QuestionQuestion 1 (5 points)The macro virus infects the key operating system files located in a computer’s start up sector.Question 1 options:TrueFalseSaveQuestion 2 (5 points)Which function of InfoSec Management encompasses security personnel as well as aspects of the SETA program?Question 2 options:ProjectsPolicyProtectionPeopleSaveQuestion 3 (5 points)Which of the following is NOT a primary function of Information Security Management?Question 3 options:ProjectsPerformancePlanningProtectionSaveQuestion 4 (5 points)According to the C.I.A. triad, which of the following is a desirable characteristic for computer security?Question 4 options:AuthenticationAuthorizationAvailabilityAccountabilitySaveQuestion 5 (5 points)Which of the following is NOT a step in the problem-solving process?Question 5 options:Gather facts and make assumptionsSelect, implement and evaluate a solutionAnalyze and compare possible solutionsBuild support among management for the candidate solutionSaveQuestion 6 (5 points)A worm may be able to deposit copies of itself onto all Web servers that the infected system can reach, so that users who subsequently visit those sites become infected.Question 6 options:TrueFalseSaveQuestion 7 (5 points)"Shoulder spying" is used in public or semi-public settings when individuals gather information they are not authorized to have by looking over another individual’s shoulder or viewing the information from a distance.Question 7 options:TrueFalseSaveQuestion 8 (5 points)As frustrating as viruses and worms are, perhaps more time and money is spent on resolving virus __________.Question 8 options:hoaxespolymorphismsfalse alarmsurban legendsSaveQuestion 9 (5 points)The first step in solving problems is to gather facts and make assumptions.Question 9 options:TrueFalseSaveQuestion 10 (5 points)Blackmail threat of informational disclosure is an example of which threat category?Question 10 options:Compromises of intellectual propertyEspionage or trespassInformation extortionSabotage or vandalismSaveQuestion 11 (5 points)Which of the following is the best example of a rapid-onset disaster?Question 11 options:FamineEnvironmental degradationFloodPest infestationSaveQuestion 12 (5 points)Which type of document grants formal permission for an investigation to occur?Question 12 options:Forensic concurrenceAffidavitEvidentiary reportSearch warrantSaveQuestion 13 (5 points)In which contingency plan testing strategy do individuals participate in a role-playing exercise in which the CP team is presented with a scenario of an actual incident or disaster and expected to react as if it had occurred?Question 13 options:Structured walk-throughDesk checkParallel testingSimulationSaveQuestion 14 (5 points)ISO 27014:2013 is the ISO 27000 series standard for __________.Question 14 options:information security managementpolicy managementgovernance of information securityrisk managementSaveQuestion 15 (5 points)Which document must be changed when evidence changes hands or is stored?Question 15 options:AffidavitSearch warrantEvidentiary materialChain of custodySaveQuestion 16 (5 points)Which of the following allows investigators to determine what happened by examining the results of an event—criminal, natural, intentional, or accidental?Question 16 options:ForensicsE-discoveryDigital malfeasanceEvidentiary proceduresSaveQuestion 17 (5 points)Individuals who control, and are therefore responsible for, the security and use of a particular set of information are known as __________.Question 17 options:data usersdata generatorsdata ownersdata custodiansSaveQuestion 18 (5 points)What is the final stage of the business impact analysis when using the NIST SP 800-34 approach?Question 18 options:Identify resource requirementsIdentify recovery priorities for system resourcesDetermine mission/business processes and recovery criticalityIdentify business processesSaveQuestion 19 (5 points)Which level of planning breaks down each applicable strategic goal into a series of incremental objectives?Question 19 options:OperationalStrategicOrganizationalTacticalSaveQuestion 20 (5 points)Which of the following has the main goal of restoring normal modes of operation with minimal cost and disruption to normal business activities after an adverse event?Question 20 options:Risk managementContingency planningDisaster readinessModule 3Business responseQuestion 21 (5 points)Which of the following are instructional codes that guide the execution of the system when informationQuestion 21 options:configuration rulesuser profilesaccess control listscapability tablesSaveQuestion 22 (5 points)A detailed outline of the scope of the policy development project is created during which phase of the SecSDLC?Question 22 options:AnalysisImplementationDesignInvestigationSaveQuestion 23 (5 points)In addition to specifying the penalties for unacceptable behavior, what else must a policy specify?Question 23 options:The proper operation of equipmentWhat must be done to complyLegal recourseAppeals processSaveQuestion 24 (5 points)Which of the following is NOT a step in the process of implementing training?Question 24 options:Motivate management and employeesAdminister the programIdentify target audiencesHire expert consultantsSaveQuestion 25 (5 points)Which of the following is an element of the enterprise information security policy?Question 25 options:Information on the structure of the InfoSec organizationAccess control listsArticulation of the organization’s SDLC methodologyIndemnification of the organization against liabilitySaveQuestion 26 (5 points)Which of the following is the most cost-effective method for disseminating security information and news to employees?Question 26 options:Security-themed Web siteDistance learning seminarsConference callsSecurity newsletterSaveQuestion 27 (5 points)Which of the following is NOT among the three types of InfoSec policies based on NIST’s Special Publication 800-14?Question 27 options:Enterprise information security policyUser-specific security policiesSystem-specific security policiesIssue-specific security policiesSaveQuestion 28 (5 points)Which of the following would be responsible for configuring firewalls and IDPSs, implementing security software, and diagnosing and troubleshooting problems?Question 28 options:A security analystThe security managerA security technicianA security consultantSaveQuestion 29 (5 points)Which policy is the highest level of policy and is usually created first?Question 29 options:USSPISSPEISPSysSPSaveQuestion 30 (5 points)Which of the following is NOT among the functions typically performed within the InfoSec department as a compliance enforcement obligation?Question 30 options:Centralized authenticationPolicyRisk managementCompliance/auditSavePrevious PageNext PageQuestion 31 (5 points)Which of the following is the primary purpose of ISO/IEC 27001:2005?Question 31 options:Use within an organization to ensure compliance with laws and regulationsUse within an organization to formulate security requirements and objectivesImplementation of business-enabling information securityTo enable organizations that adopt it to obtain certificationSaveQuestion 32 (5 points)Which security architecture model is part of a larger series of standards collectively referred to as the “Rainbow Series”?Question 32 options:Bell-LaPadulaITSECTCSECCommon CriteriaSaveQuestion 33 (5 points)Under the Common Criteria, which term describes the user-generated specifications for security requirements?Question 33 options:Security Functional Requirements (SFRs)Security Target (ST)Protection Profile (PP)Target of Evaluation (ToE)SaveQuestion 34 (5 points)Which type of access controls can be role-based or task-based?Question 34 options:NondiscretionaryConstrainedDiscretionaryContent-dependentSaveQuestion 35 (5 points)Which access control principle specifies that no unnecessary access to data exists by regulating members so they can perform only the minimum data manipulation necessary?Question 35 options:Need-to-knowSeparation of dutiesEyes onlyLeast privilegeSaveQuestion 36 (5 points)The InfoSec measurement development process recommended by NIST is is divided into two major activities. Which of the following is one of them?Question 36 options:Identification and definition of the current InfoSec programRegularly monitor and test networksCompare organizational practices against organizations of similar characteristicsMaintain a vulnerability management programSaveQuestion 37 (5 points)Which piece of the Trusted Computing Base's security system manages access controls?Question 37 options:Trusted computing baseVerification moduleCovert channelReference monitorSaveQuestion 38 (5 points)Which of the following is a possible result of failure to establish and maintain standards of due care and due diligence?Question 38 options:Legal liabilityBaseliningCertification revocationCompetitive disadvantageSaveQuestion 39 (5 points)Which access control principle limits a user’s access to the specific information required to perform the currently assigned task?Question 39 options:Need-to-knowEyes onlyLeast privilegeSeparation of dutiesSaveQuestion 40 (5 points)Which of the following specifies the authorization classification of information asset an individual user is permitted to access, subject to the need-to-know principle?Question 40 options:Task-based access controlsDiscretionary access controlsSensitivity levelsSecurity clearancesSave