IAS Final
Devaki is a network engineer. She is diagnosing an issue with a small business customer's wireless local area network (WLAN). She knows the Institute of Electrical and Electronics Engineers (IEEE) has created the standards involved in various network technologies. While WLAN standards cover a wide array of subsets, which general standard does she need to consult that addresses all WLANs?
802.11
Which of the following is not true of mobile devices and forensics?
Although options are available for breaking mobile device access controls, there is no guarantee that you will be able to access the device's data without the owner's cooperation.
Under the Federal Information Security Management Act (FISMA) of 2002, which of the following broadens the scope of FISMA beyond a federal agency and is important because IT systems and functions are often outsourced?
An agency must protect the IT systems that support its operations even if another agency or contractor owns the IT systems.
In the Open Systems Interconnection (OSI) Reference Model, which layer has the user interface that displays information to the user?
Application
Hajar has been an (ISC) 2 Certified Information Systems Security Professional (CISSP) for 10 years. She would like to earn an advanced certification that demonstrates her ability in systems security engineering. Which of the following CISSP concentrations would meet Hajar's needs?
CISSP-ISSEP
Which of the following certifications cannot be used to satisfy the security credential requirements for the advanced Certified Internet Web Professional (CIW) certifications?
Certified Information Security Manager (CISM)
What certification focuses on information systems audit, control, and security professionals?
Certified Information Systems Auditor (CISA)
Which of the following certifications is considered the flagship International Information Systems Security Certification Consortium (ISC) 2 certification and targets middle- and senior-level managers?
Certified Information Systems Security Professional (CISSP)
Colin is a software developer. He would like to earn a credential that demonstrates to employers that he is well educated on software security issues. What certification would be most suitable for this purpose?
Certified Secure Software Lifecycle Professional (CSSLP)
Maria is an IT security professional for a large health care corporation. She has been working with the compliance team on a few projects and is expanding her skills to include risk management as well as control and assurance activities. What ISACA certification would be the best fit?
Certified in Risk and Information Systems Control (CRISC)
Betty visits a local library with her young children. She notices that someone using a computer terminal in the library is visiting pornographic websites. What law requires that the library filter offensive web content for minors?
Children's Internet Protection Act (CIPA)
Oscar is a network engineer. He is responsible for the networks and security protections, such as firewalls, in his local government agency. He is beginning a professional development journey and trying to determine an entry-level or associate-level security certification that is a good match with his current knowledge and skills. Which certification should he pursue?
Cisco Certified Network Associate (CCNA)
Which method of fault tolerance connects two or more computers to act like a single computer in a highly coordinated manner?
Clustering
Alan withdraws cash from an ATM belonging to Bank X that is coming from his account with Bank Y. What is Alan's relationship with Bank X?
Consumer
Which of the following should you avoid during a disaster and recovery?
Continue normal processes, such as separation of duties or spending limits
Which element is not a core component of the ISO 27002 standard?
Cryptography
Alan withdraws cash from an ATM belonging to Bank X that is coming from his account with Bank Y. What is Alan's relationship with Bank Y?
Customer
Which of the following provides IT and communications support to the White House, Secretary of Defense, and all military sectors that contribute to the defense of the United States of America?
Defense Information Systems Agency (DISA)
Which type of evidence helps explain other evidence and includes visual aids such as charts and graphs?
Demonstrative
Which of the following is not true of U.S. Department of Defense/military Directive (DoDD) 8140?
DoDD 8140 certifications are unique and will not include commercial certifications.
Which type of evidence is stored in a computer's memory, as well as on storage devices as in files, and must be accompanied by documentation that validates the evidence's authenticity?
Documentary
During which step of the incident-handling process should a lessons-learned review of the incident be conducted?
Documentation
Tonya is working with a team of subject matter experts to diagnose a problem with her system. The experts determine that the problem likely resides at the Transport Layer of the Open Systems Interconnection (OSI) model. Which functionality is the most likely suspect?
End-to-end communication maintenance
Which of the following is least likely to be needed when rebuilding systems that were damaged during a disaster?
Ensuring there are adequate operating system licenses
Which organization creates information security standards that specifically apply within the European Union (EU)?
European Telecommunications Standards Institute (ETSI) Cyber Security Technical Committee (TC CYBER)
Which of the following agencies is not involved in the Gramm-Leach-Bliley Act (GLBA) oversight process?
Federal Communications Commission (FCC)
Lin works for a large financial institution. She has been asked to create a written information security program, which must state how the institution collects and uses customer data and must describe the controls used to protect that data. She is also in charge of running the program, conducting a risk assessment to identify risks to customer information, and assessing current safeguards to make sure they are effective, among other tasks. Which of the following is she trying to comply with?
GLBA Safeguards Rule
Which certification program enables credential holders to earn a Gold credential through the acceptance of a technical paper that covers an important area of information security?
Global Information Assurance Certification (GIAC)
Gary is troubleshooting a security issue on an Ethernet network. He would like to look at the relevant Ethernet standard. What publication should he seek out?
IEEE 802.3
Juan comes across documentation from his organization related to several information security initiatives using different standards as their reference. Which International Organization for Standardization (ISO) standard provides current guidance on information security management?
ISO 27002
Oscar is a digital forensic specialist. He has been given a suspect hard disk that has been physically damaged. He wants to try to recover data. What is the first step he should take?
Install it in a test system
Bill is conducting an analysis of a new IT service. He would like to assess it using the Open Systems Interconnection (OSI) Reference Model and would like to learn more about this framework. What organization should he turn to for the official definition of OSI?
International Organization for Standardization (ISO)
Lin is a digital forensic specialist who works in a forensic lab. She is evaluating diagnostic forensic software to add to the lab's toolkit. She wants a tool that is open source that can also be used for penetration testing. Which tool should she choose?
Kali Linux
Which term describes a process that requires an organization to preserve and not alter evidence that may be used in court? This process can help ensure that normal data-handling procedures do not contaminate or even delete data that may be needed for a case.
Legal hold
Taylor is a security professional working for a retail company. She is revising the company's policies and procedures to meet Payment Card Industry Data Security Standard (PCI DSS) objectives. One change she has made is to require the use of antivirus software on all systems commonly affected by malware and to keep them regularly updated. Which PCI DSS control objective is she attempting to meet?
Maintain a vulnerability management program
Isabella is a digital forensic specialist. She wants to recover deleted data from a computer disk. The computer is currently running. Which process should she take to do so without accidentally overwriting any deleted data?
Make an image of memory, shut down the computer, attach the disk drive to a forensic lab device, and read the data from the disk
What is the average time a device will function before it fails?
Mean time to failure (MTTF)
During which step of the incident-handling process is the goal to contain the incident?
Notification
Which of the following is a digital forensics specialist least likely to need in-depth knowledge of?
Operating systems, such as Windows, Linux, and macOS
A computing device does not play which role in a crime?
Perpetrator
During which step of the incident-handling process do you develop a formal communication plan and identify all key stakeholders?
Preparation
What type of organizations are required to comply with the Sarbanes-Oxley Act (SOX)?
Publicly traded companies
Which of the following is not true of requests for comments (RFCs)?
RFCs may be modified.
Which data source comes first in the order of volatility when conducting a forensic investigation?
Random access memory (RAM)
Which type of evidence is any physical object that you can touch or otherwise directly observe, such as a hard drive?
Real
Arturo is an IT manager for a school district. He is planning recovery options for a small data center that supports teacher and classroom activities for 5 of the 21 schools in his district. Many school districts in his state use similar classroom technology. Arturo is looking for a temporary alternate site that would be easy to cut over to and is affordable. Which option is most likely to fit Arturo's needs?
Reciprocal center
Isabella is an IT security manager for a state agency. The agency can survive for nine hours without a functioning data center. The power goes out in her data center. It takes six hours to move data center operations to an alternate site. Which of the following describes the time it takes for the move?
Recovery time objective (RTO)
Which of the following items would generally not be considered personally identifiable information (PII)?
Social media post
Susan is a digital forensic examiner. She is investigating a case in which a driver has been accused of vehicular homicide. She has the driver's mobile device and cellular records. What type of mobile device evidence is most likely to reveal whether the driver was actively using a mobile device when the incident occurred?
Text messages
How are the Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry Data Security Standard (PCI DSS) alike?
They both have requirements that protect the confidentiality, integrity, and availability of data.
Marco is in a web development program. He is studying various web-related standards that apply to Cascading Style Sheets (CSS) and HyperText Markup Language (HTML). What authoritative source should he consult?
World Wide Web Consortium (W3C)
The ________ establishes that evidence was collected and handled using proper techniques and procedures, which is also a trusted method to determine the ________, or point of origin, of a piece of evidence.
chain of custody, provenance
