Exam 2 sec

. The CPMT conducts the BIA in three stages. Which of the following is NOT one of those stages

. All of these are BIA stages

Which if these is the primary reason contingency response teams should not have overlapping membership with one person on multiple teams?

. So individuals don't find themselves with different responsibilities in different locations at the same time.

Most common data backup schemes involve ______.

. both a and/or b

85. A ____ is a contractual document guaranteeing certain minimal levels of service provided by a vendor.

. service agreement

2. The most common schedule for tape-based backup is a _____ backup, either incremental or differential, with a weekly off-site full backup

12 hour

6. _____ is simply how often you expect a specific type of attack to occur.

ARO

66. The _____ is a respected professional society that was established in 1947. Today it is "the world's largest educational and scientific computing society

Association of Computing Machinery

The formal decision-making process used when considering the economic feasibility of implementing information security controls and safeguards is called a(n) _____.

CBA

. A(n) _____ is an authorization issued by an organization for the repair, modification, or update of a piece of equipment.

FCO

______is a professional association that focuses on auditing, control, and security. The membership comprises both technical and managerial professionals.

Information Systems Audit and Control

51. _____ addresses are sometimes called electronic serial numbers or hardware addresses.

MAC

. The Digital _____ Copyright Act is the American contribution to an international effort by the World Intellectual Properties Organization (WIPO) to reduce the impact of copyright, trademark, and privacy infringement.

Millennium

71. ____ uses a number of hard drives to store information across multiple drive units.

RAID

. _____ equals the probability of a successful attack multiplied by the expected loss from a successful attack plus an element of uncertainty.

Risk

. The first phase of the risk management process is ____

Risk identfication

60. In the 1999 study of computer use-ethics, which of the following countries reported the least tolerant attitudes toward misuse of organizational computing resources?

Singapore

42. The _____ defines stiffer penalties for prosecution of terrorism-related activities.

USA patriot act

Which of the following acts is a collection of statutes that regulate the interception of wire, electronic, and oral communications

a. Electronic Communications Privacy Act

46. What is the subject of the Computer Security Act of 1987?

a. Federal agency information security

50. Which of the following acts is also widely known as the Gramm-Leach-Bliley Act?

a. Financial Services Modernization Act

86. Each of the following is a role for the crisis management response team EXCEPT:

a. Informing local emergency services to respond to the crisis

Which type of organizations should prepare for the unexpected?

a. Organizations of every size and purpose should also prepare for the unexpected.

83. A potential disadvantage of a timeshare site-resumption strategy is:

a. more than one organization might need the facility

. In 2002, Congress passed the Federal Information Security Management Act (FISMA), which mandates that all federal agencies _____.

a. provide security awareness training

The maximum amount of time that a system resource can remain unavailable before there is an unacceptable impact on other system resources is ____.

a. recovery time objective (RTO)

The _____ risk treatment strategy is the choice to do nothing to protect a vulnerability and to accept the outcome of its exploitation.

acceptance

7. The sworn testimony that certain facts are in the possession of an investigating officer and that they warrant the examination of specific items located at a specific place is called a(n) _____.

affidavit

73. A(n) _____ is a document containing contact information for the people to be notified in the event of an incident.

alert roster

59. Risk _____ is a determination of the extent to which an organization's information assets are exposed to risk

analysis

45. Risk _____ defines the quantity and nature of risk that organizations are willing to accept as they evaluate the tradeoffs between perfect security and unlimited accessibility.

appetite

A threat _____ is an evaluation of the threats to information assets, including a determination of their likelihood of occurrence and potential impact of an attack.

assessment

Risk _____ is the identification, analysis, and evaluation of risk as initial parts of risk management.

assessment

56. What is the subject of the Sarbanes-Oxley Act?

b. Financial reporting

The Health Insurance Portability and Accountability Act of 1996, also known as the _____ Act, protects the confidentiality and security of health-care data by establishing and enforcing standards and by standardizing electronic data interchange

b. Kennedy-Kessebaum

. An organization aggregates all local backups to a central repository and then backs up that repository to an online vendor with a ____ backup strategy.

b. disk-to-disk-to-cloud

. The point in time before a disruption or system outage to which business process data can be recovered after an outage is ____.

b. recovery point objective (RPO)

8. The transfer of transaction data in real time to an off-site facility is called ____.

b. remote journaling

84. A ____ is an agency that provides physical facilities in the event of a disaster for a fee.

b. service bureau

. Individuals with authorization and privileges to manage information within the organization are most likely to cause harm or damage _____.

by accident

44. Which of the following acts defines and formalizes laws to counter threats from computer-related acts and offenses?

c. Computer Fraud and Abuse Act of 1986

0. The process of examining an adverse event or incident and determining whether it constitutes an actual disaster is known as _

c. disaster classification

The transfer of large batches of data to an off-site facility, usually through leased lines or services, is called ____.

c. electronic vaulting

. The unauthorized taking of person information with the intent of committing fraud and abuse of a person's financial and personal reputation, purchasing goods and services without authorization, and generally impersonating the victim for illegal or unethical purposes.is known as ___

c. identity theft

Information about a person's history, background, and attributes that can be used to commit identity theft is known as _____ information

c. personally identifiable

9. The detailed documentation of the collection, storage, transfer, and ownership of evidentiary material from the crime scene through its presentation in court and its eventual disposition. is called a(n) _____.

chain of eve

. The CPMT should include a _____ who is a high-level manager to support, promote, and endorse the findings of the project and could be the COO or (ideally) the CEO/president

champion

. Ideally, the _____, systems administrators, the chief information security officer (CISO), and key IT and business managers should be actively involved during the creation and development of all CP components

chief information officer (CIO)

38. _____ law comprises a wide variety of laws pertaining to relationships among individuals and organizations.

civil

81. A ____ site provides only rudimentary services and facilities.

cold

A fundamental difference between a BIA and risk management is that risk management focuses on identifying threats, vulnerabilities, and attacks to determine which controls can protect information, while the BIA assumes _____

d. All of the above

43. The National Information Infrastructure Protection Act of 1996 modified which act?

d. Computer Fraud and Abuse Act

53. The _____ attempts to prevent trade secrets from being illegally shared.

d. Economic Espionage Act

54. The _____ of 1999 provides guidance on the use of encryption and provides protection from government intervention.

d. Security and Freedom through Encryption Act

. The storage of duplicate online transaction data, along with the duplication of the databases, at a remote site on a redundant server is called _____.

d. database shadowing

76. A crime involving digital media, computer technology, or related components may best be called an act of _____.

d. digital malfeasance

5. The total amount of time the system owner or authorizing official is willing to accept for a business process outage or disruption is _____.

d. maximum tolerable downtime (MTD)

A(n) _____ scheme is a formal access control methodology used to assign a level of confidentiality to an information asset and thus restrict the number of people who can access it.

data classification

. Payment Card Industry _____ Standards are designed to enhance the security of customers' payment card account data

data security

The concept of competitive ____ refers to falling behind the competition.

disadvantage

. Understanding the _____ context means understanding the impact of elements such as the business environment, the legal/regulatory/compliance environment, as well as the threat environment.

external

5. _____ use allows copyrighted materials to be used to support news reporting, teaching, scholarship, and similar activities, if the use is for educational or library purposes, is not for profit, and is not excessive

fair use

50. Which of the following is NOT one of the categories recommended for categorizing information assets?

firmware

4. The risk management (RM) _____ is the overall structure of the strategic planning and design for the entirety of the organization's RM efforts.

framework

The Computer _____ and Abuse Act of 1986 is the cornerstone of many computer-related federal laws and enforcement efforts.

fraud

. According to the National Information Infrastructure Protection Act of 1996, the severity of the penalty for computer crimes depends on the value of the information obtained and whether the offense is judged to have been committed for each of the following except _____.

harass

. A resumption location known as a ____ is a fully configured computer facility capable of establishing operations at a moment's notice

hot site

62. There are three general causes of unethical and illegal behavior: _____, Accident, and Intent.

ignorance

63. Criminal or unethical _____ goes to the state of mind of the individual performing the act.

intent

. Understanding the _____ context means understanding elements that could impact or influence the RM process such as the organization's governance structure (or lack thereof), the organization's internal stakeholders, as well as the organization's culture

internal

58. In 2001, the Council of Europe drafted the European Council Cybercrime Convention, which empowers an international task force to oversee a range of security functions associated with _____ activities.

internet

. The probability that a specific vulnerability within an organization will be attacked by a threat is known as _____

likelihood

47. The Privacy of Customer Information Section of the common carrier regulation states that any proprietary information shall be used explicitly for providing services, and not for any _____ purposes.

marketing

. The _____ risk treatment strategy attempts to eliminate or reduce any remaining uncontrolled risk through the application of additional controls and safeguards

mitigation

64. Laws, policies, and their associated penalties only provide deterrence if which of the following conditions is present?

offenders fear the penalty, expect to be caught, and expect the penalty to be applied if they are caught.

Digital forensics involves the _____, identification, extraction, documentation, and interpretation of digital media

preservation

_________ law regulates the structure and administration of government agencies and their relationships with citizens, employees, and other governments

public

As each information asset is identified, categorized, and classified, a(n) _____ value must be assigned to it

relative

Risk _____ is the assessment of the amount of risk an organization is willing to accept for a particular information asset, typically synthesized into the organization's overall risk appetite.

tolerance

. The _____ risk treatment strategy attempts to shift risk to other assets, other processes, or other organizations

transference

Risk____ is the application of security mechanisms to reduce the risks to an organization's data and information systems.

treatment

57. Flaws or weaknesses in an information asset, security procedure, design, or control that can be exploited accidentally or on purpose to breach security are known as _____.

vulnerabilities

In the TVA worksheet, assets are placed into a matrix with threats and then the exposure of the assets to specific threats is explored by documenting _____.

vulnerabilities

In a _____, assets or threats can be prioritized by identifying criteria with differing levels of importance, assigning a score for each of the criteria, and then summing and ranking those scores.

weighted table analysis