Question 1
The macro virus infects the key operating system files located in a computer's start up sector.
Question 1 options:
True
False

Question 2
Which function of InfoSec Management encompasses security personnel as well as aspects of the SETA program?
Question 2 options:
Projects
Policy
Protection
People

Question 3
Which of the following is NOT a primary function of Information Security Management?
Question 3 options:
Projects
Performance
Planning
Protection

Question 4
According to the C.I.A. triad, which of the following is a desirable characteristic for computer security?
Question 4 options:
Authentication
Authorization
Availability
Accountability

Question 5
Which of the following is NOT a step in the problem-solving process?
Question 5 options:
Gather facts and make assumptions
Select, implement and evaluate a solution
Analyze and compare possible solutions
Build support among management for the candidate solution

Question 6
A worm may be able to deposit copies of itself onto all Web servers that the infected system can reach, so that users who subsequently visit those sites become infected.
Question 6 options:
True
False

Question 7
"Shoulder spying" is used in public or semi-public settings when individuals gather information they are not authorized to have by looking over another individual's shoulder or viewing the information from a distance.
Question 7 options:
True
False

Question 8
As frustrating as viruses and worms are, perhaps more time and money is spent on resolving virus __________.
Question 8 options:
hoaxes
polymorphisms
false alarms
urban legends

Question 9
The first step in solving problems is to gather facts and make assumptions.
Question 9 options:
True
False

Question 10
Blackmail threat of informational disclosure is an example of which threat category?
Question 10 options:
Compromises of intellectual property
Espionage or trespass
Information extortion
Sabotage or vandalism

Question 11
Which of the following is the best example of a rapid-onset disaster?
Question 11 options:
Famine
Environmental degradation
Flood
Pest infestation

Question 12
Which type of document grants formal permission for an investigation to occur?
Question 12 options:
Forensic concurrence
Affidavit
Evidentiary report
Search warrant

Question 13
In which contingency plan testing strategy do individuals participate in a role-playing exercise in which the CP team is presented with a scenario of an actual incident or disaster and expected to react as if it had occurred?
Question 13 options:
Structured walk-through
Desk check
Parallel testing
Simulation

Question 14
ISO 27014:2013 is the ISO 27000 series standard for __________.
Question 14 options:
information security management
policy management
governance of information security
risk management

Question 15
Which document must be changed when evidence changes hands or is stored?
Question 15 options:
Affidavit
Search warrant
Evidentiary material
Chain of custody

Question 16
Which of the following allows investigators to determine what happened by examining the results of an event-criminal, natural, intentional, or accidental?
Question 16 options:
Forensics
E-discovery
Digital malfeasance
Evidentiary procedures

Question 17
Individuals who control, and are therefore responsible for, the security and use of a particular set of information are known as __________.
Question 17 options:
data users
data generators
data owners
data custodians

Question 18
What is the final stage of the business impact analysis when using the NIST SP 800-34 approach?
Question 18 options:
Identify resource requirements
Identify recovery priorities for system resources
Determine mission/business processes and recovery criticality
Identify business processes

Question 19
Which level of planning breaks down each applicable strategic goal into a series of incremental objectives?
Question 19 options:
Operational
Strategic
Organizational
Tactical

Question 20
Which of the following has the main goal of restoring normal modes of operation with minimal cost and disruption to normal business activities after an adverse event?
Question 20 options:
Risk management
Contingency planning
Disaster readiness
Module 3
Business response
Question 21
Which of the following are instructional codes that guide the execution of the system when information
Question 21 options:
configuration rules
user profiles
access control lists
capability tables

Question 22
A detailed outline of the scope of the policy development project is created during which phase of the SecSDLC?
Question 22 options:
Analysis
Implementation
Design
Investigation

Question 23
In addition to specifying the penalties for unacceptable behavior, what else must a policy specify?
Question 23 options:
The proper operation of equipment
What must be done to comply
Legal recourse
Appeals process

Question 24
Which of the following is NOT a step in the process of implementing training?
Question 24 options:
Motivate management and employees
Administer the program
Identify target audiences
Hire expert consultants

Question 25
Which of the following is an element of the enterprise information security policy?
Question 25 options:
Information on the structure of the InfoSec organization
Access control lists
Articulation of the organization's SDLC methodology
Indemnification of the organization against liability

Question 26
Which of the following is the most cost-effective method for disseminating security information and news to employees?
Question 26 options:
Security-themed Web site
Distance learning seminars
Conference calls
Security newsletter

Question 27
Which of the following is NOT among the three types of InfoSec policies based on NIST's Special Publication 800-14?
Question 27 options:
Enterprise information security policy
User-specific security policies
System-specific security policies
Issue-specific security policies

Question 28
Which of the following would be responsible for configuring firewalls and IDPSs, implementing security software, and diagnosing and troubleshooting problems?
Question 28 options:
A security analyst
The security manager
A security technician
A security consultant

Question 29
Which policy is the highest level of policy and is usually created first?
Question 29 options:
USSP
ISSP
EISP
SysSP

Question 30
Which of the following is NOT among the functions typically performed within the InfoSec department as a compliance enforcement obligation?
Question 30 options:
Centralized authentication
Policy
Risk management
Compliance/audit

Previous PageNext Page
Question 31
Which of the following is the primary purpose of ISO/IEC 27001:2005?
Question 31 options:
Use within an organization to ensure compliance with laws and regulations
Use within an organization to formulate security requirements and objectives
Implementation of business-enabling information security
To enable organizations that adopt it to obtain certification

Question 32
Which security architecture model is part of a larger series of standards collectively referred to as the "Rainbow Series"?
Question 32 options:
Bell-LaPadula
ITSEC
TCSEC
Common Criteria

Question 33
Under the Common Criteria, which term describes the user-generated specifications for security requirements?
Question 33 options:
Security Functional Requirements (SFRs)
Security Target (ST)
Protection Profile (PP)
Target of Evaluation (ToE)

Question 34
Which type of access controls can be role-based or task-based?
Question 34 options:
Nondiscretionary
Constrained
Discretionary
Content-dependent

Question 35
Which access control principle specifies that no unnecessary access to data exists by regulating members so they can perform only the minimum data manipulation necessary?
Question 35 options:
Need-to-know
Separation of duties
Eyes only
Least privilege

Question 36
The InfoSec measurement development process recommended by NIST is is divided into two major activities. Which of the following is one of them?
Question 36 options:
Identification and definition of the current InfoSec program
Regularly monitor and test networks
Compare organizational practices against organizations of similar characteristics
Maintain a vulnerability management program

Question 37
Which piece of the Trusted Computing Base's security system manages access controls?
Question 37 options:
Trusted computing base
Verification module
Covert channel
Reference monitor

Question 38
Which of the following is a possible result of failure to establish and maintain standards of due care and due diligence?
Question 38 options:
Legal liability
Baselining
Certification revocation
Competitive disadvantage

Question 39
Which access control principle limits a user's access to the specific information required to perform the currently assigned task?
Question 39 options:
Need-to-know
Eyes only
Least privilege
Separation of duties

Question 40
Which of the following specifies the authorization classification of information asset an individual user is permitted to access, subject to the need-to-know principle?
Question 40 options:
Task-based access controls
Discretionary access controls
Sensitivity levels
Security clearances