Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISM Study Questions B > CISM Practice B Topic 5 > Flashcards

CISM Practice B Topic 5 Flashcards

1
Q

Which of the following should be determined FIRST when establishing a business continuity program?

Cost to rebuild information processing facilities

Incremental daily cost of the unavailability of systems

Location and cost of offsite recovery facilities

Composition and mission of individual recovery teams

A

Incremental daily cost of the unavailability of systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A desktop computer that was involved in a computer security incident should be secured as evidence by:

  • disconnecting the computer from all power sources.
  • disabling all local user accounts except for one administrator.
  • encrypting local files and uploading exact copies to a secure server.
  • copying all files using the operating system (OS) to write-once media.
A

disconnecting the computer from all power sources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A company has a network of branch offices with local file/print and mail servers; each branch individually contracts a hot site. Which of the following would be the GREATEST weakness in recovery capability?

Exclusive use of the hot site is limited to six weeks

The hot site may have to be shared with other customers

The time of declaration determines site access priority

The provider services all major companies in the area

A

The provider services all major companies in the area

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following actions should be taken when an online trading company discovers a network attack in progress?

Shut off all network access points

Dump all event logs to removable media

Isolate the affected network segment

Enable trace logging on all events

A

Isolate the affected network segment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The BEST method for detecting and monitoring a hacker’s activities without exposing information assets to unnecessary risk is to utilize:

firewalls.

bastion hosts.

decoy files.

screened subnets.

A

decoy files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The FIRST priority when responding to a major security incident is:

documentation.

monitoring.

restoration.

containment.

A

containment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following is the MOST important to ensure a successful recovery?

Backup media is stored offsite

Recovery location is secure and accessible

More than one hot site is available

Network alternate links are regularly tested

A

Backup media is stored offsite

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following is the MOST important element to ensure the success of a disaster recovery test at a vendor-provided hot site?

Tests are scheduled on weekends

Network IP addresses are predefined

Equipment at the hot site is identical

Business management actively participates

A

Business management actively participates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

At the conclusion of a disaster recovery test, which of the following should ALWAYS be performed prior to leaving the vendor’s hot site facility?

Erase data and software from devices

Conduct a meeting to evaluate the test

Complete an assessment of the hot site provider

Evaluate the results from all test scripts

A

Erase data and software from devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

An incident response policy must contain:

updated call trees.

escalation criteria.

press release templates.

critical backup files inventory.

A

escalation criteria.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The BEST approach in managing a security incident involving a successful penetration should be to:

allow business processes to continue during the response.

allow the security team to assess the attack profile.

permit the incident to continue to trace the source.

examine the incident response process for deficiencies.

A

allow business processes to continue during the response.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A post-incident review should be conducted by an incident management team to determine:

relevant electronic evidence.

lessons learned.

hacker’s identity.

areas affected.

A

lessons learned.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

An organization with multiple data centers has designated one of its own facilities as the recovery site. The MOST important concern is the:

communication line capacity between data centers.

current processing capacity loads at data centers.

differences in logical security at each center.

synchronization of system software release versions.

A

current processing capacity loads at data centers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following is MOST important in determining whether a disaster recovery test is successful?

Only business data files from offsite storage are used

IT staff fully recovers the processing infrastructure

Critical business processes are duplicated

All systems are restored within recovery time objectives (RTOs)

A

Critical business processes are duplicated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following is MOST important when deciding whether to build an alternate facility or subscribe to a third-party hot site?

Cost to build a redundant processing facility and invocation

Daily cost of losing critical systems and recovery time objectives (RTOs)

Infrastructure complexity and system sensitivity

Criticality results from the business impact analysis (BIA)

A

Infrastructure complexity and system sensitivity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A new e-mail virus that uses an attachment disguised as a picture file is spreading rapidly over the Internet. Which of the following should be performed FIRST in response to this threat?

Quarantine all picture files stored on file servers

Block all e-mails containing picture file attachments

Quarantine all mail servers connected to the Internet

Block incoming Internet mail, but permit outgoing mail

A

Block all e-mails containing picture file attachments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

When a large organization discovers that it is the subject of a network probe, which of the following actions should be taken?

Reboot the router connecting the DMZ to the firewall

Power down all servers located on the DMZ segment

Monitor the probe and isolate the affected segment

Enable server trace logging on the affected segment

A

Monitor the probe and isolate the affected segment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which of the following terms and conditions represent a significant deficiency if included in a commercial hot site contract?

A hot site facility will be shared in multiple disaster declarations

All equipment is provided “at time of disaster, not on floor”

The facility is subject to a “first-come, first-served” policy

Equipment may be substituted with equivalent model

A

All equipment is provided “at time of disaster, not on floor”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which of the following should be performed FIRST in the aftermath of a denial-of-service attack?

Restore servers from backup media stored offsite

Conduct an assessment to determine system status

Perform an impact analysis of the outage

Isolate the screened subnet

A

Conduct an assessment to determine system status

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which of the following is the MOST important element to ensure the successful recovery of a business during a disaster?

Detailed technical recovery plans are maintained offsite

Network redundancy is maintained through separate providers

Hot site equipment needs are recertified on a regular basis

Appropriate declaration criteria have been established

A

Detailed technical recovery plans are maintained offsite

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

The business continuity policy should contain which of the following?

Emergency call trees

Recovery criteria

Business impact assessment (BIA)

Critical backups inventory

A

Recovery criteria

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

The PRIMARY purpose of installing an intrusion detection system (IDS) is to identify:

weaknesses in network security.

patterns of suspicious access.

how an attack was launched on the network.

potential attacks on the internal network.

A

potential attacks on the internal network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

When an organization is using an automated tool to manage and house its business continuity plans, which of the following is the PRIMARY concern?

Ensuring accessibility should a disaster occur

Versioning control as plans are modified

Broken hyperlinks to resources stored elsewhere

Tracking changes in personnel and plan assets

A

Ensuring accessibility should a disaster occur

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Which of the following is the BEST way to verify that all critical production servers are utilizing up-to-date virus signature files?

Verify the date that signature files were last pushed out

Use a recently identified benign virus to test if it is quarantined

Research the most recent signature file and compare to the console

Check a sample of servers that the signature files are current

A

Check a sample of servers that the signature files are current

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Which of the following actions should be taken when an information security manager discovers that a hacker is foot printing the network perimeter?

Reboot the border router connected to the firewall

Check IDS logs and monitor for any active attacks

Update IDS software to the latest available version

Enable server trace logging on the DMZ segment

A

Check IDS logs and monitor for any active attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Which of the following are the MOST important criteria when selecting virus protection software?

Product market share and annualized cost

Ability to interface with intrusion detection system (IDS) software and firewalls

Alert notifications and impact assessments for new viruses

Ease of maintenance and frequency of updates

A

Ease of maintenance and frequency of updates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Which of the following is the MOST serious exposure of automatically updating virus signature files on every desktop each Friday at 11:00 p.m. (23:00 hrs.)?

Most new viruses’ signatures are identified over weekends

Technical personnel are not available to support the operation

Systems are vulnerable to new viruses during the intervening week

The update’s success or failure is not known until Monday

A

Systems are vulnerable to new viruses during the intervening week

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

When performing a business impact analysis (BIA), which of the following should calculate the recovery time and cost estimates?

Business continuity coordinator

Information security manager

Business process owners

Industry averages benchmarks

A

Business process owners

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Which of the following is MOST closely associated with a business continuity program?

Confirming that detailed technical recovery plans exist

Periodically testing network redundancy

Updating the hot site equipment configuration every quarter

Developing recovery time objectives (RTOs) for critical functions

A

Developing recovery time objectives (RTOs) for critical functions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Which of the following application systems should have the shortest recovery time objective (RTO)?

Contractor payroll

Change management

E-commerce web site

Fixed asset system

A

E-commerce web site

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

A computer incident response team (CIRT) manual should PRIMARILY contain which of the following documents?

Risk assessment results

Severity criteria

Emergency call tree directory

Table of critical backup files

A

Severity criteria

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

The PRIMARY purpose of performing an internal attack and penetration test as part of an incident response program is to identify:

weaknesses in network and server security.

ways to improve the incident response process.

potential attack vectors on the network perimeter.

the optimum response to internal hacker attacks.

A

weaknesses in network and server security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Which of the following would represent a violation of the chain of custody when a backup tape has been identified as evidence in a fraud investigation? The tape was:

removed into the custody of law enforcement investigators.

kept in the tape library pending further analysis.

sealed in a signed envelope and locked in a safe under dual control.

handed over to authorized independent investigators.

A

kept in the tape library pending further analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

When properly tested, which of the following would MOST effectively support an information security manager in handling a security breach?

Business continuity plan

Disaster recovery plan

Incident response plan

Vulnerability management plan

A

Incident response plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Isolation and containment measures for a compromised computer have been taken and information security management is now investigating. What is the MOST appropriate next step?

Run a forensics tool on the machine to gather evidence

Reboot the machine to break remote connections

Make a copy of the whole system’s memory

Document current connections and open Transmission Control Protocol/User Datagram Protocol (TCP/ UDP) ports

A

Make a copy of the whole system’s memory

36
Q

Why is “slack space” of value to an information security manager as part of an incident investigation?

Hidden data may be stored there

The slack space contains login information

Slack space is encrypted

It provides flexible space for the investigation

A

Hidden data may be stored there

37
Q

What is the PRIMARY objective of a post-event review in incident response?

Adjust budget provisioning

Preserve forensic data

Improve the response process

Ensure the incident is fully documented

A

Improve the response process

38
Q

Detailed business continuity plans should be based PRIMARILY on:

consideration of different alternatives.

the solution that is least expensive.

strategies that cover all applications.

strategies validated by senior management.

A

strategies validated by senior management.

39
Q

A web server in a financial institution that has been compromised using a super-user account has been isolated, and proper forensic processes have been followed. The next step should be to:

rebuild the server from the last verified backup.

place the web server in quarantine.

shut down the server in an organized manner.

rebuild the server with original media and relevant patches.

A

rebuild the server with original media and relevant patches.

40
Q

Evidence from a compromised server has to be acquired for a forensic investigation. What would be the BEST source?

A bit-level copy of all hard drive data

The last verified backup stored offsite

Data from volatile memory

Backup servers

A

A bit-level copy of all hard drive data

41
Q

In the course of responding to an information security incident, the BEST way to treat evidence for possible legal action is defined by:

international standards.

local regulations.

generally accepted best practices.

organizational security policies.

A

local regulations.

42
Q

Emergency actions are taken at the early stage of a disaster with the purpose of preventing injuries or loss of life and:

determining the extent of property damage.

preserving environmental conditions.

ensuring orderly plan activation.

reducing the extent of operational damage.

A

reducing the extent of operational damage.

43
Q

Which of the following actions should lake place immediately after a security breach is reported to an information security manager?

Confirm the incident

Determine impact

Notify affected stakeholders

Isolate the incident

A

Confirm the incident

44
Q

When designing the technical solution for a disaster recovery site, the PRIMARY factor that should be taken into consideration is the:

services delivery objective.

recovery time objective (RTO).

recovery window.

maximum tolerable outage (MTO).

A

recovery window.

45
Q

In designing a backup strategy that will be consistent with a disaster recovery strategy, the PRIMARY factor to be taken into account will be the:

volume of sensitive data.

recovery point objective (RPO).

recovery time objective (RTO).

interruption window.

A

recovery point objective (RPO).

46
Q

An intrusion detection system (IDS) should:

  • run continuously
  • ignore anomalies
  • require a stable, rarely changed environment
  • be located on the network
A

run continuously

47
Q

The PRIORITY action to be taken when a server is infected with a virus is to:

isolate the infected server(s) from the network.

identify all potential damage caused by the infection.

ensure that the virus database files are current.

establish security weaknesses in the firewall.

A

isolate the infected server(s) from the network.

48
Q

Which of the following provides the BEST confirmation that the business continuity/disaster recovery plan objectives have been achieved?

The recovery time objective (RTO) was not exceeded during testing

Objective testing of the business continuity/disaster recovery plan has been carried out consistently

The recovery point objective (RPO) was proved inadequate by disaster recovery plan testing

Information assets have been valued and assigned to owners per the business continuity plan, disaster recovery plan

A

The recovery time objective (RTO) was not exceeded during testing

49
Q

Which of the following situations would be the MOST concern to a security manager?

Audit logs are not enabled on a production server

The logon ID for a terminated systems analyst still exists on the system

The help desk has received numerous results of users receiving phishing e-mails

A Trojan was found to be installed on a system administrator’s laptop

A

A Trojan was found to be installed on a system administrator’s laptop

50
Q

A customer credit card database has been breached by hackers. The FIRST step in dealing with this attack should be to:

confirm the incident.

notify senior management.

start containment.

notify law enforcement.

A

confirm the incident.

51
Q

A root kit was used to capture detailed accounts receivable information. To ensure admissibility of evidence from a legal standpoint, once the incident was identified and the server isolated, the next step should be to:

document how the attack occurred.

notify law enforcement.

take an image copy of the media.

close the accounts receivable system.

A

take an image copy of the media.

52
Q

When collecting evidence for forensic analysis, it is important to:

ensure the assignment of qualified personnel.

request the IT department do an image copy.

disconnect from the network and isolate the affected devices.

ensure law enforcement personnel are present before the forensic analysis commences.

A

ensure the assignment of qualified personnel.

53
Q

What is the BEST method for mitigating against network denial of service (DoS) attacks?

Ensure all servers are up-to-date on OS patches

Employ packet filtering to drop suspect packets

Implement network address translation to make internal addresses non-routable

Implement load balancing for Internet facing devices

A

Employ packet filtering to drop suspect packets

54
Q

To justify the establishment of an incident management team, an information security manager would find which of the following to be the MOST effective?

Assessment of business impact of past incidents

Need of an independent review of incident causes

Need for constant improvement on the security level

Possible business benefits from incident impact reduction

A

Possible business benefits from incident impact reduction

55
Q

A database was compromised by guessing the password for a shared administrative account and confidential customer information was stolen. The information security manager was able to detect this breach by analyzing which of the following?

Invalid logon attempts

Write access violations

Concurrent logons

Firewall logs

A

Invalid logon attempts

56
Q

Which of the following is an example of a corrective control?

Diverting incoming traffic upon responding to the denial of service (DoS) attack

Filtering network traffic before entering an internal network from outside

Examining inbound network traffic for viruses

Logging inbound network traffic

A

Diverting incoming traffic upon responding to the denial of service (DoS) attack

57
Q

To determine how a security breach occurred on the corporate network, a security manager looks at the logs of various devices. Which of the following BEST facilitates the correlation and review of these logs?

Database server

Domain name server (DNS)

Time server

Proxy server

A

Time server

58
Q

An organization has been experiencing a number of network-based security attacks that all appear to originate internally. The BEST course of action is to:

require the use of strong passwords.

assign static IP addresses.

implement centralized logging software.

install an intrusion detection system (IDS).

A

install an intrusion detection system (IDS),

59
Q

A serious vulnerability is reported in the firewall software used by an organization. Which of the following should be the immediate action of the information security manager?

Ensure that all OS patches are up-to-date

Block inbound traffic until a suitable solution is found

Obtain guidance from the firewall manufacturer

Commission a penetration test

A

Obtain guidance from the firewall manufacturer

60
Q

An organization keeps backup tapes of its servers at a warm site. To ensure that the tapes are properly maintained and usable during a system crash, the MOST appropriate measure the organization should perform is to:

use the test equipment in the warm site facility to read the tapes.

retrieve the tapes from the warm site and test them.

have duplicate equipment available at the warm site.

inspect the facility and inventory the tapes on a quarterly basis.

A

retrieve the tapes from the warm site and test them.

61
Q

Which of the following processes is critical for deciding prioritization of actions in a business continuity plan?

Business impact analysis (BIA)

Risk assessment

Vulnerability assessment

Business process mapping

A

Business impact analysis (BIA)

62
Q

In addition to backup data, which of the following is the MOST important to store offsite in the event of a disaster?

Copies of critical contracts and service level agreements (SLAs)

Copies of the business continuity plan

Key software escrow agreements for the purchased systems

List of emergency numbers of service providers

A

Copies of the business continuity plan

63
Q

An organization has learned of a security breach at another company that utilizes similar technology. The FIRST thing the information security manager should do is:

assess the likelihood of incidents from the reported cause.

discontinue the use of the vulnerable technology.

report to senior management that the organization is not affected.

remind staff that no similar security breaches have taken place.

A

assess the likelihood of incidents from the reported cause.

64
Q

Which of the following is the MOST important consideration for an organization interacting with the media during a disaster?

Communicating specially drafted messages by an authorized person

Refusing to comment until recovery

Referring the media to the authorities

Reporting the losses and recovery strategy to the media

A

Communicating specially drafted messages by an authorized person

65
Q

During the security review of organizational servers it was found that a file server containing confidential human resources (HR) data was accessible to all user IDs. As a FIRST step, the security manager should:

copy sample files as evidence.

remove access privileges to the folder containing the data.

report this situation to the data owner.

train the HR team on properly controlling file permissions.

A

report this situation to the data owner.

66
Q

If an organization considers taking legal action on a security incident, the information security manager should focus PRIMARILY on:

obtaining evidence as soon as possible.

preserving the integrity of the evidence.

disconnecting all IT equipment involved.

reconstructing the sequence of events.

A

preserving the integrity of the evidence.

67
Q

Which of the following has the highest priority when defining an emergency response plan?

Critical data

Critical infrastructure

Safety of personnel

Vital records

A

Safety of personnel

68
Q

The PRIMARY purpose of involving third-party teams for carrying out post event reviews of information security incidents is to:

enable independent and objective review of the root cause of the incidents.

obtain support for enhancing the expertise of the third-party teams.

identify lessons learned for further improving the information security management process.

obtain better buy-in for the information security program.

A

enable independent and objective review of the root cause of the incidents.

69
Q

The MOST important objective of a post incident review is to:

capture lessons learned to improve the process.

develop a process for continuous improvement.

develop a business case for the security program budget.

identify new incident management tools.

A

capture lessons learned to improve the process.

70
Q

Which of the following is the BEST mechanism to determine the effectiveness of the incident response process?

Incident response metrics

Periodic auditing of the incident response process

Action recording and review

Post incident review

A

Post incident review

71
Q

The FIRST step in an incident response plan is to:

notify the appropriate individuals.

contain the effects of the incident to limit damage.

develop response strategies for systematic attacks.

validate the incident.

A

validate the incident.

72
Q

An organization has verified that its customer information was recently exposed. Which of the following is the FIRST step a security manager should take in this situation?

Inform senior management.

Determine the extent of the compromise.

Report the incident to the authorities.

Communicate with the affected customers

A

Determine the extent of the compromise.

73
Q

The PRIMARY consideration when defining recovery time objectives (RTOs) for information assets is:

regulatory requirements.

business requirements.

financial value.

IT resource availability.

A

business requirements.

74
Q

What task should be performed once a security incident has been verified:

Identify the incident.

Contain the incident.

Determine the root cause of the incident.

Perform a vulnerability assessment.

A

Contain the incident.

75
Q

An information security manager believes that a network file server was compromised by a hacker. Which of the following should be the FIRST action taken?

Ensure that critical data on the server are backed up.

Shut down the compromised server.

Initiate the incident response process.

Shut down the network.

A

Initiate the incident response process.

76
Q

An unauthorized user gained access to a merchant’s database server and customer credit card information. Which of the following would be the FIRST step to preserve and protect unauthorized intrusion activities?

Shut down and power off the server.

Duplicate the hard disk of the server immediately.

Isolate the server from the network.

Copy the database log file to a protected server.

A

Isolate the server from the network.

77
Q

Which of the following would be a MAJOR consideration for an organization defining its business continuity plan (BCP) or disaster recovery program (DRP)?

Setting up a backup site

Maintaining redundant systems

Aligning with recovery time objectives (RTOs)

Data backup frequency

A

Aligning with recovery time objectives (RTOs)

78
Q

Which of the following would be MOST appropriate for collecting and preserving evidence?

Encrypted hard drives

Generic audit software

Proven forensic processes

Log correlation software

A

Proven forensic processes

79
Q

Of the following, which is the MOST important aspect of forensic investigations?

The independence of the investigator

Timely intervention

Identifying the perpetrator

Chain of custody

A

Chain of custody

80
Q

In the course of examining a computer system for forensic evidence, data on the suspect media were inadvertently altered. Which of the following should have been the FIRST course of action in the investigative process?

Perform a backup of the suspect media to new media.

Perform a bit-by-bit image of the original media source onto new media.

Make a copy of all files that are relevant to the investigation.

Run an error-checking program on all logical drives to ensure that there are no disk errors.

A

Perform a bit-by-bit image of the original media source onto new media.

81
Q

Which of the following recovery strategies has the GREATEST chance of failure?

Hot site

Redundant site

Reciprocal arrangement

Cold site

A

Reciprocal arrangement

82
Q

Recovery point objectives (RPOs) can be used to determine which of the following?

Maximum tolerable period of data loss

Maximum tolerable downtime

Baseline for operational resiliency

Time to restore backups

A

Maximum tolerable period of data loss

83
Q

Which of the following disaster recovery testing techniques is the MOST cost-effective way to determine the effectiveness of the plan?

Preparedness tests

Paper tests

Full operational tests

Actual service disruption

A

Preparedness tests

84
Q

When electronically stored information is requested during a fraud investigation, which of the following should be the FIRST priority?

Assigning responsibility for acquiring the data

Locating the data and preserving the integrity of the data

Creating a forensically sound image

Issuing a litigation hold to all affected parties

A

Locating the data and preserving the integrity of the data

85
Q

When creating a forensic image of a hard drive, which of the following should be the FIRST step?

Identify a recognized forensics software tool to create the image.

Establish a chain of custody log.

Connect the hard drive to a write blocker.

Generate a cryptographic hash of the hard drive contents.

A

Establish a chain of custody log.

86
Q
A

CISM Study Questions B (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions