254 ◾ Official (ISC)
2
® Guide to the ISSMP® CBK®
© 2011 by Taylor & Francis Group, LLC
10. What is the enterprise risk posture?
a. Intentionally assumed position of safeguards throughout the entire
organization
b. e probability of specic eventualities throughout the entire organization
c. e aggregation of all the safeguards and precautions that mitigate risk
d. e formal articulation of an intentionally assumed position on dealing
with potential negative impact
11. What is data exltration?
a. e unauthorized use of USB devices
b. e unauthorized transmission of data between departments
c. e unauthorized transmission of data into the organization from a service
provider
d. e unauthorized transmission of data out of the organization
12. Which of the following groups is not representative of the nine core security
principles?
a. Nonrepudiation, possession, utility
b. Authorized use, privacy, authorized access
c. Condentiality, integrity, authenticity
d. Availability, privacy, utility
13. Which of the following is true about a Security Compliance Management
Program (SCMP)?
a. Governance identies and enumerates all relevant security compliance
requirements. ese may include legislation, regulation, directives,
instructions, contractual obligations, and good business practice.
b. e planning function determines the appropriate steps to take to estab-
lish and maintain compliance. e results of planning will include a list
of necessary security technologies to insert in IT operations.
c. Implementation takes the policies, standards, procedures, and guide-
lines and inserts them into information technology systems. Deployment
makes compliance part of daily operations throughout the enterprise.
d. e role of adjudication is to resolve conicts in the best interest of enter-
prise senior management and executives.
14. Which of the following is false about system hardening?
a. System hardening is the elimination of known vulnerabilities, exploits,
and generally turning o or uninstalling unnecessary functions.
b. Each operating system, each version of the same operating system, and
each patch release of the same operating system may have a dierent pro-
cedure for hardening the system.
c. Disabling unused services will require OS parameter changes at the kernel
or registry level, or modications to services that initiate or run at startup.
d. None of the above.
15. What is the dierence between legislative management and litigation
management?
Overseeing Compliance of Security Operations ◾ 255
© 2011 by Taylor & Francis Group, LLC
a. Litigation management is the use of lobby groups by senior management
to establish working relationships with the local judiciary, and legislation
management is the use of lobby groups with Congress to inuence the
content of security laws.
b. Legislative management attempts to avoid litigation, and litigation man-
agement intends to minimize the negative eects on an organization in
the event of an incident.
c. Litigation management involves establishing working relationships
between senior management, security personnel, and the enterprise legal
department, and legislative management is the result of this working
relationship.
d. Litigation management comes before legislative management.
16. Which of the following is a true statement about digital policy management
(DPM)?
a. A digital policy infrastructure is the collection of policy managers, policy
clients, PDPs, and PEPs.
b. DPM is the process of creating and disseminating information tech-
nology (IT) policies.
c. DPM is the automated enforcement of policy on the network.
d. None of the above.
17. e most dangerous type of malware is
a. A spear phishing attack because it targets a specic weakness in people.
b. A zero-day exploit because it tries to exploit unknown or undisclosed
vulnerabilities.
c. A physical breach because it is the hardest to see coming.
d. An insider threat using a USB thumb-sucker attack because of unique
knowledge of the enterprise.
18. Which of the following statements about bots is false?
a. A bot is a type of malware that performs a specic function as directed
by the bot herder.
b. A bot is a term for software robot.
c. Successful penetration of a PC by a bot makes that PC part of a botnet.
d. A bot has a limited lifetime, typically less than 60 days, and must perform
its nefarious activities before it removes itself from the infected system.
19. What is the purpose of security policies?
a. To provide a description of acceptable behavior within the enterprise
b. To clearly convey the uses for security services and mechanisms within the
enterprise
c. To exert control over the organization by the security department
d. To provide a description of acceptable behavior with the intent of mini-
mizing risk to the organization
256 ◾ Official (ISC)
2
® Guide to the ISSMP® CBK®
© 2011 by Taylor & Francis Group, LLC
20. Which of the following is not a type of anomaly?
a. Breach
b. Event
c. Incident
d. Attack
References
DOE-NE-STD-1004-92, Department of Energy Guideline Root Cause Analysis Guidance
Document, February 1992 (standard is currently inactive, but still useful).
ISO 15489: 2001 Information and Documentation–Records Management, September 15, 2001.
NIST SP 800-53 Rev. 3, Recommended Security Controls for Federal Information Systems and
Organizations, August 2009.
Reichl, Peter and Wolfgang Haidegger, e Cumulus Assessment Module as General SLA
Evaluation Mechanism for Telecommunication Services, Telecommunications Research
Center (FTW), Vienna, 2004.
Willett, Keith D., Information Assurance Architecture, Auerbach Publications, June 2008.
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.