Cybr 3300 Ch 1-6
When using the Governing for Enterprise Security (GES) program, an Enterprise Security Program (ESP) should be structured so that governance activities are driven by the organizations executive management, selected key stakeholders, as well as the _________
Board Risk committee
When using the Governing for Enterprise Security (GES) program, an Enterprise Security Program (ESP) should be structured so that governance activities are driven by the organization's executive management, select key stakeholders, as well as the ____________.
Board risk committee
Which of the following is NOT a step in the problem-solving process?
Build support among management for the candidate solution
What is not a step in the problem-solving process
Build support among management or candidate solution
Which of the following is a policy implementation model that addresses issues by moving from the general to the specific and is a proven mechanism for prioritizing complex changes
Bull's-eye model
An ISACA certification targeted at upper-level executives, including CISOs and CIOs, directors, and consultant with knowledge and experience in IT governance is known as the ___________
CGEIT
An ISACA certification targeted at upper-level executives, including CISOs and CIOs, directors, and consultants with knowledge and experience in IT governance is known as the __________
CGEIT
The __________ certification, considered to be one of the most prestigious certifications for security managers and CISOs, recognizes mastery of an internationally identified common body of knowledge (CBK) in InfoSec and is considered to be vendor neutral.
CISSP
The ______________ certification, considered to be one of the most prestigious certifications for security managers and CISOs, recognizes mastery of an internationally identified common body of knowledge (CBK) in InfoSec and is considered to be vendor neutral
CISSP
A model of InfoSec that offers a comprehensive view for data while being stored, processes, or transmitted is the _______
CNSS
A model of InfoSec that offers a comprehensive view of security for data while being stored, processed, or transmitted is the __________ security model.
CNSS
An ISACA certification targeted at IT professionals who are in careers that link IT management with enterprise risk management is known as the _________
CRISC
The individual responsible for the assessment, management, and implementation of information-protection activities in the organization is known as a(n) ____________.
Chief information security officer
Which of the following organizations put forth a code of ethics designed primarily for InfoSec professionals who have earned their certifications? The code includes the canon: Provide diligent and competent service to principals.
(ISC)2
Which organization put forth a code of ethics designed primarily for InfoSec professionals who have earned their certifications
(ISC)^2
Which of the following is a C.I.A. characteristic that ensures that only those with sufficient privileges and a demonstrated need may access certain information?
Confidentiality
Which of the following are instructional codes that guide the execution of the system when information is passing through it?
Configuration rules
The process of integrating the governance of the physical security and information security efforts is known in the industry as _______.
Convergence
A hacker who intentionally removes or bypasses software copyright protection designed to prevent unauthorized duplication or use is known as a
Cracker
Which of the following is the result of a U.S. led international effort to reduce the impact of copyright, trademark, and privacy infringement, especially via the removal of technological copyright protection measures?
DCMA
A _______ is an attack in which a coordinated stream of request is launched against a target from many locations at the same time
DDoS
What attack involves sending large numbers of connection or information request to a target
DDoS or DoS
Which of the following is the result of a US led international effort to reduce the impact of copyright, trademark, and privacy infringement, especially via the removal of technological copyright protection measures
DMCA
Which type of attack involves sending a large number of connection or information requests to a target?
Denial-of-service (DoS)
Which of the following is the study of the rightness and wrongness of intentions and motives as opposed to the rightness or wrongness of the consequences and is also known as duty or obligation based ethics
Deontological Ethics
Which of the following is the study of the rightness or wrongness of intentions and motives as opposed to the rightness or wrongness of the consequences and is also known as duty- or obligation-based ethics?
Deontological ethics
Which of the following ethical framework is the study of the choices that have been made by individuals in the past; attempting to answer the question, what do others think is right?
Descriptive Ethics
Which of the following is the best method for preventing an illegal or unethical activity
Deterrence
Which of the following organizations offers the Certified CISO (C|CISO) certification?
EC-Council
Which of the following organizations offers the Certified CISO(C | CISO) certification
EC-Council
Which policy is the highest level of policy and is usually created first
EISP
Which policy is the highest level of policy and is usually created first?
EISP
With policy, the most common distribution methods are hard copy and __________.
Electronic
__________ is the set of responsibilities and practices exercised by the board and executive management with the goal of providing strategic direction, ensuring that objectives are achieved, ascertaining that risks are managed appropriately, and verifying that the enterprise's resources are used responsibly.
Governance
____________ is the set of responsibilities and practices exercised by the board and executive management with the goal of providing strategic direction, ensuring that objectives are achieved, ascertain that risks are managed appropriately, and verifying that the enterprise resources are used responsibly
Governance
ISO 27014:2013 is the ISO 27000 series standard for
Governance of Information Security
ISO 27014:2013 is the ISO 27000 series standard for ____________.
Governance of information security
Which act requires organizations that retain health care information to use InfoSec mechanism to protect this information, as well as policies and procedures to maintain them
HIPPA
Which act requires organizations that retain health care information to use InfoSec mechanisms to protect this information, as well as policies and procedures to maintain them?
HIPPA
One form of online vandalism is _____ in which individuals interfere with or disrupt systems to protest the operations, policies, or actions of an organization of government agency.
Hacktivism
Which law addresses privacy and security concerns associated with the electronic transmission of PHI
Health Information Technology for Economic and Clinical Health Act
Which law addresses privacy and security concerns associated with the electronic transmission of PHI?
Health information technology for economic and clinical health act
The National Association of Corporate Directors (NACD) recommends four essential practices for boards of directors. Which of the following is NOT one of these recommended practices?
Hold regular meetings with the CIO to discuss tactical InfoSec planning
The National Association of Corporates Directors (NACD) recommends four essential practices for boards of directors. Which of the following is not one of these recommended practices
Hold regular meetings with the CIO to discuss tactical InfoSec planning
Which of the following is a network device attribute that may be used in conjunction with DHCP, making asset-identification this attribute difficult
IP address
Which of the following organizations is best known for its series of certifications targeted to information systems audit, information security, risk control and IT governance
ISACA
In large organizations, the InfoSec department is often located within an _________ division headed by the _________, who reports directly to the _________.
IT, CISO, CIO
In large organizations, the InfoSec department is often located within an ___________ division headed by the ____________, who reports directly to the _____________
IT, CISO, CIO
Which of the following is the first step in the process of implementing training?
Identify program scope, goals, and objectives.
Smaller organizations tend to spend approximately __________ percent of the total IT budget on security.
20
Smaller organizations tend to spend approximately ___________ percent of the total IT budget on security
20
Larger organizations tend to spend approximately ________ percent of the total IT budget on security
5
Larger organizations tend to spend approximately __________ percent of the total IT budget on security.
5
"4-1-9" is one form of an _____ fraud.
Advance fee
Sworn testimony that certain facts are in the possession of the investigating officer and that they warrant the examination of specific items located at a specific place is known as an
Affidavit
For an organization to manage its InfoSec risk properly, managers should understand how information is: collected, processed, transmitted
All of these are needed
Which of the following should be implemented in an InfoSec governance program
An InfoSec risk management methodology
Which of the following should be included in an InfoSec governance program?
An infoSec risk management methodology
A gathering of key reference materials is performed during which phase of the SecSDLC?
Analysis
A risk assessment is performed during which phase of the SecSDLC?
Analysis
An (ISC)^2 program geared toward individuals who want to take any of its certification exams obtaining the requisite experience for certification is the _________
Associate of (ISC)^2
IN digital forensics, all investigations follow the same basic methodology once permission to search and seize is received, beginning with __________
identifying relevant items for evidentiary value
In digital forensics, all investigations follow the same basic methodology once permission to search and seize is received, beginning with _________.
identifying relevant items of evidentiary value
An understanding of potential consequences of a successful attack on an information asset by a threat is known as
impact
In which phase of the SecSDLC must the team create a plan to distribute and verify the distribution of the policies?
implementation
The protection of confidentiality, integrity, and availability of data regardless of its location is known as __________ security.
information
Which of the following is a common element of the enterprise information security policy?
information on the structure of the InfoSec Organization
Which of the following is a common element of the enterprise information security policy
information on the structure of the InfoSec organization
Blackmail threat of informational disclosure is an example of which threat category?
information or trespass
The protection of confidentiality, integrity, and availability of data regardless of its location is known as ____________
information security
Which of the following is an advantage of the formal class method of training
interaction with trainer is possible
Which of the following is an advantage of the formal class method of training?
interaction with trainer is possible
What is not an origin used to categorize type of law? constitutional, regulator, statutory, international
international
Which of the following is NOT an origin used to categorize types of law?
international
A detailed outline of the scope of the policy development project is created during which phase of the SecSDLC
invesitgation
Which phase of the SecSDLC should see clear articulation of goals
invesitgation
Digital forensics can be used for two key purposes: ________ or _________
investigate allegations of digital malfeasance; perform root cause analysis
Digital forensics can be used for two key purposes: ________ or _________.
investigate allegations of digital malfeasance; perform root cause analysis
The __________ phase of the SecSDLC begins with a directive from upper management specifying the process, outcomes, and goals of the project as well as its budget and other constraints
investigation
The __________ phase of the SecSDLC begins with a directive from upper management specifying the process, outcomes, and goals of the project as well as its budget and other constraints.
investigation
What is the first phase of the SecSDLC?
investigation
Which phase of the SecSDLC should see support from senior management
investigation
A well-defined risk appetite should have the following characteristics EXCPET
is not limited by stakeholder expectations
Which type of security policy is intended to provide a common understanding of the purposes for which an employee can and cannot use a resource
issue-specific
Which of the following is true about a company's InfoSec awareness Web site
it should be tested with multiple browsers
Once the members of the RM framework team have been identified, the governance group should communicate all of these for the overall RM program EXCEPT:
its personnel structure
Any court can impose its authority over an individual or organization if it can establish which of the following?
jurisdiction
The organization can perform risk determination using certain risk elements, including all but which of the following
legacy cost of recovery
Which of the following is not a role of managers within the Communities of Interest controlling risk
legal management must develop corporate-wide standards
The probability that a specific vulnerability within an organization will be attacked by a threat is known as ___________
likelihood
There are three general categories of unethical behavior that organizations and society should seek to eliminate. What is not one of them
malice
There are three general categories of unethical behavior that organizations and society should seek to eliminate. Which of the following is NOT one of them?
malice
In the _______ attack, an attacker monitors packets from the network, modifies them, and inserts them back into the network
man-in-the-middle
Many organizations create a single document that combines elements of the ___________ SysSP and the _________ SysSP
management guidance, technical specification
Which of the following set the direction and scope of the security process and provide detailed instructions for its conduct
managerial controls
Which of the following distinctly identifies an asset and can be vital in later analysis of threats directed to specific models of certain devices or software components
manufacture's model or part number
The InfoSec needs of an organization are unique to all but which of the following organizational characteristics
market
The InfoSec needs of an organization are unique to all but which one of the following organizational characteristics?
market
Communications Security involves the protection of which of the following?
media, technology, and content
Communications security involes the protection of which of the following
media, technology, and content
Organizations classified as __________ may still be large enough to implement the multi tier approach to security, though perhaps with fewer dedicated groups and more functions assigned to each group.
medium-sized
Organizations classified as __________ may still be large enough to implement the multi-tiered approach to security, through perhaps with fewer dedicated groups and more functions assigned to each group
medium-sized
A formal approach to solving a problem based on a structured sequence of procedures, the use of which ensures a rigorous process and increases the likelihood of achieving the desired final objective. is known as a(n) ____________.
methodlogy
A formal approach to solving a problem based on a structures sequence of procedures, the use of which ensures a rigorous process and increases the likelihood of achieving the desired final objective is known as
methodology
The EISP must directly support the organization's ___________
mission statement
Which of the following explicitly declares the business of the organization and its intended areas of operations
mission statement
Which of the following explicitly declares the business of the organization and its intended areas of operations?
mission statement
The protection of voice and data componetns, connections, and content is know as _________ security
network
Access control list user privileges include all but which of these
operate
Which type of planning is used to organize the ongoing, day-to-day performance of tasks
operational
Which type of planning is used to organize the ongoing, day-to-day performance of tasks?
operational
What is the principle of management dedicated to the structuring of resources to support the accomplishment of objectives
organization
Which of the following is the principle of management dedicated to the structuring of resources to support the accomplishment of objectives?
organization
Which of the following variables is the most influential in determining how to structure an information security program?
organizational culture
Which of the following variables is the most influential in deterring how to structure an information security program
organizational culture
Which of the following is an example of technological obsolescence threat
outdated servers
An information security professional with authorization to attempt to gain system access in an effort to identify and recommend resolutions for vulnerabilities in those systems is known as a(n) __________.
penetration tester
An information security professional with the authorization to attempt t gain system access in an effort to identify and recommend resolutions for vulnerabilities in those systems is known as a
penetration tester
Which function of InfoSec Management encompasses security personnel as well as aspects of the SETA program
people
Which function of InfoSec Management encompasses security personnel as well as aspects of the SETA program?
people
Which of the following is NOT a primary function of Information Security Management: planning, protection, projects, performance
performance
GGG security is commonly used to describe which aspect of security
physical
GGG security is commonly used to describe which aspect of security?
physical
Which function needed to implement the information security program includes researching, creating, maintaining, and promoting information security plans
planning
Which function needed to implement the information security program includes researching, creating, maintaining, and promoting information security plans?
planning
Which of the following is the principle of management that develops, creates, and implements strategies for the accomplishment of objectives
planning
Which functions of InfoSec management seeks to dictate behavior within the organization through a set of organizational guidelines
policy
Which of the following functions of Information Security Management seeks to dictate certain behavior within the organization through a set of organizational guidelines?
policy
According to NIST SP 800-18, Rev.1, which individual is responsible for the creation, revision, distribution, and storage of the policy
policy administrator
Which of the following is NOT one of the basic rules that must be followed when developing a policy
policy should be focused on protecting the organization form public embarrassment
The penalties related to the National Information Infrastructure Protection Act of 1996 depends on whether the offense is judged to have been committed for one of the following reasons except which of the following? commercial advantage, financial gain, political advantage, furtherance of criminal act
political advantage
_________ devices often pose special challenges to investigators since they can be configured to use advanced encryption and they can be wiped by the user even when the user is not present.
portable
Which of the following is a recogontiion that data used by an organization should only be used for the purposes stated by the information owner at the times it was collected
privacy
Which of the following is recognition that data used by an organization should only be used for the purposes stated by the information owner at the time it was collected?
privacy
Which subset of civil law regulates the relationship among individuals and organizations
private
Which subset of civil law regulates the relationships among individuals and among individuals and organizations?
private
Risk Management Framework included all of the following EXCEPT:
process contingency planning
The risk management framework includes all of the following except
process contingency planning
Which of the following attributes does NOT apply to software information assests
product dimensions
What should you be armed with to adequately assess potential weakness in each information asset
properly classified inventory
Policy is only enforceable and legally defensible if it uses a process that assures repeatable results and conforms to each of the following EXCEPT is true and __________.
properly conceived
Policy is only enforceable and legally defensible if it uses a process that assures repeatable and conforms to each of the following except is true and _________
properly concieved
IT's focus is the efficient and effective delivery of information and administration of information resources, while InfoSec's primary focus is the __________ of all information assets.
protection
ITs focus is the efficient and effective delivery of information and administration of information resources, while InfoSec's primary focus is the __________ of all information assets
protection
The hash values for a wide variety of passwords is stored in a database known as a __________________ which can be indexed and quickly searched using the hash value allowing the corresponding plaintext password to be determined.
rainbow table
What is the final step in the risk identification process
ranking assets in order of importance
What is not an approach to password cracking: ransomware, brute force, dictionary attacks, social engineering
ransomware
an attack that uses phishing techniques along with specialized forms of malware to encrypt the victim's data files is known as _____?
ransomware
To be certain that employees understand the policy, the document must be written at a reasonable ___________, with minimal of technical jargon and management terminology
reading level
What is the SETA program designed to do
reduce the occurrence of accidental security breaches
What is the SETA program designed to do?
reduce the occurrence of accidental security breaches
Once an information asset is identified, categorized, and classified, what must also be assigned to it?
relative value
The risk to information assets that remains even after current controls have been applied
residual risk
What is a disadvantage of one-to-one training method
resource intensive, to the point of being inefficient
Which of the following is a disadvantage of the one-on-one training method?
resource intensive, to the point of being inefficient
What is compensation for a wrong committed by an individual or organization
restitution
Which of the following is compensation for a wrong committed by an individual or organization?
restitution
The quantity and nature of risk that organizations are willing to accept as they evaluate the trade-offs between perfect security and unlimited accessibility is know as
risk appetite
The identification, analysis and evaluation of risk in an organization describes which of the following
risk assessment
Which of the following functions includes identifying the sources of risk and may include offering advice on controls that can reduce risk?
risk assessment
Which of the following functions includes identifying the sources of risk and may include offering advise on controls that can reduce risk
risk assessment
The ____________ converts the instructions and perspectives provided to the RM framework team into cohesive guidance that structures and directs all subsequent risk management efforts
risk management policy
Which of the following is NOT among the typical columns in the risk rating worksheet
risk threshold
The assessment of the amount of risk an organization is willing to accept for a particular information asset
risk tolerance
Permission to search for evidentiary material at a specified location and/or seize items to return to the investigator's lab for examination is known as a
search warrant
Permission to search for evidentiary material at a specified location and/or to seize items to return to the investigator's lab for examination is known as a(n) _________.
search warrant
A specialized security administrator is responsible for performing systems development life cyber activities in the development of a security systems is knows as a
security analyst
A SETA program consists of three elements: security education, security training, and which of the following
security awareness
The individual accountable for ensuring the day-to-day operation of the InfoSec program, accomplishing the objectives identified by the CISO and resolving issues identified by technicians are known as a
security manager
The individual accountable for ensuring the day-to-day operation of the InfoSec program, accomplishing the objectives identified by the CISO and resolving issues identified by technicians are known as a(n) ____________.
security manager
This person would be responsible for some aspect of information security and report to the CISO; in smaller organizations, this title may be assigned to the only senior security administrators and is known as a
security manager
Qualified individuals who are tasked with configuring security technologies and operating other technical control systems are known as a(n) ____________.
security technician
Which of the following would most likely be responsible for configuring firewalls and IDPSs, implementing security software, and diagnosing and troubleshooting problems
security technician
Data classification schemes should categorize information assets based on which of the following
sensitivity and security needs
The unauthorized duplication and distribution of copyrighted software material
software piracy
Which of the following is NOT a task performed by the governance group during the governance group during the framework design phase, in cooperation with the framework team
specifying who will supervise and perform the RM process
A person or organization that has a vested interest in a particular aspect of planning or operation of the organization in this case, the information assets used in a particular organization is known as a
stakeholder
A person or organization that has a vested interest in a particular aspect of the planning or operation of the organization in this case, the information assets used in a particular organization is known as a(n) _________.
stakeholder
Which type of document is a more detailed statement of what must be done to comply with a policy
standard
Which type of document is a more detailed statement of what must be done to comply with a policy?
standard
Which type of planning is the primary tool in determining the long-term direction taken by an organization?
strategic
When creating a _______. each level of each division translates those goals into more specific goals for the level below it
strategic plan
When creating a __________, each level of each division translates those goals into more specific goals for the level below it.
strategic plan
A clearly directed __________ flows from top to bottom, and a systematic approach is required to translate it into a program that can inform andlead all members of the organization.
strategy
A clearly directed ___________ flows from top to bottom and a systematic approach is required to translate it into a program that can inform and lead all members of the organization
strategy
The first priority of the CISO and the InfoSec management team should be the __________.
structure of a strategic plan
Which of the following functions needed to implement the information security program evaluates patches used to close software vulnerabilities and acceptance testing of new systems to assure compliance with policy and effectiveness
systems testing
Which of the following functions needed to implement the information security program evaluates patches used to close software vulnerabilities and acceptance testing of new systems to assure compliance with policy and effectiveness?
systems testing
Which level of planning break down each applicable strategic goal into a series of incremental objectives
tactical
Which level of planning breaks down each applicable strategic goal into a series of incremental objectives?
tactical
A project manager who understands project management, personnel management, and InfoSec technical requirements is needed to fill the role of a(n) ____________.
team leader
Human error or failure can often be prevented with training and awareness programs, policy and _____.
technical controls
Human error or failure often can be prevented with training and awareness programs, policy, an ________
technical controls
Which of the following are the two general groups into which SysSPs can be separated
technical specification and managerial guidance
In the area of risk management, process communications is the necessary information flow within and between all of the following EXCEPT:
the corporate change control officer
Which act is a collection of statutes that regulates the interception of wire, electronic, and oral communications?
the electronic communications privacy act of 1986
An example of a stakeholder of a company includes all of the following EXCEPT:
the general public
Factors that affect the external context and impact the RM process, its goals, and its objectives include the following EXCEPT
the organization's governance structure
In addition to specifying acceptable and unacceptable behavior, what else must a policy specify
the penalties for violation of the policy
When an incident violates civil or criminal law, it is the organization's responsibility to notify the proper authorities; selecting the appropriate law enforcement agency depends on
the type of crime committed
When an incident violates civil or criminal law, it is the organization's responsibility to notify the proper authorities; selecting the appropriate law enforcement agency depends on __________.
the type of crime committed
When an incident violates civil or criminal law, it is the organizations responsibility to notify the proper authorities; selecting the appropriate law enforcement agency depends on __________
the type of crime committed
Which of the 12 Categories of Threats best describes a situation where the adversary removes data from a victim's computer?
theft
Which of the 12 categories of threats best describes a situation where the adversary removes' data from the victims computer
theft
Which of the following describes the primary reason the InfoSec department should NOT fall under the IT function?
there is a misalignment between the foals of the InfoSec department, which focuses on protecting information, and accessing information
Which of the following is true about the security staffing, budget, and needs of a medium-sized organization
they have larger information security needs than a small organization
Which of the following is true about the security staffing, budget, and needs of a medium-sized organization?
they have larger information security needs than a small organization
Any event or circumstance that has the potential to adversely affect operations and assets is known as a
threat
Any event or circumstance that has the potential to adversely affect operations and assets is known as a(n) __________.
threat
The risk assessment deliverable titled ___________ serves to rank-order each threat to the organizations information assets according to criteria developed by the organization
threat-severity weighted table analysis
What should the prioritized list of assets and their vulnerabilities and the prioritized list of threats facing the organization can be combines to create
threats-vulnerabilities-assets worksheet
Acts of _____ can lead to unauthorized real or virtual actions that enable information gatherers to enter premises or systems they have not been authorized to access
trespass
An estimate made by the manager using good judgement and experience can account for which factor of risk assessment?
uncertainty
The state of having limited or imperfect knowledge of a situation, making it less likely that organizations can successfully anticipate future events or outcomes is knows as
uncertainty
The final component of the design and implementation of effective policies is __________
uniform and impartial enforcement
Which of the following is an advantage of the user support group form of training
usually conducted in an informal social setting
Which of the following is a key advantage of the bottom-up approach to security implementation
utilizes the technical expertise of the individual administrators
Which of the following is a key advantage of the bottom-up approach to security implementation?
utilizes the technical expertise of the individual administrators
What is defined as specific avenues that threat agents can exploit to attack an information asset
vulnerabilities
A potential weakness in an asset or its defensive control systems is know as a
vulnerability
In which SDLC model does the work product from each phase transition into the next phase to serve as its starting point while allowing movement back to a previous phase should the project require it?
waterfall
Which of the following is NOT an aspect of access regulated by ACLs?
where the system is located
Which of the following is NOT an aspect of access regulates ACLs
where the system is located
Three options for placing the CISO in the organization, are generally driven by organizational size and include all of the following EXCEPT
within a division/department with conflict of interest
This collaborative support group began as a cooperative effort between the FBIs Cleveland field office and local technology professionals with a focus of protecting critical national infrastructure
InfraGard
According to the Corporate Governance Task Force (CGTF), during which phase in the IDEAL model and framework lay the groundwork for a successful improvement effort
Initiating
According to the Corporate Governance Task Force (CGTF), which phase in the IDEAL model and framework lays the groundwork for a successful improvement effort?
Initiating
Which of the following is a C.I.A characteristic that addresses the threat from corruption, damage, destruction, or other disruption of its authentic state
Integrity
Which of the following is a C.I.A. characteristic that addresses the threat from corruption, damage, destruction, or other disruption of its authentic state?
Integrity
Which phase of the SecSDLC should see support from senior management?
Investigation
According to Wood, which of the following are reasons the InfoSec department should report directly to top management
It fosters objectively and the ability to perceive what truly in the best interest of the organization as a whole
According to Wood, which of the following are reasons the InfoSec department should report directly to top management?
It fosters objectivity and the ability to perceive whats truely in the best interest of the organization as a whole
Which of the following is an attribute of a network built into the network interface
MAC address
In the _____ attack, an attacker monitors (or sniffs) packets from the network, modifies them, and inserts them back into the networks.
Man in the middle
Which of the following set the direction and scope of the security process and provide detailed instruction for its conduct?
Managerial controls
Another key U.S. federal agency is _________ which is responsible for coordinating, directing, and performing highly specialized activities to protect U.S. information systems and produce foreign intelligence information
National Security Agency
Another key U.S. federal agency is _________ which is responsible for coordinating, directing, and performing highly specialized activities to protect U.S. information systems and produce foreign intelligence information.
National Security Agency
The protection of voice and data components, connection, and content is known as _____security.
Network.
Which of the following is NOT a primary function of Information Security Management?
Performance
Which of the follow is the principal of management that develops, creates, and implements strategies for the accomplishment of objectives?
Planning
Which section of an ISSP should outline a specific methodology for the review and modification of the ISSP
Policy Review and Modification
Which section of an ISSP should outline a specific methodology for the review and modification of the ISSP?
Policy Review and modification
According to NIST SP 800-18, Rev. 1, which individual is responsible for the creation, revision, distribution, and storage of the policy?
Policy administrator
Which of the following is NOT one of the basic rules that must be followed when developing a policy?
Policy should be focused on protecting the organization from public embarrassment
_________ devices often pose special challenges to investigators since they can be configures to use advanced encryption and they can be wiped by the user even when the user is not present
Portable
Which of these denotes the overall structure of the strategic planning and design for the entirety of the organizations RM efforts
RM framework
Which of these denotes the identification, analysis, evaluation, and treatment of risk to information assets
RM process
The hash values for a wide variety of passwords can be stored in a database known as a(n) __________ which can be indexed and quickly searched using the hash value allowing the corresponding plaintext password to be determined
Rainbow table
Which of the following is NOT an approach to password cracking?
Ransomware (approaches are brute force, dictionary attacks, social engineering attacks)
What is the first step in the problem solving process
Recognize and define the problem
______________ is the risk assessment deliverable that assigns a value to each TVA triple, incorporating likelihood, impact, ad possibly a measure of uncertainty
Risk ranking worksheet
Which organization is best known for its series of technical InfoSec certifications through an entity known as Global Information Assurance Certification (GIAC)
SANS Institute
Technology services are usually arranged with an agreement defining the minimum service levels known as a
SLA
Technology services are usually arranges with an agreement defining minimum service levels known as a
SLA
Which of the following is the first step in the problem-solving process?
Select, implement and evaluate a solution
Which of the following is an information security governance responsibility of the Chief Information Security Officer?
Set security policy, procedures, programs and training
Which of the following is an information security governance responsibility of the Chief Information Security Officer
Set security policy, procedures, programs and traning
The unauthorized duplication, installations, or distribution of copyrighted computer software, which is a violation of intellectual property called _____.
Software piracy
Which of the following is true about planning
Strategic plans are used to create tactical plans.
Which of the following is true about planning?
Strategic plans are used to create tactical plans.
Which law requires mandatory periodic training in computer security awareness and accepted computer security practice for all employees who are involved with the management, us or operation of each federal computer systems
The Computer Security Act
Which act is a collection of statutes that regulate the interception of wire, electronic, and oral communications
The Electronic Communications Privacy Act of 1986
Which law requires mandatory periodic training in computer security awareness and accepted computer security practice for all employees who are involved with the management, use, or operation of each federal computer system?
The computer security act
Operations Security
The protection of the details of an organization's operations and activities
Factors that affect the internal context and impact the RM process, its goal, and its include the following EXCEPT
The threat environment - Threats, known vulnerabilities, attack vectors
Which of the following describes the primary reason that InfoSec department should NOT fall under the IT function
There is a misalignment between the goals of the InfoSec department, which focuses on protecting information, and the IT function, which focuses on efficiency in processing and accessing information
The basic outcomes of InfoSec governance should include all but which of the following
Time management by aligning resources with personnel schedules and organizational objectives
The basic outcomes of InfoSec governance should include all but which of the following?
Time management by aligning resources with personnel schedules and organizational objectives
_____ are malware programs that hide their true nature, and reveal their designed behavior only when activated.
Trojan horses
___________ are malware programs that hide their true nature
Trojan horses
What law extends protection to intellectual property, which includes published in electronic formats
U.S. Copyright Law
Which law extends protection to intellectual property, which includes words published in electronic formats?
U.S. copyright law
Which of the following is NOT among the three types of InfoSec policies based on NIST's special publication 800-14
User-specific security policies
Which of the following sections of the ISSP provides instructions on how to report observed or suspected policy infractions?
Violations of Policy
A potential weakness in an asset or its defensive control system(s) is known as a _____?
Vulnerability
_____________ is a simple project management planning tool
WBS
What defines the differences between a computer virus and a computer worm
Worms can make copies all by themselves but viruses need to attach to an existing program
Which statement defines the differences between a computer virus and a computer worm?
Worms can make copies all by themselves but viruses need to attach to an existing program on the host computer it replicates
What are the two approaches for controlling user authorization for the use of technology
access control lists and capability tables
What do audit logs that track user activity on an information system provide?
accountability
"4-1-9" is on form of a(n) _________ fraud
advance fee
Sworn testimony that certain facts are in the possession of the investigating officer and that they warrant the examination of specific items located at a specific place is known as a(n) _________.
affidavit
Which if the following is NOT a part of an information security program.
all of these are part of an information security program
Which of the following is NOT part of an information security program: technologies used, activates used, and personnel used in managing the risks of its information assets
all of these are part of an information security program
A risk assessment is performed during which phase of the SecSDLC
analysis
In which phase of the SecSDLC does the risk management task occur?
analysis
The ________ phase of the SecSDLC, the team studies the documents from earlier and looks at of relevant legal issues that could affect the design of the security solution
analysis
The __________ phase of the SecSDLC, the team studies the documents from earlier and looks at of relevant legal issues that could affect the design of the security solution.
analysis
The most complex part of an investigation is usually __________.
analysis for potential evidentiary material
The most complex part of an investigation is usually ___________
analysis for potential evidentiary material
Force majeure includes all of these EXCEPT:
armed robbery
Which of the following activities is part of the risk identification process
assigning a value to each information asset
An intentional or unintentional act that can damage or otherwise compromise information and the systems that support it is known as a(n) __________.
attack
The use of cryptographic certificates to establish Secure Sockets Layer (SSL) connections is an example of which process?
authentication
A process that defines what the user is permitted to do is know as _________
authorization
A process that defines what the user is permitted to do is known as __________?
authorization
Which of the following is a feature left behind by system designers or maintenance staff that allows quick access to a system at a later time by bypassing access controls?
back door
Which of the following is a feature left behind by the system designers or maintenance staff that allows quick access to a systems at a later time by bypassing access controls
back door
A more recent created area of law related to information security specifies a requirement for organization to notify affected parties when they have experiences a specific type of loss of information. This is commonly known as __________ law
breach
A more recently created area of law related to information security specifies a requirement for organizations to notify affected parties when they have experienced a specified type of loss of information. This commonly known as a __________ law.
breach
A 2007 Deloitte report found that enterprise risk management is a valuable approach that can better align security functions with the _________ while offering opportunities to lower costs
business mission
A 2007 Deloitte report found that enterprise risk management is a valuable approach that can better align security functions with the __________ while offering opportunities to lower costs.
business mission
The purpose of SETA is to enhance security in all but which of the following ways
by adding barriers
The purpose of SETA is to enhance security in all but which of the following ways?
by adding barriers
Which of the following activities is part of the risk evaluation process
calculating the severity of risks to which assets are exposed in their current setting
Which of the following is a disadvantage of the individual policy approach to creating and managing ISSPs
can suffer from poor policy dissemination, enforcement, and review
Which of the following is NOT one of the three general causes of unethical and illegal behavior
carelessness
Which of the following is NOT among the functions typically performed within the InfoSec department as a compliance enforcement obligation
centralized authentication
A high-level executive, such as a CIO or VP-IT, who will provide political support and influence for a specific project is known as a
champion
A high-level executive, such as a CIO or VP-IT, who will provide political support and influence for a specific project is known as a(n) _________.
champion
A senior executive who promotes the project and ensures its support, both financially and administratively, at the highest levels of the organization is needed to fill the role of a(n) ____________ on a development team.
champion
The individual responsible for the assessment, management, and implementation of information-protection activities is known as a ________
chief information security officer
Which ethical standard is based on the notion that life in community yields a positive outcome for the individual, requiring each individual to contribute to that community?
common good
Which unethical standard is based on the notion that life in community yields positive outcomes for individual, requiring each individual to contribute to the community
common good
Policy ____________ means the employee must agree to the policy
compliance
Classification categories must be mutually exclusive and which of the following
comprehensive
According to the C.I.A. triad, which of the following is the most desirable characteristic for privacy?
confidentiality
According to the CIA triad, what is the most desirable characteristic for privacy
confidentiality
Which of the following is a C.I.A characteristic that ensures that only those with sufficient privileges and a demonstrated need may access certain information
confidentiality
Which of the following are instructional codes that guide the execution's of the systems when information is passing through it
configuration rules
The process of integrating the governance of the physical security and information security efforts is known in the industry as __________.
convergence
A hacker who intentionally removes or bypasses software copyright protection designed to prevent unauthorized duplication or use is know as a ________
cracker
Rather than making efforts to conduct a detailed assessment of the cost recover form an attack when estimating the danger from possible threats, organizations often _________
create subjective ranking based on anticipated recovery costs
Which of the following is an advantage of one-to-one method of training
customized to the needs of the trainee
Individual who control, and therefore responsible for, the security and use of a particular set of information are known as ___________
data owners
Individuals who control, and are therefore responsible for, the security and use of a particular set of information are known as ____________.
data owners
Internal and external stakeholders such as customers, suppliers, or employees who interact with the information in support of their organization's planning and operations are known as ____________.
data users
Internal and external stakeholders such as customers, suppliers, or employees who interact with the information in support of their organizations planning and operations are known as
data users
Which of the following ethical frameworks is the study of the choices that have been made by individuals in the past; attempting to answer the question, what do others think is right?
descriptive ethics
The __________ phase of the SecSDLC, has team members create and develop the blueprint for security and develop critical contingency plans for incident response.
design
Which of the following is the best method for preventing an illegal or unethical activity? Examples include laws, policies and technical controls.
deterrence
Investigations involving the preservation, identification, extraction, documentation, and interpretation of computer media for evidentiary and root cause analysis is known as _________
digital forensics
Investigations involving the preservation, identification, extraction, documentation, and interpretation of computer media for evidentiary and root cause analysis is known as _________.
digital forensics
A __________ is an attack in which a coordinated stream of requests is launched against a target from many locations at the same time.
distributed denial-of-service
When an organization demonstrates that it is continuously attempting to meet the requirements of the market in which it operates, what is it ensuring
due dilligence
A process focused on the identification and location of potential evidence related to a specific legal action after it was collected through digital forensics is known as _________.
e-discovery
A process focused on the identification and locations of potential evidence related to specific legal action after it was collected through digital forensics is know as __________
e-discovery
With policy, the most common distribution methods are hard copy and __________
electronic
Which of the following is the most cost-effective method for disseminating security information and news to employees
emailed security newsletter
Which of the following is the most cost-effective method for disseminating security information and news to employees?
emailed security newsletter
According to the Corporate Governance Task Force (CGTF), during which phase in the IDEAL model and framework does the organization plan the specifics of how it will reach its destination?
establishing
Also known as "items of potential evidentiary value" , any information that could potentially support the organization's legal or policy-based case against a suspect is known as________
evidentiary material
Also known as "items of potential evidentiary value," any information that could potentially support the organization's legal or policy-based case against a suspect is known as _________.
evidentiary material
Writing a policy is not always as easy as it seems. However, the prudent security manager always scours available resources for ________ that may be adapted to the organization
examples
A technique used to compromise a system is known as a _________
exploit
A technique used to compromise a system.is known as a(n) _____.
exploit
What is no among the "deadly sins of software security"
extortion sins
Which of the following is not among the 'deadly sins of software security'?
extortion sins
A short-term interruption in electrical power availability is known as a _____
fault
A short-term interruption in electrical power availability is known as a _____.
fault
Which of the following is NOT a requirement for laws and policies to deter illegal or unethical activity
fear of humiliation
Which of the following is NOT a requirement for laws and policies to deter illegal or unethical activity?
fear of humiliation
The penalties for offenses related to the National Information Infrastructure Protection Act of 1996 depend on whether the offense is judged to have been committed for one of the following reasons except which of the following?
for political advantage
The coherent application of methodical investigatory techniques to collect, preserve, and present evidence of crimes in a court is known as
forensics
The coherent application of methodical investigatory techniques to collect, preserve, and present evidence of crimes in a court or court-like setting is known as _________.
forensics
To move the InfoSec discipline forward, organizations, should take all of the following steps except
form a committee and approve suggestions from the CISO
Laws, policies, and their associated penalties only provide deterrence if three conditions are present. Which of these is NOT one of them?
frequency of review
To move the InfoSec discipline forward, organizations should take all of the following steps EXCEPT:
from a committee and approve suggestions from the CISO
There are a number of methods for customizing training for users; two of the most common involve customizing by __________ and by __________.
functional background, skill level
There are a number of methods for customizing training for users; two of the most common involve customizing by ________________ and by _______________
functional background; skill level
The set of responsibilities and practices exercised by the board and executive management with the goal of providing strategic direction, ensuring that objectives are achieved, ascertaining that risks are managed appropriately, and verifying that the enterprise's resources are used responsibility is known as _________
governance
The set of responsibilities and practices exercised by the board and executive management with the goal of providing strategic direction, ensuring that objectives are achieved, ascertaining that risks are managed appropriately, and verifying that the enterprise's resources are used responsibly is known as __________.
governance
The letters GRC represent an approach to information security strategic guidance from a board of directors or senior management perspective and stands for __________, __________, and __________.
governance, risk management, compliance
The letters GRC represent an approach to information security strategic guidance from a board of directors or senior management perspective and stands for _________, __________, and ___________
governance, risk, and compliance
GGG security stands for what
guards, gates, and guns
One form of online vandalism is___________, in which individuals interfere with or disrupt systems to protest the operations, policies, or actions of an organization or government agency
hacktivism
Which of the following is NOT a step in the process of implementing training
hire expert consultants
Which of the following is NOT a step in the process of implementing training?
hire expert consultants
AS frustrating as viruses and worms are, perhaps more times and money is spent resolving virus__________
hoaxes
Which of the following is the first step in the process of implementing training
identify program scope, goals, and objectives
________ is the collection and analysis of information about an organizations business competitors, often though illegal or unethical means, to gain an unfair advantage over them
Industrial espionage
__________ is the collection and analysis of information about an organization's business competitors, often through illegal or unethical means, to gain an unfair edge over them.
Industrial espionage
___________ is the risk assessment deliverable that places each information asset into a ranked list according to its value based on criteria developed by the organization
Information asset value weighted table anaylsis
This collaborative support group began as a cooperative effort between the FBI's Cleveland field office and local technology professionals with a focus of protecting critical national infrastructure.
InfraGard
