Question 1
Question
The categories of laws in the U.S. are:
Answer
-
Civil, criminal, administrative, and family
-
Intellectual, privacy, and computer crime
-
Criminal, civil, and administrative
-
Criminal, civil, and family
Question 2
Question
Trademarks, copyrights, and patents are all a part of:
Question 3
Question
An organization has developed a new type of printer. What approach should the organization take to protect this invention?
Answer
-
Trade secret
-
Copyright
-
Trademark
-
Patent
Question 4
Question
A financial services organization is required to protect information about its customers. Which of these laws requires this protection:
Question 5
Question
A suspect has been forging credit cards with the purpose of stealing money from their owners through ATM withdrawals. Under which U.S. law is this suspect most likely to be prosecuted?
Question 6
Question
Which U.S. law gives law enforcement organizations greater powers to search telephone, e-mail, banking, and other records?
Question 7
Question
The Payment Card Industry Data Security Standard (PCI DSS) requires encryption of credit card in which circumstances:
Answer
-
Stored in databases, stored in flat files, and transmitted over public and private networks
-
Stored in databases, and transmitted over public networks
-
Stored in databases, stored in flat files, and transmitted over public networks
-
Stored in databases, and transmitted over public and private networks
Question 8
Question
A security incident as defined as:
Answer
-
Unauthorized entry
-
Exposure of sensitive information
-
Theft of sensitive information
-
Violation of security policy
Question 9
Question
The phases of a comprehensive security incident plan are:
Answer
-
Declaration, triage, investigation, analysis, containment, recovery, debriefing
-
Investigation, analysis, containment, recovery, debriefing
-
Declaration, triage, containment, recovery, debriefing
-
Declaration, triage, investigation, analysis, documentation, containment, recovery, debriefing
Question 10
Question
A security manager has discovered that sensitive information stored on a server has been compromised. The organization is required by law to notify law enforcement. What should the security manager do first to preserve evidence on the server:
Question 11
Question
All of the following statements about a security incident plan are correct EXCEPT:
Answer
-
The plan should be tested annually
-
The plan should be reviewed annually
-
The plan should be published annually
-
Training on plan procedures should be performed annually
Question 12
Question
The purpose of a security incident debrief is all of the following EXCEPT:
Answer
-
Review of log files
-
Review of technical architecture
-
Review of operational procedures
-
Review of technical controls
Question 13
Question
Why would a forensic examiner wish to examine a computer’s surroundings during a forensic investigation?
Question 14
Question
A case of employee misconduct that is the subject of a forensic investigation will likely result in a court proceeding. What should included in the forensic investigation:
Answer
-
Legible notes on all activities
-
Law enforcement investigation
-
Chain of custody for all evidence
-
Dual custody for all evidence
Question 15
Question
The (ISC)2 code of ethics includes all of the following EXCEPT:
Answer
-
Provide diligent and competent service to principals
-
Protect society and the infrastructure
-
Act honorably, honestly, justly, responsibly, and legally
-
Advance and protect the profession
Question 16
Question
A security manager has been asked to investigate employee behavior on the part of a senior manager. The investigation has shown that the subject has suffered a serious lapse in judgment and has violate the organization’s code of conduct. The security manager has been asked to keep the results of the investigation a secret. How should the security manager respond?
Answer
-
Leak the results of the investigation to the media
-
Cover up the results of the investigation
-
Deliver the results of the investigation a recommendations for next steps to his superiors
-
Notify law enforcement
Question 17
Question
A forensics investigator has been asked to examine the workstation used by an employee who has been known to misbehave in the past. This investigation is related to more potential misconduct. What approach should the investigator take in this new investigation?
Answer
-
Approach this investigation objectively, without regard to the history of this employee’s conduct
-
Approach this investigation subjectively, given the history of this employee’s conduct
-
Assume the employee is guilty and search for evidence to support this
-
Assume the employee is innocent and search for evidence to refute this
Question 18
Question
The allegation that an employee has violated company policy by downloading child pornography onto a company workstation should result in:
Answer
-
Notification of affected customers
-
Termination of the employee
-
The declaration of a security incident
-
A forensic investigation and possible disciplinary action
Question 19
Question
An organization has developed its first-ever computer security incident response procedure. What type of test should be undertaken first?
Answer
-
Parallel test
-
Simulation
-
Walkthrough
-
Document review
Question 20
Question
An organization’s security incident management strategy consists of response procedures to be used when an incident occurs. What other measures should the organization undertake:
Answer
-
None
-
Develop proactive procedures to aid in incident prevention
-
Train selected personnel on incident response procedures
-
Partner with law enforcement on incident response procedures
Question 21
Question
The purpose of the containment step in a security incident response plan is:
Answer
-
To prevent the spread of the incident
-
To recover the affected system to its pre-incident state
-
To isolate the system
-
To collect evidence for possible disciplinary action or prosecution
Question 22
Question
The U.S. law that made sending unsolicited commercial e-mail illegal is:
Question 23
Question
The purpose of administrative laws in the U.S. is:
Answer
-
To define courtroom and law enforcement procedures
-
To define activities such as assault, arson, theft, burglary, bribery, and perjury
-
To define contract, tort, property, employment, and corporate law
-
To regulate the operation of U.S. government agencies
Question 24
Question
The U.S. Code defines:
Question 25
Question
The type of intellectual property law that protects a written work is known as:
Answer
-
Copyright
-
Trademark
-
Patent
-
Service mark