SANS.MGT414.Domain.09.Quiz.pdf
(
61 KB
)
Pobierz
MGT414 Domain 9 Quiz
Management 414: SANS CISSP® 10 Domains +S QUIZ - Domain 9
1. Which of the following types of information, if compromised, could adversely
affect the national interest or the conduct of federal initiatives?
a)
Technical information
b)
Administrative information
c)
Restricted data information
d)
Classified information
2. Of the following types of law, which type does NOT require law enforcement to
take action against an individual?
a)
Civil law
b)
Regulatory law
c)
Administrative law
d)
Criminal law
3. Using peer-to-peer file sharing software to download copyrighted material without
authorization would be a violation of several sections of ISC(2)'s Code of Ethics.
It would also be a violation of several of the Computer Ethics Institute's
"Commandments." Which of these commandments would NOT apply to this
situation?
a)
Thou shall not snoop around in other people's computer files.
b)
Thou shall not use a computer to steal.
c)
Thou shall not copy or use proprietary software for which you have not paid.
d)
Thou shall not appropriate other people's intellectual output.
e)
Thou shall use a computer in ways that ensure consideration and respect for your fellow humans.
4. In our interconnected world, there are five key issues of information ethics:
software piracy, data security and privacy, data integrity, human/product safety
and fairness/honesty. Who holds the GREATEST role in maintaining ethical
responsibility?
a)
Vendors, contractors, developers, managers and users all share an equal role.
b)
Hardware and software vendors
c)
Service contractors
d)
System developers and maintainers
5. There are often wide variations and differences in law between countries. Which
of the following legal characteristics are shared by Japan, Korea, Thailand and
Taiwan in respect to software development?
a)
None of these countries address the issue of patents for computer programs.
b)
All of these countries specify that both source and object code may be copyrighted.
c)
All of these countries have laws providing trade secret protection.
Page 1 of 5
Management 414: SANS CISSP® 10 Domains +S QUIZ - Domain 9
d)
None of these countries specify that both source and object code may be copyrighted.
e)
None of these countries have laws providing trade secret protection.
• f) All of these countries address the issue of patents for computer programs.
6. In a global information environment, it is important that we understand that the
laws we live by may vary in other markets. Which of the following represents the
current status of Brazilian law in respect to protection of proprietary information
assets?
a)
Computer software may be patented, hardware cannot.
b)
Patents are not necessary, as specific "trade secrets" laws provides protection.
c)
Computer hardware may be patented, software cannot.
d)
Both computer software and hardware may be patented.
e)
Neither computer software nor hardware may be patented.
7. Which of the following general types of law is also known as "tort" law?
a)
Criminal law
b)
Regulatory law
c)
Administrative law
d)
Civil law
8. In law, "burden of proof is the level to which the prosecution must "prove" guilt in
order to win a conviction. In which type of law is the necessary burden of proof "a
preponderance of evidence?"
a)
Administrative law
b)
Regulatory law
c)
Criminal law
d)
Civil law
9. All companies and corporations registered with the SEC (Securities and
Exchange Commission) are required to institute security programs. Which of the
following US regulations codifies this requirement?
a)
The Foreign Corrupt Practices Act
b)
Computer Security Act of 1987
c)
Fair Credit Reporting Act
d)
Computer Fraud and Abuse Act
10. Bad news - you have lost a civil case pertaining to your infringement of
someone's copyright and are now awaiting sentencing. In this type of case, which
of the following is NOT a possible result of your conviction?
a)
You may go to jail.
b)
You may have to pay compensatory damages.
c)
You may have to pay punitive damages.
Page 2 of 5
Management 414: SANS CISSP® 10 Domains +S QUIZ - Domain 9
d)
You may have to pay statutory damages.
e)
You may have to pay attorneys fees and court costs.
11. Which of the following is NOT a common difficulty in pursuing and prosecuting computer criminals across
international borders?
a)
Lack of universal cooperation
b)
Differences in interpretation of applicable laws
c)
Jail terms
d)
Outdated laws against fraud
12. Good news! You have won a civil case against an ex-employee that departed
with a large amount of proprietary data from your company upon his departure.
This data (which left on a single ZIP disk in the employee's pocket) related to a
new development project you expected to market for approximately $100,000.
However, you were unable to quantify to the jury what the intrinsic value of the
data itself really is, and no other company has "beaten you to the market." What is
the most likely amount of compensatory damages the jury will award in this
case?
a)
$5.00 - the value of the ZIP disk.
b)
$100,000 - your projected value of the project.
c)
$1,100,000 - the projected project value and punitive damages.
d)
$50,000 - half the amount of your actual loss.
13. Which of the following terms describes the right to protect the expression of
ideas?
a)
Patent
b)
Trade secret
c)
Copyleft
d)
Copyright
14. The minimum and customary practice of responsible protection of information assets is defined by
which of the following terms?
a)
Due Diligence
b)
Due Process
c)
Policy Management
d)
Due Care
15. Which of the following is considered to be one of the primary differences in official governmental privacy
regulations between the United States and the European Union?
a)
The European Union does not have a consistent overall privacy policy.
b)
The United States has no privacy policies.
c)
The United States does not have a consistent overall privacy policy.
d)
The European Union has no privacy policies.
Page 3 of 5
Management 414: SANS CISSP® 10 Domains +S QUIZ-Domain 9
e)
European Union privacy policies have no enforcement mechanism.
f)
United States privacy policies have no enforcement mechanism.
16. Using ISC2's Code of Ethics as a guideline, which of the following would be an
acceptable action?
a)
Hire employees from a competitor, who may know development plans.
b)
Use information you overheard from a competitor's conversation at a restaurant.
c)
Use competitor product comparison information from magazine reviews for advertising purposes.
d)
Obtain a competitor's mailing list or customer list.
17. What is the first thing an Information Systems Security Manager must understand
in order to create an environment that discourages computer abuse and
promotes ethical behavior?
a)
Motivations for ethical behavior
b)
Motivations for unethical behavior
c)
How to use system controls to prevent unethical behavior
d)
How to use rewards and punishment to control behavior
18. What is the official form of protection for a specific physical product?
a)
Trademark
b)
Trade Secret
c)
Copyright
d)
Patent
19. What would be the most appropriate protection level granted to proprietary
source code?
a)
Copyright
b)
Trade Secret
c)
Patent
d)
Trademark
20. What is the first step to be accomplished in a preliminary legal investigation?
a)
Gather evidence
b)
Determine if a crime has occurred
c)
Interview witnesses
d)
Inspect damage
21. In a computer forensics investigation, what of the following would be the crucial
first step to be performed?
a)
Authenticate file system
b)
Analyze data
c)
Disk image backup
Page 4 of 5
Management 414: SANS CISSP® 10 Domains +S QUIZ - Domain 9
d)
Search for hidden or encrypted files
e)
Perform disk integrity checking
22. What type of evidence is a common exception to the Hearsay Rule?
a)
Business records
b)
Overheard conversations
c)
Best evidence
d)
Second hand evidence
23. Which of the following is NOT one of the formal steps in the Evidence Life Cycle?
a)
Collection and identification
b)
Storage, preservation and transportation
c)
Interpretation
d)
Presentation in court
e)
Return to victim or owner
Page 5 of 5
Plik z chomika:
seo0
Inne pliki z tego folderu:
SANS.MGT414.Domain.01.Quiz.pdf
(61 KB)
SANS.MGT414.Domain.02.Quiz.pdf
(74 KB)
SANS.MGT414.Domain.03.Quiz.pdf
(67 KB)
SANS.MGT414.Domain.04.Quiz.pdf
(58 KB)
SANS.MGT414.Domain.05.Quiz.pdf
(65 KB)
Inne foldery tego chomika:
Audio Seminar
Course Books
Domain Quizes - Answers
Zgłoś jeśli
naruszono regulamin