Questão 1
Questão
The categories of laws in the U.S. are:
Responda
-
Civil, criminal, administrative, and family
-
Intellectual, privacy, and computer crime
-
Criminal, civil, and administrative
-
Criminal, civil, and family
Questão 2
Questão
Trademarks, copyrights, and patents are all a part of:
Questão 3
Questão
An organization has developed a new type of printer. What approach should the organization take to protect this invention?
Responda
-
Trade secret
-
Copyright
-
Trademark
-
Patent
Questão 4
Questão
A financial services organization is required to protect information about its customers. Which of these laws requires this protection:
Questão 5
Questão
A suspect has been forging credit cards with the purpose of stealing money from their owners through ATM withdrawals. Under which U.S. law is this suspect most likely to be prosecuted?
Questão 6
Questão
Which U.S. law gives law enforcement organizations greater powers to search telephone, e-mail, banking, and other records?
Questão 7
Questão
The Payment Card Industry Data Security Standard (PCI DSS) requires encryption of credit card in which circumstances:
Responda
-
Stored in databases, stored in flat files, and transmitted over public and private networks
-
Stored in databases, and transmitted over public networks
-
Stored in databases, stored in flat files, and transmitted over public networks
-
Stored in databases, and transmitted over public and private networks
Questão 8
Questão
A security incident as defined as:
Responda
-
Unauthorized entry
-
Exposure of sensitive information
-
Theft of sensitive information
-
Violation of security policy
Questão 9
Questão
The phases of a comprehensive security incident plan are:
Responda
-
Declaration, triage, investigation, analysis, containment, recovery, debriefing
-
Investigation, analysis, containment, recovery, debriefing
-
Declaration, triage, containment, recovery, debriefing
-
Declaration, triage, investigation, analysis, documentation, containment, recovery, debriefing
Questão 10
Questão
A security manager has discovered that sensitive information stored on a server has been compromised. The organization is required by law to notify law enforcement. What should the security manager do first to preserve evidence on the server:
Questão 11
Questão
All of the following statements about a security incident plan are correct EXCEPT:
Responda
-
The plan should be tested annually
-
The plan should be reviewed annually
-
The plan should be published annually
-
Training on plan procedures should be performed annually
Questão 12
Questão
The purpose of a security incident debrief is all of the following EXCEPT:
Responda
-
Review of log files
-
Review of technical architecture
-
Review of operational procedures
-
Review of technical controls
Questão 13
Questão
Why would a forensic examiner wish to examine a computer’s surroundings during a forensic investigation?
Questão 14
Questão
A case of employee misconduct that is the subject of a forensic investigation will likely result in a court proceeding. What should included in the forensic investigation:
Responda
-
Legible notes on all activities
-
Law enforcement investigation
-
Chain of custody for all evidence
-
Dual custody for all evidence
Questão 15
Questão
The (ISC)2 code of ethics includes all of the following EXCEPT:
Responda
-
Provide diligent and competent service to principals
-
Protect society and the infrastructure
-
Act honorably, honestly, justly, responsibly, and legally
-
Advance and protect the profession
Questão 16
Questão
A security manager has been asked to investigate employee behavior on the part of a senior manager. The investigation has shown that the subject has suffered a serious lapse in judgment and has violate the organization’s code of conduct. The security manager has been asked to keep the results of the investigation a secret. How should the security manager respond?
Responda
-
Leak the results of the investigation to the media
-
Cover up the results of the investigation
-
Deliver the results of the investigation a recommendations for next steps to his superiors
-
Notify law enforcement
Questão 17
Questão
A forensics investigator has been asked to examine the workstation used by an employee who has been known to misbehave in the past. This investigation is related to more potential misconduct. What approach should the investigator take in this new investigation?
Responda
-
Approach this investigation objectively, without regard to the history of this employee’s conduct
-
Approach this investigation subjectively, given the history of this employee’s conduct
-
Assume the employee is guilty and search for evidence to support this
-
Assume the employee is innocent and search for evidence to refute this
Questão 18
Questão
The allegation that an employee has violated company policy by downloading child pornography onto a company workstation should result in:
Responda
-
Notification of affected customers
-
Termination of the employee
-
The declaration of a security incident
-
A forensic investigation and possible disciplinary action
Questão 19
Questão
An organization has developed its first-ever computer security incident response procedure. What type of test should be undertaken first?
Responda
-
Parallel test
-
Simulation
-
Walkthrough
-
Document review
Questão 20
Questão
An organization’s security incident management strategy consists of response procedures to be used when an incident occurs. What other measures should the organization undertake:
Responda
-
None
-
Develop proactive procedures to aid in incident prevention
-
Train selected personnel on incident response procedures
-
Partner with law enforcement on incident response procedures
Questão 21
Questão
The purpose of the containment step in a security incident response plan is:
Responda
-
To prevent the spread of the incident
-
To recover the affected system to its pre-incident state
-
To isolate the system
-
To collect evidence for possible disciplinary action or prosecution
Questão 22
Questão
The U.S. law that made sending unsolicited commercial e-mail illegal is:
Questão 23
Questão
The purpose of administrative laws in the U.S. is:
Responda
-
To define courtroom and law enforcement procedures
-
To define activities such as assault, arson, theft, burglary, bribery, and perjury
-
To define contract, tort, property, employment, and corporate law
-
To regulate the operation of U.S. government agencies
Questão 24
Questão
The U.S. Code defines:
Questão 25
Questão
The type of intellectual property law that protects a written work is known as:
Responda
-
Copyright
-
Trademark
-
Patent
-
Service mark