Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP > Legal, Regulations, Investigations and Compliance > Flashcards

Legal, Regulations, Investigations and Compliance Flashcards

1
Q

Breach of data security

A

attackers alter or compromise the static data store on computers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

breach of physical security

A

attackers intercept communications lines and listen to sensitive conversation or gain access to documents in the trash.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

breach of communication security

A

attackers use malicious code to crack the integrity and confidentiality of digitally transmitted information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

breach of operations security

A

attackers compromise day to day processes or procedures through methods such as IP spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

breach of personnel security

A

attackers gain information from company employees

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Covers individual and business rights and obligations under the law.

A

torte law

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Combines aspects of two or more legal systems

A

mixed law

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

derives from the broad legal principals and the interpretation of doctrinal writings

A

civil law

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Regulates organizations and their employees using a system of punishment

A

administrative law

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Responsible for maintaining peace and order among a population

A

criminal law

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

covers all aspect of social and spiritual behavior within society.

A

religious law

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

4 categories of computer crimes

A

computer as the target
computer as the instrument
computer as incidental to other crimes
crimes associated with the prevalence of computers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Computer as the target category

A

involve sabotage of computers and networks

stealing information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Computer as the instrument category

A

computer used as a means to create chaos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

computer as incidental to other crimes category

A

computers aren’t essential for the crimes, just facilitate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

crimes associated with the prevalence of computers

A

software piracy

stealing computer equipment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Breach of physical security

A

involves a breach in the actual hardware that makes up the system, network, or building
dumpster diving
wiretapping
shoulder surfing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

breach of personnel security

A

attackers trick employees

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

breach of communications security

A 
unauthorized people use digital communication lines to compromise the integrity and confidentiality of information transmitted between authorized parties.
trap doors
tunneling
timing
virus/worm/trojan
salami
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

salami attack

A

attacker takes a small amount of money from a large quantity of individuals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

breach of data security

A

attackers alter or compromise the static data stored on computers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

breach of operations security

A 
attackers take advantage of day to day processes or procedures
IP spoofing
password sniffing
scanning
excess privileges
data diddling
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Data diddling

A

an attacker alters data either when it is entered or soon after the data is processed by the application and is ready for output.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

civil law

A

basis of legal system in Europe
based on Roman law
derives from broad legal principles and the interpretation of doctrinal writings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

common law

A

depends on judicial decisions that were based on tradition, custom, and precedent.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Criminal codes dealing with computer crimes

A

18 USC 1029
18 USC 1362
18 USC 2510
18 USC 3121

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Laws dealing with privacy

A

Federal Privacy Act
HIPPA
Gramm-Leach-Bliley

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

direct evidence

A

eyewitness statement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

demonstrative evidence

A

chart used to explain a concept to a jury

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

documentary evidence

A

printed transcripts of telephone conversations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

real evidence

A

perishable object capable of reproduction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

5 evidence life cycle stages

A 
collection and identification
analysis
storage, preservation, and transportation
court presentation
return to owner
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

definition of due care

A

an organization takes all reasonable steps to protect against security breaches

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

definition of due diligence

A

an organization properly investigates possible weaknesses and vulnerabilities

35
Q 
Where does the greatest risk of cybercrime come from?
A. outsiders
B. nation-states
C. insiders
D. script kiddies
A

C. insiders

36
Q

What is the largest hindrance to fighting computer crime?
A. computer criminals are generally smarter than computer investigators
B. adequate funding to stay ahead of the computer criminals.
C. activity associated with computer crime is truly international
D. there are so many more computer criminals than investigators that it is impossible to keep up.

A

C. activity associated with computer crime is truly international

37
Q 
Computer forensics is the marriage of computer science, information technology, and engineering with
A. Law
B. Information Systems
C. analytical thought
D. scientific method
A

A. Law

38
Q

What principal allows an investigator to identify aspects of the person responsible for a crime when, whenever committing a crime, the perpetrator leaves traces while stealing assets?
A. meyer’s principal of legal impunity
B. criminalistic principals
C. IOCE/Group of 8 nations principals for computer forensics.
D. Locard’s principle of exchange

A

D. Locard’s principle of exchange

39
Q

Which of the following is part of the five rules of evidence?
A. be authentic, be redundant, be admissible
B. be complete, be authentic, and be admissible
C. be complete, be redundant, and be authentic
D. be redundant, be admissible, and be complete

A

B. be complete, be authentic, and be admissible

40
Q 
What is not mentioned as a phase of an incident response?
A. documentation
B. prosecution
C. containment
D. investigation
A

B. prosecution

41
Q 
Which best emphasizes the abstract concepts of law and is influenced by the writings of legal scholars and academics.
A. criminal law
B. civil law
C. religious law
D. administrative law
A

B. civil law

42
Q 
Which type of intellectual property cover the expression of ideas than the ideas themselves?
A. trademark
B. patent
C. copyright
D. trade secret
A

C. copyright

43
Q 
Which type of intellectual property protects the goodwill a merchant or vendor invests in its products?
A. trademark
B. patent
C. copyright
D. trade secret
A

A. trademark

44
Q 
Which of the following are computer forensics guidelines?
A. IOCE, MOM, SWGDE
B. MOM, SWGDE, IOCE
C. IOCE, SWGDE, ACPO
D. ACPO, MOM, IOCE
A

C. IOCE, SWGDE, ACPO

45
Q 
Which of the following are categories of software licensing?
A. freeware, open source, commercial
B. commercial, academic, open source
C. academic, freeware, open source
D. freeware, commercial, academic
A

D. freeware, commercial, academic

46
Q 
What are the rights and obligations of individuals and organizations with respect to the collection, use, retention, and disclosure of personal information best related to?
A. privacy
B. secrecy
C. availability
D. reliability
A

A. privacy

47
Q

triage encompasses which of the following incident response subphases?
A. collection, transport, testimony
B. traceback, feedback, loopback
C. detection, identification, notification
D. confidentiality, integrity, availability

A

C. detection, identification, notification

48
Q

The integrity of a forensic bit stream image is determined by
A. comparing hash totals to the original source
B. keeping good notes
C. taking pictures
D. encrypting keys

A

A. comparing hash totals to the original source

49
Q

When dealing with digital evidence, the crime scene
A. must never be altered
B. must be completely reproducible in a court of law
C. must exist in only one country
D. must have the least amount of contamination that is possible.

A

D. must have the least amount of contamination that is possible.

50
Q

When outsourcing IT systems
A. all regulatory and compliance requirements must be passed on to the provider
B. the outsourcing organization is free from compliance obligations
C. the outsourced IT systems are free from compliance obligations
D. the provider is free from compliance obligations

A

A. all regulatory and compliance requirements must be passed on to the provider

51
Q

The ISC2 code of ethics resolves conflicts between canons by
A. there can never be conflicts between canons
B. working through adjudication
C. the order of the canons
D. vetting all canon conflicts through the board of directors

A

C. the order of the canons

52
Q

When dealing with digital evidence, the chain of custody
A. must never be altered
B. must be completely reproducible in a court of law
C. must exist in only one country
D. must follow a formal documented process

A

D. must follow a formal documented process

53
Q

To ensure proper forensics action when needed, an incident response program must
A. avoid conflicts of interest by ensuring organization legal council is not part of the process
B. routinely create forensic images of all desktops and servers
C. only promote closed incidents to law enforcement
D. treat every incident as though it may be a crime

A

D. treat every incident as though it may be a crime

54
Q

A hard drive is recovered from a submerged vehicle. The drive is needed for a court case. What is the best approach to pull information off the drive.
A. wait for the drive to dry and then install it in a desktop and attempt to retrieve the information via normal operating system commands.
B. place the drive in a forensic oven to dry it and then use a degausser to remove any residual humidity prior to installing the drive in a laptop and using the OS to pull off information.
C. While the drive is still wet, use a forensic bit to bit copy program to ensure the drive is preserved in its native state.
D. Contact a professional data recovery organization, explain the situation and request they pull a forensic image.

A

D. Contact a professional data recovery organization, explain the situation and request they pull a forensic image.

55
Q

Which organization has been developed to deal with economic, social, and governance issues, and how sensitive data is transported over borders?
A. European Union
B. Council of Europe
C. Safe Harbor
D. Organization for Economic Cooperation and Development.

A

D. Organization for Economic Cooperation and Development.

56
Q

Different countries have different legal systems. Which of the following correctly describes customary law?
A. Not many countries work under this law purely. Most instead use a mixed system where this law, which deals mainly with personal conduct and patterns of behavior is an integrated component.
B. It is a rule-based law focused on codified law
C. Based on previous interpretations of laws, this system reflects the community’s morals and expectations.

A

A. Not many countries work under this law purely. Most instead use a mixed system where this law, which deals mainly with personal conduct and patterns of behavior is an integrated component.

57
Q 
Widgets Inc wishes to protect its logo from unauthorized use.  Which of the following will protect the logo and ensure that others cannot copy and use it?
A. Patent
B. Copyright
C. Trademark
D. Trade Secret
A

C. Trademark

58
Q 
There are 4 categories of software licensing.  Which of the following refers to software sold a reduced cost?
A. Shareware
B. Academic software
C. Freeware
D. Commercial software
A

B. Academic software

59
Q

There are different types of approaches to regulations. Which of the following is an example of self-regulation?
A. The Health Insurance Portability and Accountability Act.
B. Sarbanes-Oxley
C. Computer fraud and abuse act
D. PCI data security standard

A

D. PCI data security standard

60
Q 
Which of the following means that a company did all it could have reasonably done to prevent a security breach?
A. Downstream liability
B. Responsibility
C. Due diligence
D. Due Care
A

D. Due Care

61
Q

There are 3 different types of incident response teams. Which of the following correctly describes a virtual team?
A. It consists of experts who have other duties within the organization.
B. It can be cost prohibitive to smaller organizations.
C. It is a hybrid model.
D. Core members are permanently assigned to the team.

A

A. It consists of experts who have other duties within the organization

62
Q

A suspected crime has been reported within your organization. Which of the following steps should the incident response team take first?
A. Establish a procedure for responding to the incident.
B. Call in forensics experts.
C. Determine that a crime has been committed.
D. Notify senior management.

A

C. Determine that a crime has been committed.

63
Q 
During an incident response, what stage involves mitigating the damage caused by an incident?
A. Investigation
B. Containment
C. Triage
D. Analysis
A

B. Containment

64
Q

Which of the following is a correct statement regarding computer forensics?
A. It is the study of computer technology
B. It is a set of hardware-specific processes that must be followed in order for evidence to be admissible in a court of law.
C. It encompasses network and code analysis, and may be referred to as electronic data discovery.
D. Computer forensics responsibilities should be assigned to a network administrator before an incident occurs.

A

C. It encompasses network and code analysis, and may be referred to as electronic data discovery.

65
Q 
Which of the following dictates that all evidence be labeled with information indicating who secured and validated it?
A. Chain of custody
B. Due Care
C. Investigation
D. Motive, Opportunity, and Means
A

A. Chain of custody

66
Q 
There are several categories of evidence.  How is a witness'es oral testimony categories?
A. Best evidence
B. Secondary evidence
C. Circumstantial evidence
D. Conclusive evidence
A

B. Secondary evidence

67
Q 
For evidence to be legally admissible, it must be authentic, complete, sufficient, and reliable.  Which characteristic refers to the evidence having a reasonable and sensible relationship to the findings?
A. Complete
B. Reliable
C. Authentic
D. Sufficient
A

C. Authentic

68
Q

Which of the following best describes exigent circumstances?
A. The methods used to capture a suspect’s actions are neither legal nor ethical.
B. Enticement is used to capture a suspect’s actions
C. Hacking does not actually hurt anyone
D. The seizure of evidence by law enforcement because there is concern that a suspect will attempt to destroy it.

A

D. The seizure of evidence by law enforcement because there is concern that a suspect will attempt to destroy it.

69
Q

What role does the Internet Architecture Board play regarding technology and ethics?
A. It creates criminal sentencing guidelines
B. It issues ethics-related statements concerning the use of the internet.
C. It edits Requests for Comment
D. It maintains ten commandments for ethical behavior

A

B. It issues ethics-related statements concerning the use of the internet.

70
Q 
Which of the following statements is not true of dumpster diving?
A. It is legal
B. It is unethical
C. It is illegal
D. It is a non-technical attack
A

C. It is illegal

71
Q 
Which of the following is a legal form of eavesdropping when performed with prior consent or a warrant?
A. Denial of Service
B. Dumpster Diving
C. Wiretapping
D. Data diddling
A

C. Wiretapping

72
Q 
What type of common law deals with violations committed by individuals against government laws, which are created to protect the public?
A. Criminal Law
B. Civil Law
C. Tort Law
D. Regulatory law
A

A. Criminal Law

73
Q 
During what stage of incident response is it determined if the source of the incident was internal or external, and how the offender penetrated and gained access to the asset?
A. Analysis
B. Containment
C. Tracking
D. Follow-up
A

C. Tracking

74
Q

Which of the following is not true of a forensics investigation?
A. The crime scene should be modified as necessary.
B. A file copy tool may not recover all data areas of the device that are necessary for investigation.
C. Contamination of the crime scene may not negate derived evidence, but it should still be documented.
D. Only individual with knowledge of basic crime scene analysis should have access to the crime scene.

A

A. The crime scene should be modified as necessary.

75
Q

Great care must be taken to capture clues from a computer or device during a forensics exercise. Which of the following does not correctly describe the efforts that should be taken to protect an image?
A. The original image should be hashed with MD5 or SHA-256.
B. Two time-stamps should be created
C. New media should be properly purged before images are created on them.
D. Some systems must be imaged while they are running.

A

D. Some systems must be imaged while they are running.

76
Q 
Which of the following attacks can be best prevented by limiting the amount of electrical signals emitted from a computer system?
A. Salami
B. Emanations capturing
C. Password sniffing
D. IP spoofing
A

B. Emanations capturing

77
Q

As a CISSP candidate, you must sign a code of ethics. Which of the following is from the ISC2 code of ethics for the CISSP?
A. Information should be shared freely and openly; thus sharing confidential information should be ethical.
B. Think about the social consequences of the program you are writing or the system you are designing
C. Discourage unnecessary fear or doubt
D. Do not participate in internet wide experiments in a negligent manner.

A

C. Discourage unnecessary fear or doubt

78
Q 
What concept states that a criminal leaves something behind and takes something with them?
A. Modus operandi
B. Profiling
C. Locard's principal of exchange
D. Motive, opportunity, and means
A

C. Locard’s principal of exchange

79
Q

Which of the following was the first international treaty seeking to address computer crimes by coordinating national laws and improving investigative techniques and international cooperation?
A. Council of Global Convention on Cybercrime
B. Council of European Convention on Cybercrime
C. Organization for economic cooperation and development
D. Organization for cybercrime cooperation and development

A

B. Council of European Convention on Cybercrime

80
Q

Lee is a new security manager who is in charge of ensuring that his company complies with the European Union principles on privacy when his company is interacting with their European partners. The set of principles that deals with transmitting data considered private is encompassed within which of the following laws or regulation?
A. Data protection directive
B. Organization for economic cooperation and development
C. Federal private bill
D. Privacy protection law

A

A. Data protection directive

81
Q 
The common law system is broken down into which of the following categories?
A. common, civil, criminal
B. legislation, bills, regulatory
C. civil, criminal, regulatory
D. legislation, bills, civil
A

C. civil, criminal, regulatory

82
Q

Privacy is becoming more threatened as the world relies more and more on technology. There are several approaches to addressing privacy, including the generic approach and regulation by industry. Which of the following best describes these two approaches?
A. The generic approach is vertical enactment. Regulation by industry is horizontal enactment
B. The generic approach is horizontal enactment. Regulation by industry is vertical enactment
C. The generic approach is government enforced. Regulation by industry is self-enforced
D. The generic approach is self enforced. Regulation by industry is government enforced.

A

B. The generic approach is horizontal enactment. Regulation by industry is vertical enactment

83
Q

Which of the following best describes the organization that developed the best practices that Stephanie needs to ensure her company’s procedures map to?
A. Internet activities board
B. International organization on computer evidence
C. Department of defense forensics committee
D. International forensics standards board

A

B. International organization on computer evidence

84
Q 
Which of the following best describes what Stephanie needs to build for the deployment teams?
A. Local and remote imaging
B. Forensics field kit
C. Chain of custody procedures and tools
D. Digital evidence collection software
A

B. Forensics field kit

CISSP (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions