CIPPS-ISSMP / Book question Flashcards
(232 cards)
1
Q
Which best fits an organizations mission statement:
A. Are non-technical in nature, so ISSMPs do not have to understand them.
B. Are quickly put together by senior management.
C. Provide everyone in the organization overall direction and focus for their activities.
D. Are very specific and provide specific goals and objectives.
A
C. Provide everyone in the organization overall direction and focus for their activities.
2
Q
Which types of organizations need to have a formally documented mission statement?
A. Commerical enterprises
B. Non-Profit organizations.
C. Government agencies
D. All the above.
A
D. All of the above.
3
Q
Deploying internet security solutions that are acceptable by clients require knowing the clients?
A. Expections & Location
B. Locatoin & Technical knowledge
C. System Capabilities & expectations
D. Expectations & technical knowledge.
A
C. System Capabilities and Expectations
4
Q
All organization security solutions are influenced by the following.
A. Laws, employee culture, profit and competition.
B. Goals, client expectations, regulations and profit.
C. Group and client expectations, competitions and capabilities.
D. Profit, organization objectives, client capabilities and senior management.
A
C. Group and client expectations, competitions and capabilities.
5
Q
A systems security solution must be.
A. Cost effective, risk based and acceptable.
B. Risk based, within division budget and restraints.
C. Practical, and 90% effective
D. Acceptable by senior management and provide an ROI (return on investment)
A
A. Cost effective, risk based and acceptable.
6
Q
A specific piece of information’s level of classification is dependent on_
A. Need to know.
B. Cost of producing the information.
C. Impact if compromised.
D. Affordability of required security.
A
C. Impact if compromised.
7
Q
System secuirty boundary must be determined early based on all BUT the following.
A. Understanding the mission, goals and objectivies.
B. Coordinating the review with end users.
C. Identifing the system components that support each of the business functions.
D. Determining who is operationally and fiscally responsible for the system.
A
B. Coordinating the review with end users.
8
Q
Security boundary is important to establishing_
A. who will be doing the certification effort
B. Scoping the security effort.
C. Determining which regulations and laws apply.
D. If a system will need an internet connection or not.
A
B. Scoping the security effort.
9
Q
The implementation phase of the system development life cycle includes?
A. Conducting an intial security test
B. Identifing security solutions
C. Determining if the security is acceptable to operate.
D. Defining the system security requirements.
A
C. Determining if the security is acceptable to operate.
10
Q
The ISSMP’s job is to provide security support at the end of which phase in the SDLC?
A. Disposition and Disposal
B. Operation and Maintenance
C. Implementation
D. Initiation
A
A. Disposition and Disposal
11
Q
Risk Assessments are done in which phase of the SDLC?
A. Intitation
B. Intitation and Implementation
C. Implementation, disposition and disposal
D. Initiation, Implementation, operations and maintenance.
A
D. Initiation, Implementation, operations and maintenance.
12
Q
Who sets the information security standards of the public sector?
A. National Security Agency.
B. Internation Organization for Standardization.
C. National Institue of Standard and Technology.
D. International Electrotechnical Commission.
A
C. National Institue of Standard and Technology.
13
Q
Families of controls are identified in which of the following documents.
A. NIST Special Pub 8005.3
B. ISO 27002
C. DoDI 8500.2
D. All of the above
A
D. All of the above
14
Q
The ISSMP decides between using quantitative and qualitative risk assessments based on?
A. The budget process.
B. Threats
C. Vulnerabilities
D. Management decision process
A
D. Management decision process
15
Q
Assurances are those activities that provide management with what about security solutions?
A. Due Diligence
B. Protection
C. Cost effectiveness
D. ROI (return on investment)
A
A. Due Diligence
16
Q
Which of the following provides a measure of how well an organziation’s process incluleds the capability to continuously improve its processes.
A. Common criteria evaluation and validation scheme.
B. octave.
C. Software engineering institutes capability maturity model.
D. Commonly accepted security practices and regulations.
A
C. Software engineering institutes capability maturity model.
17
Q
Interconnections with other systems outside the system security boundary can have the following effect.
A. Increased dependencies to support the others system security requirements.
B. Requirement to notifiy when security event occurs on your system.
C. Obligations to inform the other system when outages are going to occur.
D. All the above.
A
D. All the above.
18
Q
Annal loss expectancy and ROI are expressed in what units?
A. Currency and Percentages.
B. Percentages and Level of Risk.
C. Cost of security and Percentages.
D. Percentages and Savings.
A
A. Currency and Percentages.
19
Q
Plan of Actions and Milestones is?
A. A security plan
B. A management tool
C. A list of all system security solutions
D. a checklist of actions for monitoring security during the implementation phase.
A
B. A management tool
20
Q
The ideal presentation to senior management and mangers should follow which rules.
A. 20-page justification
B. 5 slides
C. Answer all the questions that the audience should ask.
D. Be presented in 5 minutes.
A
D. Be presented in 5 minutes.
21
Q
How does the need for security compare between systems developed for sale or external use and systems developed for inhouse.
A. systems for sale or external use always have more security concerns.
B. Systems developed for inhouse use alawys have more securiyt concerns.
C. System developed inhouse require security efforts on the part of the internal security team, while those developed for external use can have security outsourced.
D. Both systems have security concerns that must be carefully addressed.
A
D. Both systems have security concerns that must be carefully addressed.
22
Q
When should a projects security measures be addressed.
A. As close to the start of the project as possible.
B. Only after security issues are exploited.
C. After the initial project design is done.
D. When the functional specifications are being written.
A
A. As close to the start of the project as possible.
23
Q
Which of the following pose the greatest risk of perpetrating a catastrophic threat to an organization’s valuable data without expending great resources?
A. Foreign governmnets and their sponsored hackers
B. Employees
C. Activist for hacktivist groups such as anonymous
D. Customers
A
B. Employees
24
Q
How does the use of rapid application development (RAD) affect security planning.
A. The compressed time between releases means security planning and concerns must be brought up early and stressed often.
B. The process of reactive development means security is built in automatically.
C. Security issues are more common in RAD projects.
D. Security issues are less common in RAD projects.
A
A. The compressed time between releases means security planning and concerns must be brought up early and stressed often.
25
What security risk are associated with the use of prototyping and prototyping tools.
A. Prototypes always allow hackers to understand what a business plans to do for security in its finished product.
B. Prototyping helps ensure security code.
C. Prototyping tools write code with an eye towards that code's security.
D. Prototypes and prototyping tools tend to generate basic and insecure code that must be carefully reviewed before use in the finished product.
D. Prototypes and prototyping tools tend to generate basic and insecure code that must be carefully reviewed before use in the finished product.
26
Risk analysis is a method to do what?
A. Find all possible security issues and how to exploit them.
B. Gather data on the cost to mitigate security threats and the possibility of the threat being exploited.
C. Decide how much money to spend on security.
D. Compare risk and rewards of having a security program.
B. Gather data on the cost to mitigate security threats and the possibility of the threat being exploited.
27
What mitigations should be listed in a risk analysis.
A. Only those of the project itself.
B. Only mitigations that are software or network related.
C. Only those that can be mitigated with security technology.
D. All mitigations that apply to a risk the project has or inherits.
D. All mitigations that apply to a risk the project has or inherits.
28
How many levels of risk and mitigations must be taken into account during a risk analysis.
A. only the first level of identifying the risk and its immediate mitigations.
B. As many levels as needed to reach a level of mitigations that is no longer feasible.
C. two levels the risk and its mitigations and then the mitigation if that first mitigation fails.
D. the same number of levels as listed for maximum response times in the security plan.
B. As many levels as needed to reach a level of mitigations that is no longer feasible.
29
Security cost is defined as what when writing a risk analysis.
A. the monetary cost of developing and implementing security measures, including consulting hardware and additional software and development process cost.
B. the productivity losses associated with time lost to implemented arbitrary security measures.
C. Both of the above.
D. None of the above.
C. Both of the above.
30
Who should review and sign off on security plans.
A. Key players as well as anyone mandated by the enterprise itself.
B. only those people required by the enterprise's policies.
C. outside consultants only.
D. A third party auditor.
A. Key players as well as anyone mandated by the enterprise itself.
31
When are security reviews necessary?
A. when legally mandated or required by company policy.
B. It depends on the project.
C. When any changes are made.
D. When a breach occurs.
B. It depends on the project.
32
What impact can access to a project's source code have on security?
A. It improves security because more people can look for issues.
B. It has no real effect, there isn't much intrest in enterprise in-house projects.
C. It can compromise security and access should be limited.
D. The source code cannot impact security only executable code that actually run can impact security.
C. It can compromise security and access should be limited.
33
Who should have access to a projects bug or defect database?
A. Everyone at the company.
B. Only those who require access to do their jobs.
C. IT should be public.
D. The IT support team.
B. Only those who require access to do their jobs.
34
Web 2.0 projects often have more security needs in what area.
A. Data encryption, transmission and storage.
B. Server hardening and updating.
C. Both of the above
D. None of the above.
C. Both of the above
35
What impact does virtualization have on security?
A. Unique risk must be taken into account.
B. No impact- security is treated as if virtualization is not in use.
C. Virtualization reduces security risk.
D. The same issues as those relevant to all of the systems being run on the virtual machine combined.
A. Unique risk must be taken into account.
35
What is the role of security in the maintenance phase of a project?
A. Security must be maintained by regular code and security reviews by patching and updating software and hardware.
B. Security must be maintained by patching and updating software and hardware by security reviews, but code reviews are no longer necessary.
C. Security must be maintained by regular code and security reviews but patching is irrelevant o this issue.
D. security is no longer needed during th emaintenance phase.
A. Security must be maintained by regular code and security reviews by patching and updating software and hardware.
36
What is the difference between a public cloud system and a community cloud system.
A. a public cloud involves a third-party providing services to an organization via the internet, a community cloud is a private cloud that is shared between several parties.
B. a public cloud involves a third-party service to an organization via the internet, a community cloud means the organization manages some resources available in house and has other resources provided to it by an external third party.
C. a public cloud involves a third-party providing services to an organization, the internet, community is another word for private.
D. They are the same.
A. a public cloud involves a third-party providing services to an organization via the internet, a community cloud is a private cloud that is shared between several parties.
37
What types of security testing should be done on the system to ensure that it meets security.
A. Component level security testing is more than able to validate the systems security.
B. Component level, end to end and penetration testing should all be used to validate the systems security.
C. End to end security testing is the best way to validate that the system meets its security bar.
D. Penetration testing is the best way to validate that the system meets it security bar.
B. Component level, end to end and penetration testing should all be used to validate the systems security.
38
What kind of data should be used in security testing?
A. Mock data that follows real patterns
B. Live data with sensitive information stripped out.
C. Live data in its entirety.
D. Live data with sensitive information stripped out.
A. Mock data that follows real patterns
39
What benefit does using components of software that is certified or accredited bring to a system's security.
A. Neither certification nor accreditation never has an effect on the system's security.
B. In some cases, it can help increase the system's security level.
C. It negatively affects the system's security.
D. Certification can help improve security, but accreditation has no impact on security.
B. In some cases, it can help increase the system's security level.
40
Cyber vulnerability testing consists of which of the following activities.
A. War driving and war dialing.
B. Network probing and network scanning.
C. Penetration testing.
D. All off the above.
D. All off the above.
41
What is the intent of metrics?
A. Objective measurement of the enterprise risk posture.
B. Objective evaluation of value to the organization in terms of business need.
C. Determine if operations are preforming within SLAs.
D. Objective measurement of the enterprise security posture.
B. Objective evaluation of value to the organization in terms of business need.
42
An emerging formal pratice to identify key people, process, technology, and environment that fulfull the mission and then to align security operations wtih these key resources is know as what?
A. Enterprise risk management.
B. Enterprise security management
C. Risk management.
D. Mission assurance.
D. Mission assurance.
43
Given existence of enterprise security guidance and enterprise employees, business partners, vendors and other covered entities are aware and understand the policies, standards, procedures, and guidelines, there is a need to enforce compliance in daily operations. Enforcement requires?
A. Monitoring for noncompliance.
B. Detecting and responding to noncompliance.
C. Both A & B.
D. None of the above.
C. Both A & B.
44
Which of the following statements is false about enterprise security standard (ESS)?
A. You can develop on ESS from an industry security standard or form security legislation or both.
B. The structure of the ESS becomes the foundation for the enterprise security framework (ESF).
C. To save money and since ESS is unique to each organization anyways, developing the ESS from staff experience, through somewhat arbitrary is an acceptable practice.
D. The enter security standard (ESS) is a list of all applicable security controls group by families.
C. To save money and since ESS is unique to each organization anyways, developing the ESS from staff experience, through somewhat arbitrary is an acceptable practice.
45
Which of the following statements is true about incident response.
A. Some potential members of an incident response team are senior management, legal, corporate communications, and operations.
B. Incident response team (IRT) and cyber incident response team (CIRT) are similar phrases for the same organizational function.
C. The new media will print what they want anyways, so it is ok for anyone on the security team to speak to them about security incident details.
D. All cyber incidents are unique and upon detection are immediately escalated to subject matter experts.
A. Some potential members of an incident response team are senior management, legal, corporate communications, and operations.
46
Which of the following statement is false:
A. In a given environment, people perform processes using technology to produce results.
B. Security is a support structure of safeguards for cost management and never contributes to revenue generation.
C. A key differentiating characteristic of the cyber domain from other domains is physical proximity.
D. The complement to legislative compliance is good business practice.
B. Security is a support structure of safeguards for cost management and never contributes to revenue generation.
47
What is the purpose of a service level agreement?
A. SLAs are only used as a formal agreement between the enterprise and external service provider to establish services, performance parameters, and finical penalties for performance outside of specified parameters.
B. The SLA records common understanding about services provided and the performance parameters within to provide service.
C. SLA specified performance measures in terms of thresholds in number of transactions per hour, available bandwidth, downtime tolerances.
D. SLA is a formal agreement that specifies pay for performance within operations departments.
B. The SLA records common understanding about services provided and the performance parameters within to provide service.
48
What is enterprise risk posture?
A. Intentionally assumed position of safeguards throughout the entire origination.
B. The probability of specific eventualities throughout the entire organization.
C. The aggregation of all the safeguards and precauthions that mitigate risk.
D. The formal articulation of an intentionally assumed position on dealing with potential negative impact.
D. The formal articulation of an intentionally assumed position on dealing with potential negative impact.
49
What is data exfiltration?
A. The unauthorized use of USB drives.
B. The unauthorized transmission of data between departments.
C. The unauthorized transmission of data into the organization from a service provider.
D. The unauthorized transmission of data out of the organization.
D. The unauthorized transmission of data out of the organization
50
Which of the following groups is not representative of the nine core security principles.
A. Nonrepudiation, possession, utility.
B. Authorized use, privacy, authorized access.
C. Confidentiality, integrity, authenticity.
D. Availability, privacy, utility.
B. Authorized use, privacy, authorized access.
51
Which of the following is true about security compliance managment program (SCMP)
A. Governance, identifies and enumerate all relevant security compliance requirements, these may include, legislation, regulation, directives, instructions contractual and good business practices.
B. The planning function determines the appropriate steps to take to establish and maintain compliance - the results of planning will include a list of necessary security technology to insert IT operations.
C. Implementation takes the policies, standards, procedures, and guidelines and inserts them into information technology systems. Deployment makes compliance part of daily operations throughout the enterprise.
D. The role of adjudication is to resolve conflicts in the best interest of enterprise senior management and executives.
A. Governance, identifies and enumerate all relevant security compliance requirements, these may include, legislation, regulation, directives, instructions contractual and good business practices.
52
Which of the following is false about system harding?
A. System hardening is the elimination of know vulnerability exploits, and generally turning off or uninstalling unnecessary functions.
B. Each operating system, each version of the same operating system, and each patch release of the same operating system may have different procedures for hardening the system.
C. Disabling Un-useful services will require OS parameter changes at the kernel or registry level or mods to services that initiate or run at startup.
D. None of the above.
D. None of the above.
53
What is the difference between legislative managment and litigation management?
A. Litigation management is the use of lobby groups by senior management to establish working relationships with the local judiciary and legislation management is the use of lobby groups with congress to influence the content of security laws.
B. Legislative management attempts to avoid litigation, and litigation management intends to minimize the negative effects on an organization in the event of an incident.
C. Litigation management involves establishing working relationships between senior management and security personnel; and the enterprise legal department and legislative management is the result of this working relationship.
D. Litigation management comes before legislative management.
B. Legislative management attempts to avoid litigation, and litigation management intends to minimize the negative effects on an organization in the event of an incident.
54
Which of the following is a ture statement about digital policy management (DPM)?
A. A digital policy infrastructure is the collection of policy managers, policy clients, PDPs and PEPs.
B. DPM is the process of creating and disseminating information technology policies.
C. DPM is the automated enforcement of policy on the network.
D. None of the above.
C. DPM is the automated enforcement of policy on the network.
55
The most dangerous type of malware is?
A. A spear phishing attack because it targets a specific weakness in people.
B. Zero-day exploit because it tries to exploit unknown or undisclosed vulnerabilities.
C. A physical breach because it is the hardest to see coming.
D. Insider threat using a USB thumb sucker attack because of unique knowledge of the enterprise.
B. Zero-day exploit because it tries to exploit unknown or undisclosed vulnerabilities.
56
Which of the following statements about bots is false.
A. A bot is a type of malware that perform a specific function as directed by the bot herder.
B. A bot is a term for a software robot.
C. Successful penetration of a PC by a bot makes that PC part of a botnet.
D. A bot has limited lifetime, typically less than 60 days, and must perform its nefarious activities before it removes itself from the infected system.
D. A bot has limited lifetime, typically less than 60 days, and must perform its nefarious activities before it removes itself from the infected system.
57
What is the purpose of security policies.
A. To provide a description of acceptable behaviors within the enterprise.
B. To clearly convey the uses for secuirty services and mechanisms within the enterprise.
C. To exert control over the organization by the security department.
D. To provide a description of acceptable behavior with the intent of minimizing risk to the organization.
D. To provide a description of acceptable behavior with the intent of minimizing risk to the organization.
58
A Privately held restrauaunt chain in New Jersey is likely thinking about its compliance needs. Which is likely to apply.
A. HIPPA
B. GLB
C. PCI-DSS
D. Sec Rules
C. PCI-DSS
59
Which one of the following is not a benefit of developing a disaster recovery plan.
A. Reducing distruption to operations.
B. Training personnel to perform alternate roles.
C. Minimizing decision making during a disastrous event.
D. Minimizing legal liability and insurance premiums.
B. Training personnel to perform alternate roles.
60
A business continuity policy should be reviewed and re-evaluated.
A. Annually in light of managements strategic vision.
B. Bi-annually in preparation for audit review.
C. Whenever critical systems are outsourced.
D. During implementations of system upgrades.
A. Annually in light of managements strategic vision.
61
Which of the following is a key phase of BC and DR plans?
A. Damage assessment.
B. Personnel evacuation
C. Emergency transportation
D. Emergency response.
D. Emergency response.
62
The vitally important issue for emergency response is?
A. Calling emergency services.
B. Protecting the corporate image.
C. Accounting for employees.
D. Employee evacuation.
C. Accounting for employees.
63
Which of the following is not required for understanding the organization. Understanding the organization BLANK?
A. Organizational Chart.
B. Risk appetite.
C. Information technology infrastructure.
D. Core business functions.
A. Organizational Chart
64
Key milestones in developing the projects plan and governance include all of the below except?
A. Risk analysis.
B. Data gathering.
C. Audit approval.
D. Training, education and awareness.
C. Audit approval
65
The output of a business impact analysis is.
A. A prioritized list of critical data.
B. A prioritized list of sensitive systems
C. The recommendations for alternate processing
D. The scope of the business continuity plan
A. A prioritized list of critical data
66
When a critical system cannot function at an acceptable level without input from a system on which it is dependent, which of the following statements is incorrect?
A. The system on which it is dependent is at a higher priority.
B. The system on which it is dependent is at a lower priority.
C. The system on which it is dependent is at the same priority.
D. The critical system feeds a lower priority system.
B. The system on which it is dependent is at a lower priority.
67
People based threats include?
A. Theft, whitelisting, industrial actions.
B. Industrial actions, blacklisting, pandemics.
C. Pandemics, theft, industrial actions.
D. Pandemics, call forwarding, theft.
C. Pandemics, theft, industrial actions.
68
Risk Acceptance is usually most appropriate when?
A. Impact is high, and probability is low.
B. Probability is high, and impact is low.
C. Impact is high, and probability is high.
D. Impact is low, and probability is low.
D. Impact is low, and probability is low.
69
Heat maps reflect the level of risk an activity poses and include all of the below except?
A. A suggested risk appetite boundary
B. Proposed risk countermeasures.
C. Risk zones
D. Color coding
B. Proposed risk countermeasures.
70
The notification activation phase of the BCP and DRP includes.
A. A Sequence of recovery goals.
B. Activities to notify recovery personnel.
C. The basis for declaring an emergency.
D. The assessment of system damage.
A. A Sequence of recovery goals.
70
A system information form contains all the of following information except.
A. Recovery priority
B. Maximum outage time
C. Dependencies on other systems
D. Recovery point objective.
D. Recovery point objective.
71
Documenting recovery procedures is for
A. Implementing recovery strategy.
B. Highlighting points requiring coordination between teams.
C. Outsourcing disaster recovery system development.
D. Providing instructions for the least knowledgeable recovery personnel.
C. Outsourcing disaster recovery system development.
72
The primary purposes of testing are to
A. Satisfy audit requirements.
B. Check that sources of data are adequate.
C. Raise staff awareness of recovery plans.
D. Prove the ability to recover from disruptions.
A. Satisfy audit requirements.
73
Plan maintenance should be scheduled
A. After testing to account for hardware and personnel changes.
B. In anticipation of audit activity.
C. When changes are made to protected systems.
D. When changes are made to supported business processes.
B. In anticipation of audit activity.
74
Communications is a critical activity durning the response and recovery phases of an incident. The communications plan must provide.
A. Alternative types of communications media
B. A list of contacts reachable through a communications tree.
C. Alternative communications service providers
D. Immediate access to mobile devices for key communicators.
C. Alternative communications service providers
75
An emergency operations center must be provided to centrally manage the incident it should include.
A. A provision for secure and confidential discussions
B. Office space for recovery team leaders
C. Access to all BC and DR Plans
D. Forms of refreshment for EOC personnel
B. Office space for recovery team leaders
76
Through training plan activities help ensure.
A. All team members understand their responsibilities.
B. All team members understand the roles of others.
C. Team Cooperation
D. Plans are current.
D. Plans are current.
77
Under the electronic communications privacy act the expression: "Electronic communications" does not incorporate which of the following.
I. Tone only paging devices.
II. Electronic funds transfer information
III. Tracking devices
IV. Wire or oral communications
A. I, II, II and IV
B. I
C. I and II
D. I and III
A. I, II, II and IV
78
The digital millennium copyright act (DMCA) has specific provisions designed to legislate against and thus aid in preventing what type of action?
A. Circumvention of Tecnologies used to protect copyright work.
B. Creation of malicious code.
C. Digital manipulation or alteration of copyrighted computer code.
D. Digital reproduction of copyrighted documents and artwork.
A. Circumvention of Tecnologies used to protect copyright work.
79
Which of the following fields of management focuses on establishing and maintaining consistency of a system's or product's performance and its functional and physical attributes with its requirements, design, and operational information throughout its life?
A. Configuration management
B. Risk management
C. Procurement management
D. Change management
A. Configuration management
80
What questions are asked when deciding the outcome of a US federal trademark disputation case? (choose all that apply)
a. When the trademark was created.
B. How distinctive is the mark.
C. Who owns the mark.
D. How unique and recognized is the mark.
C. Who owns the mark.
D. How unique and recognized is the mark.
81
To sue for copyright infringement in the US what is the first step that a copyright holder must take.
A. No action is necessary as copyright attaches as a right of the author as soon as the work is created.
B. Register a copyright application with the copyright office of the library of congress.
C. Formally publish the work
D. Put the alleged infringer on notice that you intend to bring an action.
B. Register a copyright application with the copyright office of the library of congress.
82
The judge in a civil court case can issue an order allowing for a civil search of anothers party's goods and to seize specific evidence. This order is known as a what?
A. Subpoena
B. Doctrine of exigent circumstances
C. Anton Pillar order
D. Search Warrant.
C. Anton Pillar order
83
Your team has detected that an outside party attempted to do a port scan on a highly sensitive system. According to the US government model, what is the maximum amount of time that should elapse before the relevant information is reported.
A. 1 hour
B. 1 Day
C. 1 Week
D. 1 Month
A. 1 hour
84
Your company has a policy prohibiting pornography on company equipment, and an employee has become aware of a network user who has an image of a nude child on his computer. When you investigate the matter, you find that the person has several photos of children on a nude beach, but none of them involves sex or focus on the child's genitalia. Which of the following is true.
A. It is child pornography, and the computer user can be charged with possession of child pornography.
B. It is child pornography, and the computer user can be charged or disciplined.
C. It is not child pornography, and the computer user can be disciplined.
D. It is not child pornography, and the computer user cannot be changed or disciplined.
C. it is not child pornography, and the computer user can be disciplined.
85
Tracing violations or attempted violations of system security to the user responisble is a function of what?
A. Authentication
B. Access Management
C. Integrity Checking
D. Accountability
D. Accountability
86
Why is a conflict of interest considered troubling from the standpoint of fraud prevention.
A. A conflict of intrest violates canons of professinal responsibility.
B. A Conflict of interest is obviously unethical and causes waste.
C. A Conflict of interest can be a sign of fraud, if not the source of it.
D. A Conflict of interest violates federal law and is there for illegal.
C. A Conflict of interest can be a sign of fraud, if not the source of it.
87
The penalties that can be sanctioned to the losing party in a case can include:
A. Probation
B. Community Service
C. Fines
D. Imprisonment
C. Fines
88
Evidence needs to be one of the following in order to be deemed as admissible in a court of law.
A. Conclusive
B. Incontrovertible
C. Irrefutable
D. Relevant
D. Relevant
89
RFC 1087 Sets the IAB "Ethics and the Internet" categorization of unethical actions which of the following is not considered as an unethical under the IAB?
A. Downloading pornography
B. Compromising user privacy without authorization
C. Taking resources such as stationary and using equipment for personal use.
D. Seeking to gain unauthroized access to resources.
A. Downloading pornography.
90
What is evidence gathering technique that occurs when law enforcement officer entices a party into enacting a criminal offense, they may not have otherwise committed with the air of capturing the person in a "Sting operation" is considered legal or illegal.
A. Enticement / legal
B. Coercion / legal
C. Entrapment / illegal
D. Enticement / illegal
C. Entrapment / illegal
91
Which expression is used to describe the process where a party is provided with sufficient temptation such that they may hand over evidence of a crime that the individual has committed.
A. Enticement
B. Coercion
C. Entrapment
D. Encouragement
A. Enticement
92
What penalties does the CFAA hold for people who create and release malware.
A. CFAA has both civil and criminal sanctions..
B. CFAA has criminal sanctions.
C. CFAA has civil sanctions
D. CFSS does not incorporate malware and is targeted at fraud such as phishing and financial fraud.
A. CFAA has both civil and criminal sanctions.
93
Which of the following is not considered to be intellectual property.
A. Patents, service marks, trademarks
B. Plant growers' rights
C. Computer hardware
D. Trade secrets
C. Computer hardware
94
Which term best describes the situation where an individual attacks (Hackes) a computer system with a motive of curiosity or the threill of seeing what is there.
A. Scoping attack
B. Digital thrill seeking
C. Recon attack
D. Phishing
B. Digital thrill seeking
95
The fourth amendment to the US contitution sets the standard for what action.
A. Free speech
B. Commerical transactions and interstate commerce
C. Individual privacy
D. Government searches and seizures.
D. Government searches and seizures.
96
Why is prevention alone not sufficient to protect a system from attackers.
A. Even the finest preventive measures experience failures.
B. The maintenance of preventive measures is labor intensive.
C. It is hard to put preventive measures into operation.
D. Prevention by itself is an expensive alternative.
A. Even the finest preventive measures experience failures.
97
A set of principles that is derived from cultural or religious authority and standard is known as?
A. Policy
B. Law
C. Guidelines
D. A moral code.
D. A moral code.
98
Which of the following subphrases are defined in the maintenance phase of the life cycle models
A. Change control
B. Configuration control
C. Request control
D. Release control
A. Change control
C. Request control
D. Release control
99
Which of the following terms refers to a mechanism which proves that the sender really sent a particular message.
A. Non-repudiation
B. Confidentiality
C. Authentication
D. Integrity
A. non-repudiation
100
Which of the following characteristics are described by the DIAP information readiness assessment function. Each correct answer represents a completed solution. Choose all that apply.
A. It preforms vulnerability and threat analysis assessment.
B. It identifies and generates IA requirements.
C. It provides data needed to accurately assess IA readiness.
D. It provides for entry and storage of individual system data.
A. It preforms vulnerability and threat analysis assessment.
B. It identifies and generates IA requirements.
C. It provides data needed to accurately assess IA readiness.
101
Bob works as a software developer for WebTech. he want to protect hte algorithms and the techniques of programming that he uses in developing an application. Which of the following laws are used to protect a part of software?
A. Code security Law
B. Trademark Law
C. Copyright Law
D. Patent Law
D. Patent Law
102
Which of the following is not a valid maturity level of the software capability maturity model (CMM)
A. Managed
B. Defined
C. Fundamental
D. Repeatable
C. Fundamental
103
Which of the following BCP teams is the first responder and deals with the immediate effect of a disaster?
A. Emergency management team
B. Damage assessment team.
C. Off-site storage team
D. Emergency action team.
D. Emergency action team.
104
Which of the following relies on a physical characteristic of the user to verify his identity.
A. Social engineering
B. Kerberos v5
C. Biometrics
D. CHAP
C. Biometrics
105
Which of the following types of activities can be audited for security. Choose three - answers represents a completed solution.
A. data downloading from the internet.
B. File and object access.
C. Network logons and logoffs.
D. Printer Access.
B. File and object access.
C. Network logons and logoffs.
D. Printer Access.
106
You work as a network admin for ABC, Inc. The company uses a secure wireless network. John complains to you that his computer is not working properly. What type of security audit do you need to conduct to resolve the problem.
A. Operational
B. Dependent
C. Non-operational
D. Independent
D. Independent
107
Which of the following laws is the first to implement penalities for teh creator of viruses, worms and other types of malicious code that cases harm to the computer system.
A. Gramm-Leach Bliley Act
B. Computer Fraud and Abuse Act
C. Computer Security Act.
D. Digital Millenium Copyright Act.
D. Digital Millenium Copyright Act.
108
You are the project manager. You have identified the following risks with the characteristics shown.. How much capital should be set aside for risk contingency.
Risk A: Probility .60 - Impact -10,000
Risk B: Probility .10 - Impact -85,000
Risk C: Probility .25 - Impact -75,000
Risk D: Probility .40 - Impact 45,000
Risk E: Probility .50 - Impact -17,999
A. 142,000
B. 232,000
C. 41,750
D. 23,750
D. 23,750
109
Which of the following are the common roles with regards to data in an information classification program? Choose all that apply; answers represent a complete solution.
A. Editor
B. Custodian
C. Owner
D. Security Auditor
E. User
B. Custodian
C. Owner
D. Security Auditor
E. User
110
Which of the following processes is described in the statement: It is the process of implementing risk response plans, tracking identified risk, monitoring residual risk, identifying new risk and evaluating risk process effectiveness throughout the project.
A. Monitor and control risks.
B. Identify risks.
C. Preform qualtative risk analysis.
D. Preform quantitative risk analysis.
A. Monitor and control risks.
111
Project manger and project team have created risk responses for many of the risk events in the project. Where whould you document the prposed repsonses and the current status of all identified risks?
A. Risk management plan
B. Lessons learned documentation.
C. Risk register
D. Stakeholder management strategy
C. Risk register
112
Which of the following security controls will you use for the deployment phase of the SDLC to build secuirty software. Choose all that apply.
A. Vulnerability assessment and pen testing
B. Security certification and accreditation
C. Change and configuration control
D. Risk adjustments.
A. Vulnerability assessment and pen testing
B. Security certification and accreditation
D. Risk adjustments.
113
Which of the following can be prevented by an organization using job rotation and separation of duties policies.
A. Collusion
B. Eavesdropping
C. Buffer overflow
D. Phishing
A. Collusion
114
Computer hacking forensic investigator has been called by an organzation to conduct a seminar on necessary information related to sexual harassment. He wants to convey the importance that records should be maintained, what should be recorded in this document. Choose all that apply.
A. Names of the victims
B. Location of each incident
C. Nature of harassment
D. Data and time of incident.
A. Names of the victims
B. Location of each incident
D. Data and time of incident.
115
Which of the following types of evidence is considered as the best evidence.
A. Copy of the orginal document
B. Information gathered through the witness senses.
C. The original document
D. A computer generated record.
C. The original document
116
What are the purposes of audit records on an information system. Choose two.
A. Troubleshooting
B. Investigation
C. upgrading
D. Backup
A. Troubleshooting
B. Investigation
117
Which of the following refers to an information security document that is used in the US DoD to describe an accredited network and system.
A. SSAA
B. FITSAF
C. FIPS
D. TC SEC
A. SSAA
118
Which of the following analysis provides a foundation for measuring investment of time, money and human resources required to achieve a particular outcome.
A. Vulnerability analysis
B. Cost - Benefit analysis
C. Gap analysis
D. Requirement analysis
C. Gap analysis
119
A Contract cannot have provisions for which one of the following.
A. subcontracting the work.
B. Penalties and fines for disclosure of intellectual rights.
C. A deadline for the completion of the work.
D. Illegal activities.
D. Illegal activities.
120
Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including only physical damage as assets, hacking attacks, etc. Which of the following risk management techniques is your company using.
A. Risk mitigation
B. Risk transfer
C. Risk acceptance
d. Risk avoidance.
B. risk transfer
121
You work as a security manager for SoftTech, Inc. you are conducting a security awareness campagin for your employees. One of the employees of your organzition asks you the purpose of the security awareness training and education program. What will be your answer.
A. It improves the possibility of career advancement of the IT staff.
B. It improves the security of vendor relations.
C. It improved the performance of the company's internet.
D. It improves the awareness of the need to protect system resources.
D. it improves the awareness of the need to protect system resources.
122
You are responsible for network and information security at a Metroplitan police station. The most important concern is that unauthorized parties are not able to access data. What is this called.
A. Availability
B. Encryption
C. Integrity
D. Confidentiality
D. Confidentiality
123
What component of the change management system is responsible for evaluating, testing and documenting changes created to the project scope.
A. Scope verification
B. Project managment information system
C. Integrated change control
D. Configuration management system
D. Configuration management system
124
Electronic communication technology referes to tech devices, such as computer and cell phones used to facilitiate communication. Which of the following is / are a type of electronic communication. Choose all that apply.
A. Internet telephony
B. Instant messaging
C. Electronic mail
D. Post-it notes.
E. Blogs
F. Internet teleconferencing
A. Internet telephony
B. Instant messaging
C. Electronic mail
E. Blogs
F. Internet teleconferencing
125
What is a stake holder analysis chart?
A. It is a matrix that documents stake holders threats, perceived threats, and communication needs.
B. It is a matrix that identifies all of the stake holders and to whom they must report too.
C. It is a matrix that documents the stakeholders' requirements, when the requirements were created and when the fulfillment of the requirement took place.
D. It is a matrix that identifies who must communicate with whom.
A. It is a matrix that documents stake holders threats, perceived threats, and communication needs.
126
Which of the following strategies is used to minimize the effects of a disruptive event on a company and is created to prevent interruptions to normal business activitiy.
A. Disaster recovery plan
B. Continuity of operations plan
C. Contingency plan
D. Business continuity plan
D. Business continuity plan
127
You are a project manager of a large construction project; within the project you are working with several vendors to complete different phases of construction. Your clint has asked that you arrange for some of the materials a vendor is to install next week in the project to be changed. According to the change management plan what subsystem will need to manage this change request.
A. Cost
B. Resources
C. Contract
D. Schedule
C. Contract
128
Which of the following roles is responsible for review and risk analysis of all contracts on a regular basis.
A. the configuration manager
B. The supplier manager
C. The service catalogue manager
D. The IT service continuity manager
B. The supplier manager
129
In which of the following SDLC phases is the system's security features configured and enabled; The system is test, installed or fielded, and the system is authorized for processing.
A. Initiation Phase
B. Development / Acquistions phase
C. Implementation phase
D. Operation / Maintenance phase
C. Implementation phase
129
Which of the following laws or acts, formed in Austrtalia enforces prohibition agaist cyber stalking.
A. Malicious communications act - 1998
B. Anti-cyber stalking law - 1999
C. Stalking Amendment act - 1999
D. Stalking by electronic communications act - 2001
C. Stalking Amendment act - 1999
130
Which of the following response teams aims to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing among members and the community at large.
A. CSIRT
B. CERT
C. FIRST
D. FED CIRC
C. FIRST
131
Which of the following statements is related with the first law of opsec.
A. If you are not protecting it, the advsary wins
B. If you don't know to protect, how do you know you are protecting it.
C. If you don't know about your security resources, you could not protect your network.
D. If you don't know the threat, how do you know what to protect.
D. If you don't know the threat, how do you know what to protect.
132
Change management is used to ensure that standardized methods and procedures are used for efficient handling of all changes, who decides the category of the change.
A. The problem manager
B. The process manager
C. The change manager
D. The ServiceDesk
E. The change advisory board
C. The change manager
133
which of the following evidence are the collection of facts that when considered together, can be used to infer a conclusion about the malicious activity / person.
A. Direct
B. Circumstantial
C. Incontrovertible
D. Corroborating
B. Circumstantial
134
Which of the following acts enacted in the US amends civial right act of 1964, providing technical changes affecting the length of time allowed to challenge unlawful seniority provistions to sue the federal government for discrimination and to bring age discrimination claims.
A. Protect act.
B. Sexual predators act
C. Civil rights act of 1991
D. the USA Patriot Act of 2001
C. Civil rights act of 1991
135
Which of the following policies help reduce the potential damage from the actions of one person.
A. CSA
B. Risk assessment
C. Separation of duties
D. Internet audit
C. Separation of duties
136
The goal of change management is to ensure that standardized methods and procedures are used for efficient handling of all changes. which of the following are change management terminologies. choose three.
A. Request for change
B. Service request management.
C. Change
D. Forward schedule of changes
A. Request for change
C. Change
D. Forward schedule of changes
137
Which of the following is the corect order of digital investigations standard operating procedures (SOP).
A. initial analysis, request of service, data collection, data reporting, data analysis.
B. Initial analysis, request for service, data collection, data analysis, data reporting
C. Request for service, initial analysis, data collection, data analysis, data report.
D. Request for service, initial analysis, data collection, data reporting, data analysis.
C. Request for service, initial analysis, data collection, data analysis, data report.
138
Which of the following roles is used to ensure that the confidentiality, integrity and availability of the services are maintained to the levels approved on the service level agreements.
A. The service level manager
B. The configuration manager
C. The IT security manager
D. The change manager
C. The IT security manager
139
The security manager has been working on the continuous process improvement and on the original scale for measuring the maturity of the organization in the software process. Which of the following maturity levels of the software CMM focuses on the continuous process improvement.
A. Repeatable level
B. Defined level
C. Initiating level
D. Optimizing level
D. Optimizing level
140
Which of the following is a set of exclusive rights granted by a state to an inventor or his assignee for a fixed period of time in exchange for the disclosure of an invention.
A. Patent
B. Utility model
C. Snooping
D. Copyright
A. Patent
141
You are advising a school district on disaster recovery plans; in case a disaster affects the main IT centers for the district they will need to be able to work from an alternate location. However, budget is an issue. which of the following is the most appropriate for this client.
A. Cold site
B. Off site
C. Hot site
D. Warm site
A. Cold site
142
Which of the following is a process of monitoring data packet that travel across a network.
A. password guessing
B. Packet sniffing
C. Shielding
D. Packet filtering
B. Packet sniffing
143
Security manager working in a partially equipped office space which contains some of the system hardware, software, telecommunication and power sources, in which of the following types of office sites is he working?
A. Mobile site
B. Warm site
C. Cold site
D. Hot site
B. Warm site
144
You are documenting your organizations change control procedures for project management. What portion of the change control process oversees features and functions of the product scope?
A. Configuration management
B. Product scope managment is outside the concens of the project
C. Scope change control system
D. Project integration management
A. Configuration management
145
Which of the following enables an inventor to legally enforce his right to exclude others from using his invention?
A. Spam
B. Patent
C. Artistic license
D. Phishing
B. Patent
146
Which of the following are the major task of risk management? Choose two.
A. Assuring the integrity of organizational data.
B. Building risk free systems
C. Risk control
D. Risk identification
C. Risk control
D. Risk identification
147
Which of the following statement best describes the consequences of the disaster recovery plan test.
A. If no deficiencies were found during the test, then the test was probably flawed.
B. The plan should not be changed no matter what the results of the test would be.
C. The results of the test should be kept secret
D. If no deficiencies were found during the test, then the plan is probably perfect.
A. If no deficiencies were found during the test, then the test was probably flawed.
148
Which of the following ports is the default port for Layer 2 tunneling protocol (L2TP)
A. UDP port 161
B. TCP port 443
C. TCP port 110
D. UDP port 1701
D. UDP port 1701
149
Which of the following statements reflects the code of ethics in the ISC2 code. Choose all that apply.
A. Provide diligent and competent service to pricipals.
B. Protect society the commonwealth and the infrastructure.
C. Give guidance for resolving good versus good and bad versus bad dilemmas.
D. Act honorably, honestly, justly, responsibly and legally
A. Provide diligent and competent service to principals.
B. Protect society the commonwealth and the infrastructure.
D. Act honorably, honestly, justly, responsibly and legally.
150
Which of the following issues are addressed by the change control phase in the maintenance phase of the life cycle models, Choose all that apply.
A. Preforming quality control.
B. Recreating and analyzing the problem.
C. Developing the changes and corresponding test.
D. Establishing the priorities of requests.
A. Preforming quality control
B. Recreating and analyzing the problem.
C. Developing the changes and corresponding test.
151
152
Which of the following access control models uses a predefined set of access priviledges for an object of a system.
A. Role base access control
B. Mandatory access control
C. Policy access control
D. Discretionary access control
B. Mandatory access control
153
Which of the following statements about the availability concept of information security management is true.
A. It determines actions and behaviors of a single individual within a system.
B. It ensures reliable and timely access to resources.
C. It ensures that unauthorized modificaitons are not made to data by authorized personnel or processes.
D. It ensures that modifications are not made to data by unauthorized personnel or processes.
B. It ensures reliable and timely access to resources.
154
Which of the following isa process that identifies critical information to determine if friendly actions can be observed by adversary intelligence systems.
A. IDS
B. OPSEC
C. HIDS
D. NIDS
B. OPSEC
155
Which of the following adminstrative policy controls is usually associated wtih government classifications of materials and the clearances of individuals to access those materials.
A. Separation of duties
B. Due care
C. Acceptable use
D. Need to know.
D. Need to know.
156
Which of the following processes will you involve to perform the active analysis of the system for an potential vulnerabilits that may result from poor or improper system configuration, known and or unknown hardware or software flaws, or operational weaknesses in process or technical counter measures.
A. Penetration testing
B. Risk analysis
C. Baselining
D. Compliance checking.
A. Penetration testing
157
Which of the following are the levels of military data classification system. Choose all that apply.
A. Sensitive
B. Top Secret
C. Confidential
D. Secret
E. Unclassified
F. Public
A. Sensitive
B. Top Secret
C. Confidential
D. Secret
E. Unclassified
158
Which of the following tools work by using standard set of MS-DOS commands and can create an MD5 has of an entire drive, partition or selected files.
A. Device seizure
B. OnTrack
C. Drive spy
D. Forensic sorter
C. Drive spy
159
Which of the following needs to be documented to preserve evidences for presentation in court.
A. Separation fo duties
B. Account lockout policy.
C. Incident response policy
D. Chain of custody
D. Chain of custody
160
Which of the follwoing statments best explaines how encryption works on the internet.
A. Encryption encode information using specific algorithms with a string of numbers known as a key.
B. encryption validates a username and password before sending inforation to the web server.
C. Encryption allows authorized users to access websites that offer online shopping.
D. Encryption helps in transactions processing by e-commerce servers on the internet.
A. Encryption encode information using specific algorithms with a string of numbers known as a key.
161
Which of the following statues is enacted int he US. Which prohbits creaditors from collecting data from applicants such as national orgin, caste, religion ect.
A. The fair credit reporting act (FCRA)
B. The privacy act
C. The electronic communications privacy act.
D. The equal credit opportunity act (ECOA)
D. The equal credit opportunity act (ECOA)
162
Which of the following security models deal only with integrity. Choose Two.
A. Biba-Wilson
B. Clark-Wilson
C. Bell-Lapadula
D. Biba
B. Clark-Wilson
D. Biba
163
Project manager is in the process of procuring services form vendors. He makes a contract with a vendor in which he precisly specify the services to be procured, and any changes to teh procurement, specification will increase the cost to the buyer. What contract type is this.
A. Firm fixed price
B. Fixed price incentive fee
C. Cost plus fixed fee contract
D. Fixed price with economic price adjustment
A. Firm fixed price
164
Incident manager has been tasked to setup a new extension of your enterprise. Networking to be done in the new extension requires different types of cables and an appropriate policy that will be decided by you. Which of the following stages in the incident handeling process involves your decision.
A. Preparation
B. Eradication
C. Identificaiton
D. Containment.
A. Preparation
165
Which of the following security models focuses on data confidentiality and controlled access to classified information.
A. Bell-Lapadula model
B. Take-Grant model
C. Clark-Wilson model
D. Bib model
A. Bell-Lapadula model
166
Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency or state of affairs.
A. Disaster recovery plan
B. Contingency plan
C. Continuity of operations plan
D. Business continuity plan
B. Contingency plan
167
Which of the following BCP teams handles financial arragements, public realtions and media inquiries in the time of disaster recovery.
A. software team
B. Off-site storage team
C. Application team
D. Emergency management team
168
Project manager hired ZAS Corp to complete part of the project work for his orgnazation. Due to a change request the ZAS Corp is no longer needed on the project even though they have completed nearly all the project work. is the oragnzation liable to pay the ZAS Corp for the work they have completed so far on the project?
A. Yes, ZAS Corp did not choose to terminate the contract work.
B. It depends on what the outcome of a lawsuit will determine.
C. It depends on what the termination clause of the contract stipulates.
D. No, ZAS Corp did not complete all the work.
C. It depends on what the termination clause of the contract stipulates.
169
Which of the following are the goals of risk management. Choose Three.
A. Assessing the impact of potential threats.
B. Identifiing the accused
C. Finding an economic balance between the impact of the risk and the cost of the countermeasure.
D. Identifying the risk.
A. Assessing the impact of potential threats.
C. Finding an economic balance between the impact of the risk and the cost of the countermeasure.
D. Identifying the risk.
170
To help communicate project status to your stakeholders, you are going to create a stakeholders register. All the following information should be included in the stakeholders register except which one.
A. Identification information for each stakeholder
B. Assessment informaton of the stakeholder's major requriements, expectations and potential influence.
C. Stakeholder classification of their role in the project.
D. Stakeholder management strategy.
D. Stakeholder management strategy.
171
As project manager of your organization, you are nearing the final stages of project execution and looking towards the final risk monitoring and controlling activities. For your project archives, which one of the following is an output of risk monitoring and control.
A. Quantitative risk analysis
B. Qualitative risk analysis
C. Requested changes.
D. Risk audits
C. Requested changes.
172
Security manager is training some newly recruited personnel in the field of security management. She is giving a tutorial on DRP; she explains that the major goal of disaster recovery plan is to provide an organized way to make decisions if a disruptive event occurs and ask for the other objective of the DRP. Choose Three.
A. Protect an organization from major computer service failures.
B. Minimize the risk to the organization from delays in providing services.
C. Guarantee the reliability of standby systems through testing and simulations.
D. Maximize the decision making required by personnel during a disaster.
A. Protect an organization from major computer service failures.
B. Minimize the risk to the organization from delays in providing services.
C. Guarantee the reliability of standby systems through testing and simulations.
173
SDLC is a logical process used by programmers to develope software. Which of the following SDLC phases meets the audit objectives defines below:
System and data are validated, system meets all users requirement, system meets all control requirements.
A. Programming and training
B. Evaluation and acceptance
C. Definition
D. Initiation
B. Evaluation and acceptance
174
Which of the following are examples of physical controls to prevent unauthrized access to sensitive materials?
A. Thermal alarm system
B. Closed circuit cameras.
C. Encryption
D. Security guards
A. Thermal alarm system
B. Closed circuit cameras.
D. Security guards
175
Which of the following security issues does the Bell-Lapadula model focus on.
A. Authentication
B. Confidentiality
C. Integrity
D. Authorization
B. Confidentiality
176
Which of the following are examples of adminstrative controls. Choose all the apply.
A. Security awareness training
B. Security policy
C. Data backup
D. Auditing
A. Security awareness training
B. Security policy
177
Which of the following are the types of access controls. Choose three.
A. Administrative
B. Automatic
C. Physical
D. Technical
A. Administrative
C. Physical
D. Technical
178
Which of the following laws enacted in teh US makes it illegal for an Internet Service provider to allow child pronography to exist on websites.
A. Child pronography prevention act (CPPA)
B. US Patriot Act
C. Prosecutorial remedies and Toos against the exploitation of children today act (Protect Act)
D. Sexual Predators Act.
D. Sexual Predators Act.
179
your company work with sensitive materials and all IT personnel have at least a secret level clearance. You are still concerned that someone could compromise the network by setting up improper or unauthorized remote access. What is the best way to avoid this problem?
A. Implement separation of duties.
B. Implement RBAC
C. Implement three-way authentication.
D. Implement least privileges.
A. Implement separation of duties.
180
Which of the following statements is true about auditing.
A. it is used to protect the network agaist virus attacks.
B. it is used to track user accounts for file and object access, logon attempts, etc.
C. it is used to secure the network or the computers on the network.
D. it is sued to prevent unauthorized access to network resources.
B. it is used to track user accounts for file and object access, logon attempts, etc.
181
your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. this event is not likely to happen for several months, but the probability of the event is high. Which is a valid response to the risk.
A. Earned value management.
B. Risk Audit.
C. Technical performance measurement.
D. Corrective action.
D. Corrective action.
182
Project manager has a new change request that has been proposed that will affect several areas of the project. one area of the project change impact is on a work that a vendor has already completed. The vendor is refusing to make more changes as they've already completed the project work they were contracted to do. What can be done?
A. Threaten to sue the vendor if they don't complete the work.
B. Fire the vendor for failing to compelte the contractual obligation.
C. Withhold the vendors payments for the work they've completed.
D. Refer to the contract agreement for direction.
D. Refer to the contract agreement for direction.
183
How many change control systems are there in project management?
A. 3
B. 4
C. 2
D. 1
B. 4
184
Which of the following signatures watches for the connection attempts to well-known frequency attach ports.
A. Port signatures
B. Digital signatures
C. Header condition signatures
D. String signatures
A. Port signatures
185
Which of the following phases of the SDLC does the software and other components of the system faithfully incorporate the design specification and provide proper documenation and training.
A. Programming and training
B. Evaluation and acceptance
C. initiation
D. Design
A. Programming and training
186
Configuration management (CM) is an information technology infrastructure library (ITIL) IT Service Managment (ITSM) process. CM is used for which of the following.
1. to account for all IT assets.
2. to provide precise information support to other ITIL disciplines.
3. to provide a solid base only for incident and problem management.
4. to verify configuration records and correct any exceptions.
A. 1, 3, and 4
B. 2 and 4 only
C. 1, 2 and 4 only
D. 2, 3 and 4 only
C. 1, 2 and 4 only
187
Which of the following protocols are used to provide secure communication between a client and a server over the internet. Choose 2.
A. TLS
B. HTTP
C. SNMP
D. SSL
A. TLS
D. SSL
188
How can you calculate the annualized loss expectancy (ALE) that may occure due to a threat.
A. Single loss expectancy (SLE) / Exposure factor (EF)
B. Asset value X Exposure factor
C. Exposure factor (EF) / Single loss expectancy (SLE)
D. Single Loss Expectancy (SLE) X Annualized rate of occurrence (ARO)
D. Single Loss Expectancy (SLE) X Annualized rate of occurrence (ARO)
189
Which of the following rate systems of the orange book has no security controls.
A. D-rated
B. C-rated
C. E-rated
D. A-rated
A. D-rated
190
Which of the following is described below.
It is developed along with all processes of the risk management. It contains the results of the qualitative risk analysis, quantitative risk analysis and risk response planning.
A. Risk register
B. Risk management plan.
C. Quality management plan
D. Project charter
A. Risk register
191
Which of the following authentication protocols provides support for a wide range of authentication methods, such as smart cards and certificates.
A. PAP
B. EAP
C. MS-CHAPv2
D. CHAP
B. EAP
192
Which of the following test methods has the objective to test the IT system from the viewpoint of a threat source and to identify potential failures in the IT system protection schemes.
A. Penetration testing
B. On-site interviews
C. Security test and evaluation (ST&E)
D. Automated vulnerability scanning tool.
A. Penetration testing
193
Which of the following statement reflect the code of ethics preamble in the ISC2 code of eithcs: Choose all that apply.
A. Strick adherence to this code is a condition of certification.
B. Safety of the commonwealth, duty to our principals, and to each other requires that we adhere and be seen to adhere to the highest ethical standards of behavior.
C. Advance and protect the profession.
D. Provide diligent and competent service to principles.
A. Strick adherence to this code is a condition of certification.
B. Safety of the commonwealth, duty to our principals, and to each other requires that we adhere and be seen to adhere to the highest ethical standards of behavior.
194
Which of the following options is an approach to restricting system access to authorized users.
A. DAC
B. MIC
C. RBAC
D. MAC
C. RBAC
195
Project manager has to procure some electronics, gadgets for a project. A relative of yours is in the retail business of those gadgets, He approaches you for a favor to get the order. This situation is a _____________.
A. Conflict of interest
B. Bribery
C. Illegal practice
D. Irresponsible practice
A. Conflict of interest
196
What course of action can be taken by a party if the current negotiations fail, and an agreement cannot be reached.
A. Zopa
B. Pon
C. Bias
D. Batna
D. Batna
197
Your company suspects an employee of sending unauthorized emails to competitors. These emails are alleged to contain confidential company data. Which of the following is the most important step for you to take in preserving the chain of custody.
A. Preserve the email server including all logs.
B. Seize the employee's PC.
C. Make copies of the employee's email.
D. Place spyware on the employee's PC to confirm these activities.
A. Preserve the email server including all logs.
198
Which of the following are the levels of public or commercial data classification system. Choose all that apply.
A. Secret
B. Sensitive
C. Unclassified
D. Private
E. Confidential
F. Public
B. Sensitive
D. Private
E. Confidential
F. Public
199
Which of the following is a formula, practice, process, design, instrument, pattern or compilation of information, which is not generally known, but by which a business can obtain on economic advantage over its competitors.
A. Utility Model
B. Cookie
C. Copyright
D. Trade Secret
D. Trade Secret
200
Which of the following backup sites take the longest recovery time.
A. Cold site
B. Hot site
C. Warm site
D. Mobile backup site
A. Cold site
201
The security manager is working with his team on the disaster recovery management plan. One of his team members has a doubt related to the most cost effective DRP testing plan. According to you which of the following DRP testing plans is the most cost effective and efficient way to identify areas of overlap in the plan before conducting a more demanding training exercise.
A. Full scale exercise.
B. Walk through drill.
C. Evacuation drill.
D. Structured walk-through test.
D. Structured walk-through test.
202
The incident response team has turned evidence over to the forensic team. Now it is the time to begin looking for the ways to improve the incident response process for the next time. What are the typlical areas for improvement. Choose all that apply.
A. Information dissemination policy
B. Electronic monitoring statement
C. Additional personnel security controls
D. Incident response plan
A. Information dissemination policy
B. Electronic monitoring statement
C. Additional personnel security controls
D. Incident response plan
203
Which of the following attacks can be mitigated by providing proper training to the employees in an organization.
A. Social Engineering
B. Smurf
C. Denial of Service Attack
D. Man in the middle
A. Social Engineering
204
Which of the following is the default port for simple network management protocol (SNMP)?
A. TCP port 80
B. TCP port 25
C. UDP port 161
D. TCP port 110
C. UDP port 161
205
Which of the following is a variant with regard to configuration management.
A. A CI that has the same name as another CI but shares no relationship.
B. A CI that particulary refers to a hardware specification.
C. A CI that has the same essential functionality as another CI but a bit different in some small manner.
D. A CI that particularly refers to a software version.
C. A CI that has the same essential functionality as another CI but a bit different in some small manner.
206
As a forensic investigator, which of the following rultes will you follow while working on a case. Choose all that apply.
A. Prepare a chain of custody and handle the evidence carefully.
B. Examine original evidence and never rely on the duplicate evidence.
C. Never exceed the knowledge base of the forensic investigation.
D. Follow the rules of evidence and never tamper with the evidence.
A. Prepare a chain of custody and handle the evidence carefully.
B. Examine original evidence and never rely on the duplicate evidence.
C. Never exceed the knowledge base of the forensic investigation.
D. Follow the rules of evidence and never tamper with the evidence.
207
Which of the following are the responsibilities of a custodian with regard to data information classification program. Choose three.
A. Determining what level of classification the information requires.
B. Running regular backups and routinely testing the validity of the backups.
C. Controlling access, adding and removing privileges for individual users.
D. Performing data restoration from backups when necessary.
B. Running regular backups and routinely testing the validity of the backups.
C. Controlling access, adding and removing privileges for individual users.
D. Performing data restoration from backups when necessary.
208
Which of the following statements about hypertext transfer protocol secure (HTTPS) are true? Choose two
A. It uses TCP port 80 as the default port.
B. It is a protocol used in the universal resource locater (URL) address line to connect to a secure site.
C. It uses TCP port 443 as the default port.
D. It is a protocol used to provide security for a database server in an internal network.
B. It is a protocol used in the universal resource locater (URL) address line to connect to a secure site.
C. It uses TCP port 443 as the default port.
209
John is a black hat hacker the FBI arrested him while preforming some small email scams under which of the follow US laws will John be charged?
A. 18 USC 1362
B. 18 USC 1030
C. 18 USC 2701
D. 18 USC 2510
B. 18 USC 1030
210
Which of the following statements are true about a hot site. Choose all that apply.
A. It can be used within an hour for data recovery.
B. It is cheaper than a cold site but more expansive than a warm site.
C. It is the most inexpensive backup site.
D. It is a duplicate of the original stie, with full computer system as well as near complete backup of user data.
A. It can be used within an hour for data recovery.
D. It is a duplicate of the original stie, with full computer system as well as near complete backup of user data.
211
NIST 800-50 is designed for those currently working in the information technology field and want information on secuirty policies. Which of the following are some of its critical steps. Choose two.
A. Awareness and training material effectiveness.
B. Awareness and training material development.
C. Awareness and training material implementation.
D. Awareness and training program design.
B. Awareness and training material development.
D. Awareness and training program design.
212
As a program manager you are working with the project mangers regarding the procurement processes for their project. You have ruled out one contract type because it is considered to risky for the program. Which of the following is considered to be the most dangerous for the buyer.
A. Cost plus incentive fee
B. Fixed fee
C. Cost plus percentage of costs
D. Time and materials
C. Cost plus percentage of costs
213
As a network admin you watch a large number of people going in and out of areas with campus computers. You have had a problem with laptops being stolen. What is the most cost-effective method to prevent this.
A. Video surveillance on all areas with computers.
B. Use laptop locks.
C. Appoint a security guard.
D. Smart card access to all areas with computers.
. Use laptop locks.
214
Shoulder surfing is a type of in person attack in which the attacker gathers information about the premises of an organization. It is often performed by looking surreptitiously at the keyboard of an employee's computer while he is typing in his password at any access point such as a terminal / website. Which of the following is violated in a shoulder surfing attack.
A. Availability
B. Confidentiality
C. Integrity
D. Authenticity.
B. Confidentiality
215
Diacap applies to the acquisition, operations, and sustainment of any DoD system that collects, stores, transmit or processes unclassified or classified information since Dec. 1997. What phases are identified by Diacap. Choose all that apply.
A. System definition
B. Accreditation
C. Verification
D. Re-Accreditation
E. Validation
F. Identification
A. System definition
C. Verification
D. Re-Accreditation
E. Validation
216
Management has asked you to preform a risk audit and report back on the results. A project team member ask you what a risk audit is.
A. A risk audit is a review of all the risks that have yet to occur and what their probability of happening are.
B. A risk audit is a review of the effectiveness of their risk responses in dealing with identified risk and their root cause, as well as the effectiveness of the risk management process.
C. A risk audit is a review of all risk probability and impact for the risk, which are still present in the project, but which have not yet occurred.
D. A risk audit is a review of all the risk probability and impact for the risk, which are still present in the project, but which have not yet occurred.
B. A risk audit is a review of the effectiveness of their risk responses in dealing with identified risk and their root cause, as well as the effectiveness of the risk management process.
217
Which of the following steps are generally followed in computer forensic examinations. Choose three.
A. Acquire
B. Analyze
C. Authenticate
D. Encrypt
A. Acquire
B. Analyze
C. Authenticate
218
Which of the following methods can be helpful to eliminate social engineering threat. Choose Three.
A. Password policy.
B. Vulnerability Assessments.
C. Data Encryption.
D. Data Classification.
A. Password policy.
B. Vulnerability Assessments.
D. Data Classification.
219
You work as a security manager; you are conducting a security awareness campaign for your employees. Which of the following ideas will you consider the best when conducting a security awareness campaign?
A. Target system administrators and help desk.
B. Provide technical details on exploits.
C. Provide customized messages for different groups.
D. Target senior managers and business process owners.
C. Provide customized messages for different groups.
220
Which of the following rated systems of the orange book has mandatory protection of the TCB.
A. B rated.
B. C rated.
C. D rated.
D. A rated.
A. B rated.
221
Which of the following SDLC phases consists of the given security controls. Misuse Case Modeling Security Design and Architecture Review Threat and Risk Modeling Security Requirements and Test Cases Generation.
A. Design
B. Maintenance
C. Deployment
D. Requirements Gathering
A. Design
222
Which of the following liabilities is a third-party liability in which an individual maybe responsible for an action by another party.
A. Relational liability.
B. Engaged liability.
C. Contributory liability.
D. Vicarious liability.
D. Vicarious liability.
223
Which of the following plans is documented and organzied for emergency response, backup operation, and recovery maintained by an activity as part of it security program that will ensure the avalability of critical resources and facilitates the continuity of operations in an emergency situation.
A. Disaster recovery plan
B. Contingency plan
C. Continuity of operations plan
D. Business continuity plan
B. Contingency plan
224
The project manager is worried that the project stakeholders will want to change the project scope frequently. His fear is based on the many open issues in the project and how the resolution of these issues may lead to additional project changes on what documents are the project manager and stakeholders working in the scenario.
A. Communication and management plan
B. Change management plan
C. Issue log
D. Risk management plan
B. Change management plan
225
Which of the following refers to the ability to ensure that the data is not modified or tampered with?
A. Availability
B. Non-repudiation
C. Integrity
D. Confidentiality
C. Integrity
226
Which of the following anti-child pornography organizations helps local communitites to create programs and develop strategies to investigate child exploitation?
A. internet crimes against Children (ICAC)
B. Project safe childhood (PSC)
C. Anit-child porn organization
D. innocent images national initiative (IINI)
B. Project safe childhood (PSC)
227
Which of the following are known as the three laws of opsec. Choose three.
A. If you don't know the threat, how do you know what to protect.
B. If you don't know what to protect, how do you know you are protecting it.
C. If you are not protecting it the adversary wins.
D. If you don't know about your security resources, you cannot protect your network.
A. If you don't know the threat, how do you know what to protect.
B. If you don't know what to protect, how do you know you are protecting it.
C. If you are not protecting it the adversary wins.
228
In which of the following alternative processing sites is the backup facility maintained in a constant order, with full complement of servers, workstations, and communication links ready to assume the primary operations responsibility.
A. Mobile site
B. Cold site
C. Warm site
D. Hot site
D. Hot site
229
Which of the following is a name, symbol or slogan with which a product is identified.
A. Copyright
B. Trademark
C. Trade secret
D. Patent
B. Trademark
