Information Security

Question 1

Intangible assets are….?

Answer 1

Assets with no physical presence: information, credibility, brand, and reputation.

Question 2

Information Security threat categories include…?

Answer 2

• Intentional
• Natural
• Inadvertent
• Data mining
• Insiders
• Counterfeiting and Piracy

Question 3

OPSEC has 5 cyclical steps:

Answer 3

1) Identify assets (critical information);
2) Define the threat ( collectors, capabilities, motivations);
3) Assess vulnerabilities;
4) Analyze the risk - it’s impact, priority, and any existing countermeasures; and
5) develop and implement countermeasures

Question 4

What is Cryptoware?

Answer 4

Also known as crypto-ransomware, it is a type of harmful program that encrypts files stored on a computer or mobile divide in order to extort money.

Question 5

What are four levels of information classification?

Answer 5

Highly restricted….restricted….internal use and unrestricted.

Question 6

What are three key steps to take after an information loss?

Answer 6

Investigation, damage assessment and recovery and follow-up.

Question 7

What are technical surveillance countermeasures (TSCM)?

Answer 7

Services, equipment, and techniques designed to locate, identify and neutralize technical surveillance activities.

Question 8

The strategies used to safeguard information assets typically include what three components?

Answer 8

Security measures, legal protections and management practices.

Question 9

Informational assets can take what physical forms?

Answer 9

Prototypes and models; manufacturing processes and equipment.

Question 10

What are five business impacts of an information asset loss event?

Answer 10

Loss of company reputation/image/goodwill;
- Loss of competitive advantage in one …..or in multiple …..products/services;
- reduced projected returns or profitability
- loss of core business technology or process

Question 11

What is data mining?

Answer 11

Software driven collection of open-source data and public information.

Question 12

What is proprietary information?

Answer 12

Information of value, owned by an entity or entrusted to it, which has not been disclosed publicly.

Question 13

Inappropriate links to unprotected networks, improper system configuration, or unpatched workstations are examples of..?

Answer 13

Vulnerability in the information systems infrastructure.

Question 14

Which five information security systems (ISS) issues can also weaken physical security in a converged system?

Answer 14

Denial of services,
Insertion of incorrect data
Data theft
Data modification and
Data destruction

Question 15

What is the best way to evaluate the current status of information security programs in your organization?

Answer 15

Conduct surveys

Question 16

What are examples of inadvertent threats?

Answer 16

Inadequate employee training, misunderstandings and lack of attention to detail

Question 17

Gramm-Leach-Bliley Act?

Answer 17

Requires financial institutions and companies that offer consumer financial products or services to explain their information sharing practices to their customers and to safeguard sensitive data.

Question 18

Data breach laws put the onus of data protection on?

Answer 18

The organizations and agencies that house and use that information.

Question 19

What is the security model that requires strict ID verification for every person and device trying to access resources on a network?

Answer 19

Zero trust.

Question 20

How do information systems security professionals mitigate risk?

Answer 20

Through the development of an information Security Management System (ISMS).

Question 21

Who is in charge of deciding to pay a hacker’s ransom?

Answer 21

Stakeholders in the business.

Question 22

What are the business impacts of a loss event?

Answer 22

• loss of use
• loss of ownership
• loss of intellectual property rights
• loss of proprietary information or prototypes that could facilitate product counterfeiting.

Question 23

There are no criminal laws regarding?

Answer 23

Patent infringement

Question 24

An information assets protection (IAP) program focuses on?

Answer 24

IAP programs focus holistically on the security of information assets - including all aspects of protection….not just technology.

Question 25

What does an information systems security (ISS) program focus on?

Answer 25

An ISS focuses on the security of information technology….for example….systems, networks, applications and the interaction between those technology components and end users. The objective of an ISS is to prudently and cost-effectively manage the risk where critical organizational information could be: compromised, changed without authorization or become unavailable.

Question 26

Six ISS terms include? pg 262 in study guide

Answer 26

• information systems threat
• information systems vulnerability
• information systems risk
• information systems countermeasures
• residual threat risk
• Residual risk

Question 27

Cyclical redundancy check (CRC)?

Answer 27

A tool for maintaining information integrity; it shows whether data has been altered.

Question 28

Three classifications of information systems countermeasures?

Answer 28

• Administrative controls
• technical controls; and
• Physical controls

Question 29

The ISO/IEC 2700 family of standards does what?

Answer 29

Provides best practices for an ISMS and takes a risk-based approach to cybersecurity by addressing people, technology and processes.

Question 30

ISO 27001?

Answer 30

Discusses the concept of an information security management system and outlines information security management practices….policies, compliance, asset management….etc

Question 31

NIST 800 series?

Answer 31

Nat’l Institute of Standards and Technology developed a series of documents used by the federal gov’t for computer security policy, procedures and guidelines.

Question 32

CISSP?

Answer 32

Certified Information Systems Security Professional is a common body of knowledge developed to characterize the body of knowledge required for certification as an information system security professional. It organizes ISS into 8 domains (p. 269 study guide)

Question 33

HIPAA?

Answer 33

Health insurance portability and accountability act was one of the first significant attempts to adopt a standard of care for electronic transactions in the healthcare field.

Question 34

Red Flag Rules

Answer 34

The purpose of the program is the early detection and prevention of identity theft

Question 35

General Data Protection Regulation (GDPR)?

Answer 35

GDPR is a regulation in European Union (EU) law on data protection and privacy in the EU and the European Economic Area (EEA).

Question 36

EU - US Privacy Shield Framework

Answer 36

The GDPR requires data transfers can only happen to countries deemed as having adequate data protection laws - and the U.S. ain’t one of them. The privacy shield gets around that by deeming that certain companies have adequate protection .

Question 37

Factors in determining whether an employee should be disciplined include?

Answer 37

Whether misconduct happened:
- on or off work property
- during or after hours;
- whether the work represented himself as part of the organization

Question 38

Photogrammetry

Answer 38

Dimensions arrived at through photographic images

Question 39

Impressions include?

Answer 39

firearms,
tool marks,
bite impressions
……. and footprints

Question 40

NLRB vs. Weingarten, Inc.

Answer 40

1975….A union representative can be present at any investigative interview that may result in disciplinary action……if the worker requests one!!!!!

Question 41

The Nine steps of interrogation included in the Reid technique

Answer 41

• Positive confrontation;
• Theme development;
• Handling denials;
• Overcoming objections;
• Keeping a suspect’s attention;
• Handling a suspect’s passive mood
• Presenting an alternative question;
• Having the suspect relate details;
• converting an oral confession

Question 42

Types of investigative reports include?

Answer 42

• Initial’
• progress
• special, and
• final

Question 43

Typical elements of investigative reports include?

Answer 43

• Administrative’
• Summary
• Narrative
• Conclusions and
• enclosures

Question 44

The five basic steps of report writing include?

Answer 44

Gather, record and organize the facts
Write the report
Evaluate and edit the report

Question 45

Investigative report narratives should be?

Answer 45

Clear
Simple and
Brief

Question 46

There are two types of witnesses?

Answer 46

Fact and opinion

Question 47

What three factors influence jurors?

Answer 47

Personality
Culture and
Life experiences

Question 48

UC theft investigations require special care during the …?

Answer 48

Planning phase

Question 49

Cognitive consistency?

Answer 49

A phenomenon whereby employees breaking the law in one way will be attracted to the UC operative in trying to break the law in another way.

Question 50

Sting vs. Buy Bust operations?

Answer 50

Sting is generally longer, more complicated investigative effort

Question 51

Fraud

Answer 51

An intentional deception perpetrated for the purpose of unlawfully taking another’s property

Question 52

The size and scope of the investigative program is equal to the R…..and TC?

Answer 52

Resources and time commitment

Question 53

The intersection of investigations and security risk management is….?

Answer 53

Due diligence.
- Due diligence is backward looking and can be compared to negligence. It is the effort and steps taken to demonstrate due care.

Question 54

Due care?

Answer 54

Providing reasonable protection.

Question 55

Americans with Disabilities Act

Answer 55

Applies to employers with 15 or more workers

Question 56

Fair Credit Reporting Act (FCRA) requires?

Answer 56

1) Disclosure and
2) Written authorization

Insurance and criminal history. Credit history is not part of the FCRA because credit history is not public information

Question 57

EPPA

Answer 57

Employee polygraph protection act of 1988 prohibits the use of the polygraph for preemployment screening in private sector

Question 58

Floating point Strategy

Answer 58

An investigator continuously evaluates new information to update their hypothesis of the crime.

Question 59

What are the four force multiplier in investigations?

Answer 59

• Online information sources;
• liaisons’
• intelligence information; and
• technology

Question 60

What is the theft triangle?

Answer 60

Desire - need or want
Motive - rationalization
Opportunity

Question 61

The four formats for a confession?

Answer 61

• Statement written by the suspect;
• statement written by the investigator but read and signed by the suspect;
• Statement typed up but read and signed by the suspect;
• audio or video statement by the suspect

Question 62

What are the three forms of evidence?

Answer 62

Oral
Physical and
documentary

Question 63

What are the four ways hazards from a contaminated scene can enter the body?

Answer 63

• Inhale;
• ingest;
• inject; and
• skin contact

Question 64

Evidence can be defined as?

Answer 64

Any type of proof that is capable of proving or disproving a contention or fact

Question 65

Evidence is admissible when it is?

Answer 65

• Competent
• Relevant and
• Material

Question 66

Six factors affecting the type of evidence?

Answer 66

• Direct
• Indirect or circumstantial
• forensic
• hearsay
• admissibility of evidence
• materiality of evidence

Question 67

The private sector investigator is working towards a lower level of proof?

Answer 67

Civil court - uses the preponderance of evidence;

Criminal court - beyond a reasonable doubt

Question 68

The largest budget items for an investigative unit include?

Answer 68

Personnel and outside services

Question 69

The easiest budget item for an investigative unit to control is?

Answer 69

Overhead costs

Question 70

While some investigations call for a more creative problem solving approach…..background and incident investigations call for a…?

Answer 70

Methodical and systematic approach

Question 71

Embezzlement (defalcation)

Answer 71

Appropriation of property by a person to whom it has been entrusted. Cash disbursements are the most common form of workplace embezzlements…..so the accounts payable ledger should be looked at as it reflects dates and amounts paid to company suppliers

Question 72

Computer forensics vs. traditional forensics

Answer 72

Traditional - relies on objective results of a scientific examination;
Computer - is driven by information uncovered during the investigation

Question 73

Undercover vs. traditional investigations

Answer 73

The UC investigation is a form of interactive investigation that, by 1985, became and remains the preferred way to investigate drugs and theft in the workplace. The UC operative does not hide his presence nor attempt to operate unnoticed.

Question 74

Investigative reports should be written in?

Answer 74

The third person as a structured narrative. This eliminates rewrites and saves time and effort.

Question 75

Entrapment

Answer 75

Not a crime, but a criminal defense

Question 76

UN convention against corruption 2003?

Answer 76

Made whistleblower protection international law

Question 77

Federal Sentencing guidelines and Sarbanes-Oxley Act of 2002?

Answer 77

Require a non-retaliatory internal reporting system as part of compliance and ethics programs for all publicly traded companies