Chapter 9 - Legal Regulations, Investigations, & Compliance Flashcards Preview

My Notes of CISSP CBK > Chapter 9 - Legal Regulations, Investigations, & Compliance > Flashcards

Flashcards in Chapter 9 - Legal Regulations, Investigations, & Compliance Deck (121)
Loading flashcards...
1

Where does the greatest risk of cybercrime come from? A. Outsiders B. Nation-states C. Insiders D. Script kiddies

C. Insiders

2

What is the largest hindrance to fighting computer crime? A. Computer criminals are generally smarter than computer investigators B. Adequate funding to stay ahead of the computer criminals C. Activity associated with computer crime is truly international D. There are so many more computer criminals than investigators that it is impossible to keep up

C. Activity associated with computer crime is truly international

3

Computer forensics is the marriage of computer science, information technology, and engineering with ... A. Law B. Information Systems C. Analytical thought D. The scientific method

A. Law

4

What principal allows an investigator to identify aspects of the person responsible for a crime when, whenever committing a crime, the perpetrator leaves residual traces while stealing information? A. Meyer's principal of legal impunity B. Criminalistic principals C. IOCE/Group of 8 Nations prinicpals for computer forensics D. Locard's principle of exchange

D. Locard's principle of exchange

5

Which of the following is part of the 5 rules of evidence? A. Be authentic, be redundant, and be admissable B. Be complete, be authentic, and be admissable C. Be complete, be redundant, and be authentic D. Be redundant, be admissable, and be complete

B. Be complete, be authentic, and be admissable

6

What is not mentioned as a phase of an incident report? A. Documentation B. Prosecution C. Containment D. Investigation

B. Prosecution

7

Which best emphasizes the abstract concept of law and is influenced by the writings of legal scholars and academics? A. Criminal Law B. Civil Law C. Religious Law D. Administrative Law

B. Civil Law

8

Which type of intellectual property covers the expression of ideas rather than the ideas themselves? A. Trademark B. Patent C. Copyright D. Trade Secret

B. Copyright

9

Which type of intellectual property protects the goodwill a merchant or vendor invests in its products? A. Trademark B. Patent C. Copyright D. Trade Secret

A. Trademark

10

Which of the following are computer forensic guidelines? A. IOCE, MOM, SWGDE B. MOM, SWGDE and IOCE C. IOCE, SWGDE amd ACPO D. ACPO, MOM and IOCE

C. IOCE, SWGDE and ACPO

11

Which of the following are categories of software licensing? A. Freeware, Open Source, and Commercial B. Commercial, Academic, and Open Source C. Academic, Freeware and Open Source D. Freeware, Commercial and Academic

D. Freeware, Commercial, Academic

12

What are the rights and obligations of individuals and organizations with respect to the collection, use, retaintion, and disclosure of personal information BEST related to? A. Privacy B. Secrecy C. Availability D. Reliability

A. Privacy

13

Triage encompasses which of the following incident response subphases? A. Collection, transport, testimony B. Tracebacl, feedback, loopback C. Detection, identification, notification D. Confidentiality, itegrity, availabiliyt

C. Detection, identification, notification

14

The integrity of a forensic bit stream image is determined by: A. Comapring hash totals to the original source B. Keeping good notes C. Taking pictures D. Encrypted keys

A. Comparing hash totals to the original source

15

When dealing with digital evidence,the crime scene A. Must never be altered B. Must be completely reproducible in a court of law C. Must exist only in one country D. Must have the least amount of contamination that is possible

D. Must have the least amount of contamination as possible

16

When outsourcing IT systems A. All regulatory and compliance requirements must be passed on to the provider B. the outsourcing organization is free from compliance obligations C. the outsourced IT systems are free from from compliance obligations D. the provider is free from compliance obligations

A. All regulatory and compliance requirements must be passed on to the provider

17

The (ISC)2 code of ethics resolves conflicts between canons by A. there can never be conflicts between canons B. working through adjudication C. the order of the canons D. vetting all canon conflicts through the coard of directors

C. the order of the canons

18

When dealing with digital evidence, the crime scene A. Must never be altered B. Must be completely reproducible in a court of law C. Must exist only in one country D. Must have the least amount of contamination that is possible

D. Must have the least amount of contamination as possible

19

To ensure proper forensics action when needed, - an incident response progam should ... A. Avoid conflicts of interests by ensuring organization legal council is not part of the process B. Routinely create forensic images of all desktops and servers C. Only promote dlosed incidents to law enforcement D. Treat every incident a though it may be a crime

D.Treat every incident as though it may be a crime

20

A hard drive is recovered from a submerged vehicle. The drive is needed for a court case. What is the best approach to pull information off the drive? A. Wait for the drive to dry and then install it is a desktop and attemp to retrieve the information via normal operating system commands B. Place the drive in a forensic oven to dry it and then use a degausser to remove any residual humidity prior to installing the drive in a laptop and using the OS to pull off the information C. While the drive is still wet use a forensic bit to bit copy program to ensure the drive is preserved in its "native" state D. Contact a professional data recovery organization, explain the situation and request they pull a forensic image

D. Contact a professional data recovery organization, explain the situation and request they pull a forensic image

21

Common Law

Based on legal precedents, past decisions, an societal traditions - judges not actively involved in the determination of facts - common law now relies on statutes and regulations: Crimimal, Tort and Administrative. Criminal - harmful to public; tort - against individual or business (origin - criminal law); administrative - artifact of Anglo-American common law lega system = governance of public bodies - proper scope

22

Civil Law

Roman Empire, Napolean-Code of France 1804-thought to be a codification of law, reliance on legislation over jurisprudence - this is not accurate in all places. Emphasizes abstract concepts, influenced by writings legal scholars and academics, judges distinct from lawyers and play a more active role.

23

Customary Law

Reflect's scoeity's norms and values

24

Religious Law

Discover truth of law

25

Mixed Law

Convergence of two or more legal systems

26

Liability

Legally responsible - negligence is acting without care or failure to act as a reasonable person

27

Computer Crime

As a tool, as a target (viruses, digital identity theft, computer hacking), or incidental. Greatest risk comes from the inside.

28

Council of Europe (COE) Convention on Cyber crime -

Attempt to respond to criminal behaviors, 30 countries - laws against child porn, ability to prosecute cybercrime, provide international cooperation.

29

Licensing & Intellectual Property

Laws - protect tangible and intangible items.

30

Industrial property

Inventions, trademarks, industrial designs and geographic indications of source