which is not associated with the crime, this is known as co-mingling of data.

90
Q
  1. The 1991 U.S. Federal Sentencing Guidelines establish what?a. Maximum sentences for the punishment of computer crimesb. Multi-jurisdiction accumulation of sentencingc. Punishment guidelines for breaking federal lawsd. Rules for a jury to follow when debating the guilt or innocence of a suspect
A

C: The 1991 U.S. Federal Sentencing Guidelines established punishment guidelines for breaking federal laws.

91
Q
  1. The 1991 U.S. Federal Sentencing Guidelines does what?a. Treats the authorized possession of information with the intent to profit from the information as a crime b. Treats the unauthorized possession of information with the intent to profit from the information as a crime c. Treats the authorized possession of information without the intent to profit from the information as a crime d. Treats the unauthorized possession of information without the intent to profit from the information as a crime
A

D: The 1991 U.S. Federal Sentencing Guidelines treats the unauthorized possession of information without the intent to profit from the information as a crime.

92
Q
  1. What is a script kiddy?a. A programmer who writes malicious codeb. An attacker that employs pre-written attack tools from the Internet who is usually unable to program and new to cyber crimec. An administrator who automates common management tasksd. A specialized Web based programming tool for animating menus
A

B: A script kiddy is an attacker that employs pre-written attack tools from the Internet who is usually unable to program and new to cyber crime.

93
Q
  1. The computer crime that attempts to alter the financial status of a nation, disrupt their power grid, or mis-represent the capabilities of an enemy is known as?a. Employing the Salami techniqueb. Data diddling c. Information warfared. Espionage
A

C: The computer crime that attempts to alter the financial status of a nation, disrupt their power grid, or mis-represent the capabilities of an enemy is known as information warfare.

94
Q
  1. Which of the following is a benefit of investigating computer crime?a. The investigation must often take place in a compressed time frameb. The evidence is often intangible c. An investigation may interfere with the normal operation of businessd. Many jurisdictions have expanded the definition of property to include electronic information
A

D: This is a benefit of investigating a computer crime.

95
Q
  1. Which of the following is not true?a. The investigation of a computer crime can usually be accomplished by the same forensic specialists used for any other type of crime scene.b. Evidence may be difficult to gather.c. Locations of the crimes may be separated by large geographic distance even through they were perpetrated through a computer at a single location.d. Electronic evidence can be destroyed easily, such as booting a system, running a program, or reading a file.
A

A: The investigation of a computer crime usually requires a specialist or an expert to gather evidence and process a crime scene.

96
Q
  1. How is the legal requirement for applying safeguards calculated?a. If the cost of implementing a physical access control is less than the estimated cost of a logical access control, then a legal liability existsb. If the loss of an exploited vulnerability is less than the estimated cost of a safeguard, then a legal liability existsc. If the cost of an asset is less than the cost of a safeguard, then a legal liability existsd. If the cost of implementing the safeguard is less than the estimated loss of an exploited vulnerability, then a legal liability exists
A

D: If the cost of implementing the safeguard is less than the estimated loss of an exploited vulnerability, then a legal liability exists.

97
Q
  1. The requirement that senior management must perform their duties with the same care than any normal, sensible person would under similar circumstances is known as? a. The prudent man ruleb. The risk avoidance axiomc. The liability avoidance methodd. Common sense
A

A: The requirement that senior management must perform their duties with the same care than any normal, sensible person would under similar circumstances is known as the prudent man rule.

98
Q
  1. When identifying evidence collected at the scene of a computer crime, all but which of the following are valid methods for identifying evidence?a. Writing a file containing identification information to the storage mediab. Marking printouts with a permanent markerc. Placing components in labeled bagsd. Making a list of serial numbers, makes, and models of components
A

A: This is not a valid method of identifying evidence since it modifies it.

99
Q
  1. Which of the following is not one of the three main types of laws?a. Criminalb. Intellectual Propertyc. Civild. Administrative
A

B: Intellectual property is not one of the three main types of laws since it does not focus on right and wrong, rather it is concerned with the protection of original creations.

100
Q
  1. The 1991 U.S. Federal Sentencing Guidelines establishes a link between the degree/ severity of punishment and what?a. The extent of due careb. Size of asset lossc. Financial cost to investorsd. Amount of liability insurance
A

A: The 1991 U.S. Federal Sentencing Guidelines establishes a link between the degree/ severity of punishment and the extent of due care.

101
Q
  1. Which of the following is not an example of how is due care shown?a. The presence of physical and logical access controlsb. Press releases stating suchc. Disaster recovery and business continuity plansd. A complete set of formalized security infrastructure documentation
A

B: This is not a valid method to show due care.

102
Q
  1. Which of the following is not a means by which a company shows that due care is properly implemented and practiced?a. Performing security awareness trainingb. Performing penetration testing against the organizationc. Deploying a homogenous networkd. Running updated anti-virus software
A

C: This is not an aspect of showing that due care is properly implemented and practiced. Homogeneity of systems on a network does not offer any special security benefits.

103
Q
  1. Which of the following statements are true?a. European privacy laws are more restrictive than those of the US.b. US privacy laws are more restrictive than those of Europe.c. European and US privacy laws are about the same.d. Europe has far fewer privacy laws that the US.
A

A: This is a true statement.

104
Q
  1. Evidence must be all but which of the following to be presented in court? a. Relevantb. Obtained in a lawful mannerc. Reliabled. Sufficient
A

D: Evidence need not be sufficient to be presented in court.

105
Q
  1. Which of the following is not required in order to prove negligence in court?a. Legally recognized obligationb. Failure to conform to a required standardc. Proximate causation resulting in damage or injuryd. Violation of the prudent man rule
A

D: This element is not a requirement to prove negligence in court. This is used to prove liability.

106
Q
  1. The legislative branch is responsible for creating what type of law?a. Statutory law is created by the legislative branch.b. Common lawc. Civil lawd. Criminal law
A

A: Statutory law

107
Q
  1. Who is ultimately responsible and held liable for the lack of due care within an organization?a. IT staffb. Security management teamc. Senior managementd. Department supervisors
A

C: Senior management is ultimately responsible and held liable for the lack of due care within an organization.

108
Q
  1. A copy of evidence or an oral description of its contents is known as?a. Best evidenceb. Secondary evidencec. Direct evidenced. Conclusive evidence
A

B: Secondary evidence is a copy of evidence or an oral description of its contents.

109
Q
  1. When collecting evidence at a crime scene, which of the following should not be performed?a. Collect all storage devicesb. Degauss equipmentc. Print out the screen or make a photograph of itd. Image the hard drive before removing power
A

B: This should not be performed when collecting evidence at a computer crime scene.

110
Q
  1. A computer incident response team is responsible for all but which of the following?a. Managing public relations during an incidentb. Minimizing risks to the organization during an incidentc. Investigating intrusionsd. Updating the security policy
A

D: This is not a responsibility of the CIRT. They may offer suggestions to review the security policy, but that is the arena of senior management.

111
Q
  1. Which of the following is not a component in the chain of evidence?a. The method used to collect, obtain, or gather the evidenceb. Location of evidence when it was collectedc. Identification of individuals who possessed the evidence from the time of collection to the presentd. The time the evidence was collected
A

A: The method used to collect the evidence is not part of the chain of evidence, but it may be an important issue in court.

112
Q
  1. The Paperwork Reduction Act of 1995 does what?a. Makes the trafficking in passwords that affects foreign commerce a federal crimeb. Defines standards by which medical information is stored, used, and transmittedc. Protects the information about individuals within government databases. d. Requires federal agencies to produce reports on the state of security for their non-classified systems.
A

D: The Paperwork Reduction Act of 1995 requires federal agencies to produce reports on the state of security for their non-classified systems.

113
Q
  1. A software copyright is held by the original creator for how long?a. 7 yearsb. 10 yearsc. 17 yearsd. 50 years or more
A

D: A software copyright can be held by the original creator for 50 years or more.

114
Q
  1. To discriminate whether an individual is the perpetrator of a crime, investigators evaluate whether the individual had _____, ______, and _____. Select the one answer that does not fit in the blanks.a. Meansb. Opportunityc. Motived. Collusion.
A

D: To discriminate whether an individual is the perpetrator of a crime, investigators evaluate whether the individual had motive, opportunity, and means.

115
Q
  1. The goal of an interrogation is to?a. Gather enough evidence to consider the subject a suspectb. Gather enough evidence to consider the individual a witnessc. To discern the who, what, when, where, why, and how of a crimed. Clear the suspect of all suspicion
A

A: The goal of an interrogation is to gather enough evidence to consider the subject a suspect.

116
Q
  1. Health Insurance Portability and Accountability Act (HIPAA) is a framework to provide guidance in providing all but which of the following for a health organization?a. Securityb. Availabilityc. Integrityd. Privacy
A

B: HIPPA does not directly address providing availability.

117
Q
  1. Which element of Intellectual Property law grants the owner 17 years of exclusive use?a. Trademark b. Trade secretc. Copyrightd. Patent
A

D: A patent provides the owner with 17 years of exclusive use.

118
Q
  1. Which of the following is not an element of the evidence life cycle?a. Identificationb. Transportationc. Destructiond. Return to owner
A

C: Destruction is not an element in the evidence life cycle. Evidence is never destroyed.

119
Q
  1. Evidence obtained from a secondary source rather than first hand knowledge or experience is known as?a. Secondary evidenceb. Circumstantial evidencec. Hearsay evidenced. Conclusive evidence
A

C: Hearsay evidence is evidence obtained from a secondary source rather than first hand knowledge or experience.

120
Q
  1. Tempting someone into committing a crime through coercion is known as? a. Enticementb. A sting operationc. Entrapmentd. Penetration testing
A

C: Tempting someone into committing a crime through coercion is known as entrapment.

121
Q
  1. Which of the following granted customers the ability to prohibit banks and financial institutions from sharing their personal information with nonaffiliated third parties?a. U.S. computer Fraud and Abuse Act b. U.S. Privacy Act 1974 c. Gramm Leach Bliley Act of 1999d. U.S. National Information Infrastructure Protection Act 1996
A

C: Gramm Leach Bliley Act of 1999 granted customers the ability to prohibit banks and financial institutions from sharing their personal information with nonaffiliated third parties.

122
Q
  1. What type of law is concerned with protection of the public and is able to assign imprisonment as a punishment?a. Civil lawb. Intellectual Property lawc. Criminal lawd. Regulatory law
A

C: Criminal law is concerned with the protection of the public and offers imprisonment as a punishment.

123
Q
  1. What branch of the US government is responsible for interpreting common law?a. Legislative branchb. Administrative agenciesc. Judicial branchd. Presidential branch
A

C: The judicial branch is responsible for interpreting common law.

124
Q
  1. American companies can export any encrypted product to?a. Any member of the European Unionb. Only to Englandc. To any non-communist country in the worldd. To all countries by Iraq, China, and Vietnam.
A

A: American companies can export any encrypted product to any member of the European Union.

125
Q
  1. Electronic monitoring of online access must be performed how?a. Using logical and technical mechanismsb. In a legal and consistent mannerc. Only under the consent of the monitoredd. Differently for each classification of user
A

B: Electronic monitoring of online access must be performed in a legal and consistent manner.

CISSP (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions