ISA 3300 Chapter 2

This collaborative support group began as a cooperative effort between FBI's Cleveland office and local technology professionals with a focus of protecting critical national infrastructure. a. InfraGard b. Homeland Security c. CyberWatch d. CyberGard

a. infragard

Which of the following is the best method for preventing an illegal or unethical activity? a. remediation b. deterrence c. persecution d. rehabilitation

b. deterrence

Which of the following is compensation for a wrong committed by an individual or organization? a. liability b. restitution c. due diligence d. jurisdiction

b. restitution

which of the following organizations put forth a code of ethics designed primarily for infosec professionals who have earned their certifications? a. (ISC)2 b. ACM c. SANS d. ISACA

a. (ISC)2

The most complex part of an investigation is usually___________. a. analysis for potential EM b. protecting potential EM c. requesting potential EM d. preventing the destruction of potential EM

a. analysis for potential EM

Investigations involving the preservation, identification, extraction, documentation and interpretation of computer media for evidentiary and root cause analysis are known as__________? a. digital forensics b. criminal investigation c. crime scene investigation d. e-discovery

a. digital forensics

A process focused on the identification and location of potential evidence related to a specific legal action after it is collected through digital forensics is known as: a. e-discovery b. forensics c. indexing d. root cause analysis

a. e-discovery

Also known as "items of potential evidentiary value," any information that could potentially support the organization's legal or policy-based case against a suspect is known as _________. a. evidentiary material b. digital forensics c. evidence d. e-discovery

a. evidentiary material

In digital forensics, all investigations follow the same basic methodology once permission to search and seize is received, beginning with______. a. identifying relevant items of evidentiary value b. acquiring (seizing) the evidence without alteration or damage c. analyzing the data without risking modification or unauthorized access d. investigating allegations of digital malfeasance

a. identifying relevant items of evidentiary value

which act is a collection of statutes that regulates the interception of wire, electronic and oral communications? a. The Electronic Communications Privacy Act of 1986 b. The Telecommunications Deregulation and Competition Act of 1996 c. National Information Infrastructure Protection Act of 1996 d. Federal Privacy Act of 1974

a. the Electronic Communications Privacy Act of 1986

The coherent application of methodical investigatory techniques to collect, preserve and present evidence of crimes in a court or court-like setting is known as__________? a. evidentiary material b. forensics c. crime scene investigation d. data imaging

b. forensics

Digital forensics can be used for two key purposes: ________ and _______ a. e-discovery; to perform root cause analysis b. to investigate allegations of digital malfeasance; to perform root cause analysis c. to solicit testimony; to perform root cause analysis d. to investigate allegations of digital malfeasance; to solicit testimony

b. to investigate allegations of digital malfeasance; to perform root cause analysis

which law addresses privacy and security concerns associated with the electronic transmission of PHI? a. USA PATRIOT Act of 2001 b. American Recovery and Reinvestment Act c. Health Information Technology for Economic and Clinical Health Act d. National Information Infrastructure Protection Act of 1996

c. Health information technology for economy and clinical health act

The penalties for offenses related to the National Information Infrastructure Protection act of 1996 depend on whether the offense is judged to have been committed for several reasons. Which of the following is NOT one of those reasons? a. For purposes of commercial advantage b. For private financial gain c. For political advantage d. In furtherance of a criminal act

c. for political advantage

Another key U.S. federal agency is _______, which is responsible for coordinating, directing, and performing highly specialized activities to protect U.S information systems and produce foreign intelligence information. a. InfraGard b. Homeland Security c. the National Security Agency d. the Federal Bureau of Investigation

c. the National Security Agency

which of the following is the result of a U.S led international effort to reduce the impact of copyright, trademark, and privacy infringement, especially via the removal of technological copyright protection measures? a. U.S. Copyright Law b. PCI DSS c. European Council Cybercrime Convention d. DMCA (Digital Millennium Copyright Act (DMCA))

d. DMCA (Digital Millennium Copyright Act (DMCA))

Which of the following is the study of the rightness or wrongness of intentions and motives as opposed to the rightness or wrongness of the consequences (aka duty or obligation-based ethics)? a. Applied ethics b. Meta-ethics c. Normative ethics d. Deontological ethics

d. Deontological ethics

Which law requires mandatory periodic training in computer security awareness and accepted computer security practice for all employees who are involved with the management, use or operation of a federal computer system? a. The Telecommunications Deregulation and Competition Act b. National Information Infrastructure Protection Act c. Computer Fraud and Abuse Act d. The Computer Security Act

d. The Computer Security Act

Which ethical standard is based on the notion that life in community yields a positive outcome for the individual, requiring each individual to contribute to that community? a. utilitarian b. virtue c. fairness or justice d. common good

d. common good

Which of the following is NOT a requirement for laws and policies to deter illegal or unethical activity? a. fear of penalty b. probability of being penalized c. probability of being caught d. fear of humiliation

d. fear of humiliation

_________ devices often pose special challenges to investigators because they can be configured to use advanced encryption and they can be wiped by the user even when the user is not present. a. Portable b. Desktop computer c. Expansion d. Satellite transceiver

a. portable

When an incident violates civil or criminal law, it is the organization's responsiblity to notify the proper authorities; selecting the appropriate law enforcement agency depends on__________. a. the type of crime committed b. how many perpetrators were involved c. the network provider the hacker used d. what kind of computer the hacker used

a. the type of crime committed

Which of the following ethical frameworks is the study of choices that have ben made by individuals in the past? a. Applied ethics b. Descriptive ethics c. Normative ethics d. Deontological ethics

b. Descriptive ethics

Which law extends protection to intellectual property, which includes words published in electronic formats? .a. Freedom of Information Act b. U.S. Copyright Law c. Security and Freedom through Encryption Act d. Sarbanes-Oxley Act

b. US copyright law

A more recently created area of law related to information security specifies a requirement for organizations to notify affected parties when they have experienced a specified type of information loss. This is commonly known as _______ law. a. notification b. breach c. spill d. compromise

b. breach

any court can impose its authority over an individual or organization if it can establish which of the following? a. jurisprudence b. jurisdiction c. liability d. sovereignty

b. jurisdiction

There are three general categories of unethical behavior that organizations and society should seek to eliminate. Which of the following is NOT one of them? a. ignorance b. malice c. accident d. intent

b. malice

Which act requires organizations that retain health care information to use InfoSec mechanisms to protect this information, as well as policies and procedures to maintain them? a. ECPA b. Sarbanes-Oxley c. HIPAA d. Gramm-Leach-Bliley

*c. HIPAA

which subset of civil laws regulates the relationships among individuals and among individuals and organizations? a. tort b. criminal c. private d. public

c. private

Permission to search for evidentiary material at a specified location and/or to seize items to return to the investigator's lab for examination is known as a(n) _________ a. subpoena b. forensic clue c. search warrant d. affidavit

c. search warrant

Sworn testimony that certain facts are in the posession of the investigating officer and that they warrant the examination of specific items located at a specific place is know as a(n): a. subpoena b. forensic finding c. search warrant d. affidavit

d. Affidavit

which of the following is NOT used to categorize some types of law? a. constitutional b. regulatory c. statutory d. international

d. international