Set 02

Question 1

Q21: Software programs are protected from illegal distribution under what law?
A. SPA
B. Trade Secret
C. Copyright
D. Trademark

Answer 1

C. Copyright

Question 2

Q22: What is NOT an aspect of Risk Communication with relation to compliance and accountability?
A. Involvement
B. Education
C. Password Policies
D. Training and inducement of behavior change

Answer 2

B. Education

Question 3

Q23: Renn defines three basic abstract elements which are at the core most risk assessment methods.
Which element is NOT part of Renn’s definition?
A. Possibility of occurrence (uncertainty)
B. Combination of outcomes and possibility of occurrence.
C. Relationship between risk and security
D. Outcomes that have an impact on what human’s value.

Answer 3

C. Relationship between risk and security

Question 4

Q24: Confidentiality based on the \_\_\_\_\_\_\_ of data, is meant to provide a way to control the extent to which an adversary can make inferences about users' sensitive information.
A. Encryption
B. Coding
C. Cryptography
D. Obfuscation

Answer 4

C. Cryptography

Question 5

Q25: Which is a type of onion router used to forward data making use of an anonymous communication network?
A. Exit
B. Entry
C. Middle
D. All of above

Answer 5

D. All of above

Question 6

Q26: There are many benefits to analyzing malware. First, we can understand the intended malicious activities to be carried out by the malware.
What is the benefit of understanding intended malicious activities?
A. This will not allow us to update our network and endpoint sensors to detect and block such activities.
B. This will help to identify which machines have malware and take corrective actions
C. This will let us remove the malware or even completely wiping the computer clean and reinstalling everything.
D. Both B and C are correct

Answer 6

D. Both B and C are correct

Question 7

Q27: The 1st dimension of our taxonomy is whether male is a standalone (or independent) program or just a sequence of instructions to be embedded in another program.
A. Complete software and its working depend on the type of compromised Operating System
B. It is an incomplete software and is used just for illustration of the Malware program life cycle.
C. An incomplete program and it needs the help of already installed programs to plan for attack.
D. A standalone Malware program is a compete software that can run on its own when installed on a target system and executed.

Answer 7

D. A standalone Malware program is a compete software that can run on its own when installed on a target system and executed.

Question 8

Q28: Flaws caused by humans frequently arise in design and code which lead to security vulnerabilities,  which discipline has made a big effort in minimizing these faults?
A. Information Technology Discipline
B. CISO
C. Security Architecture.
D. Software Engineering.

Answer 8

D. Software Engineering.

Question 9

Q29: What is a traditional method of obtaining custody of a cyber criminal who is not present within the state?
A. Extradition
B. Indictment
C . Impeachment
D. Recrimination

Answer 9

A. Extradition

Question 10

Q30: The injection of fake data points into data made available in order to hid real samples is called
A. Dummy addition
B. Data injection
C. Suppression
D. None of above

Answer 10

B. Data injection