Ethical Hacking 2.4.4

Charles found a song he wrote being used without his permission on YouTube. Which law will help him protect his work?

DMCA

Which of the following best describes a supply chain?

A company provides materials to another company to manufacture a product.

Heather has been hired t o work in a firm's cybersecurity division. Her role will include performing both offensive and defensive tasks. Which of the following roles applies to Heather?

A member of the purple team.

ABC company is in the process of merging with XYZ company. As part of the merger, a penetration test has been recommended. Testing the network systems, physical security, and data security have all been included in the scope of work. What else should be included in the scope of work?

Company culture

Which type of penetration test is required to ensure an organization is folowing federal laws and regulations?

Compliance-based

Which of the following best describes what FISMA does?

Defines ow federal government data, operations, and assets are handled.

Which of the following best describes a goal-based penetration test?

Focuses on the end results. The hacker determines the methods.

Michael is performing a penetration test for a hospital. Which federal regulation does Michael need to ensure he follows?

HIPAA

Which of the following best describes what SOX does?

Implements accounting and disclosure requirements that increase transparency.

Which of the following defines the security standards for any organization that handles cardholder information for any type of payment card?

PCI DSS

Which document explains the details of an objective-based test?

Scope of work

A goal based penetration test needs to have specific goals. Using SMART goals is extremely useful for this. What does SMART stand for?

Specific/Measurable/Attainable/Relevent/Timely

Which of the following is a limitation of relying on regulations?

They rely heavily on password policies.