| < Day Day Up > |
|
1. | Which of the following groups are associated with the largest total amount of computer crimes?
|
|
2. | In order for computer crime related evidence to be admissible in court, it must be what?
|
|
3. | What is the first thing you should do if an intrusion has been detected within your organization?
|
|
4. | Following the proper custody chain of evidence helps to ensure what?
|
|
5. | Which of the following involves manipulating information before or when it is entered into a system?
|
|
6. | A software company has developed new code that will change the world. It is essential that the software's company competitor does not gain access to or use this code. What is the new code considered?
|
|
7. | Which computer crime category represents an individual whose primary goal is to access secured data and information just for the thrill of it?
|
|
8. | Which computer-related attack crime usually goes unnoticed based on the fact that it focuses on financial gains in tiny increments?
|
|
9. | What does RFC 1087 pertain to?
|
|
10. | Which act is concerned with the protection of information systems by deterring and obstructing terrorism?
|
|
11. | Computer crimes are classified into two main categories. What are they?
|
|
12. | Which of the following is considered the intentional misrepresentation of the truth in order to gain a business edge, financial profit, or something considered valuable?
|
|
13. | What does MOM stand for?
|
|
14. | This type of law has to do with wrongful doings between individuals or between businesses and individuals. Typically, it results in some sort of loss or damage. What type of law is it?
|
|
15. | A disgruntled computer savvy employee (or former employee) with a score to settle is most likely to use this as a way to get revenge?
|
|
16. | What do most businesses use to provide surveillance of entryways and exits?
|
|
17. | This law was enacted for the further protection of nonpublic personal information. Its main focus is to ensure that financial institutions have an obligation to protect the privacy of their customers by implementing and supporting technical, administrative, and physical safeguards. What is this law?
|
|
Answers
1. | Correct answer = C It's true; company employees represent the largest group or source of computer-related crime losses. Although business partners, hackers, and crackers often commit computer-related crimes, they do not represent the largest group. |
2. | Correct answer = D In order for computer crime evidence to be admissible in court, it must relevant to the specific crime that was committed. All other choices are invalid. |
3. | Correct answer = B In order to properly scope and handle an intrusion, the first step is always to assess the possible damage to what has been actually compromised. Answer A looks tempting. It might be on the real exam also; unfortunately, it is not the first step. All other answers are invalid. |
4. | Correct answer = B Following the proper custody chain of evidence helps to ensure that computer crime evidence will be admissible in court and lead to successful prosecution of guilty parties. All other answers are invalid. |
5. | Correct answer = A Data diddling is a computer crime that involves the changing or manipulation of data before or as the data is entered into a computing system. Typically, the data is changed back to original form after the crime has been committed. All other choices are invalid. |
6. | Correct answer = C A trade secret is proprietary company information. That secrecy is essential to the health and profitability of a company. A patent is a privilege or right of use that is specifically assigned by government to the creator. A copyright is the right to create and sell that is exclusive to the creator or owner of the copyright. Really neat HTML is nice, but it is not the answer here. |
7. | Correct answer = D The goal of the fun attacker is of a boastful nature. 'What can I get at?, 'How far can I get?' and 'Who can I tell how special I am for getting there?' are usually the interests of this individual or group. Terrorists utilize information systems and technology as tools to support their financial and other illegal and immoral activities. Grudge attacks are meant to cause damage to people and systems that the attacker doesn't like. Attacks on businesses and business systems are meant to reduce profits and undermine a company's reputation. |
8. | Correct answer = A A salami attack is a computer-related attack with intention of making a financial gain using very small increments of information and money that usually go unnoticed. Grudge attacks are meant to cause damage to people and systems that the attacker doesn't like. Attacks on businesses and business systems are meant to reduce profits and undermine a company's reputation. The goal of the fun attacker is of a boastful nature. 'What can I get at?,' 'How far can I get?,' and 'Who can I tell how special I am for getting there?' are usually the interests of this individual or group. |
9. | Correct answer = C RFC (Request For Comments) 1087 pertains to ethics and proper use of the Internet. The 1986 Computer Fraud and Abuse Act better defines the first computer security law created in 1984. All other choices are invalid. |
10. | Correct answer = B The U.S. Patriot Act addresses many of the growing concerns regarding the protection of information systems by deterring and obstructing terrorism is the U.S. The Electronic Communications Privacy Act prohibits eavesdropping by way of wire or oral communications without explicit permission. The Gramm-Leach-Bliley law ensures that financial institutions have an obligation to protect the privacy of their customers by implementing and supporting technical, administrative, and physical safeguards. |
11. | Correct answer = B Computer crimes are separated into in two categories. Crimes that are carried out against a computer and crimes committed using a computer. All other choices are invalid. |
12. | Correct answer = C Fraud is the intentional misrepresentation of the truth in order to gain a business edge, financial profit, or something considered valuable. Fraud can be also defined as trickery, deception, and lying in order to position oneself for illegal gain. Embezzlement is the illegal use of or stealing property that belongs to someone else that has been entrusted to your care. Software piracy is the illegal duplication, use, and distribution of software. Espionage is considered the act of spying on someone or something with the intent of gaining secret, personal, or classified information. |
13. | Correct answer = C Information security specialists and several security examinations (including the Security+ exam) use the acronym, MOM, to describe the 'why, when, and how' of computer crime crimes. MOM stands for Motive, Opportunity, Means. All other choices are invalid. |
14. | Correct answer = E Civil law has to do with wrongful doings between individuals or between businesses and individuals. Typically, it results in some sort of loss or damage. Administrative law pertains to and regulates government agencies, organizations and offices. Criminal law protects society from individuals or groups that violate laws enacted by the government. All other choices are invalid. |
15. | Correct answer = C Grudge attacks are usually launched from remote locations using existing VPN connections or in the form of a particular type of malicious code such as a logic bomb. Civil law has to do with wrongful doings between individuals or between businesses and individuals. This would be the constructive approach to handling existing differences between employee and employer. Data diddling is a computer crime that involves the changing or manipulation of data before or as the data is entered into a computing system. The chain of evidence custody is a documented report that identifies who has custody of evidence from beginning to end. Information security specialists and several security examinations (including the Security+ exam) use the acronym, MOM, to describe the 'why, when, and how' of computer crime crimes. |
16. | Correct answer = B Most businesses monitor entryways, exits, and access to secured locations through the use of Closed-Circuit Television (CCTV). Biometric devices, tokens, and smart cards are primarily used as authentication mechanisms. Guard dogs are used as physical deterrents or physical barriers. |
17. | Correct answer = D The Gramm-Leach-Bliley law ensures that financial institutions have an obligation to protect the privacy of their customers by implementing and supporting technical, administrative, and physical safeguards. The Electronic Communications Privacy Act prohibits eavesdropping by way of wire or oral communications without explicit permission. The U.S. Patriot Act addresses many of the growing concerns regarding the protection of information systems by deterring and obstructing terrorism is the U.S. Choice C and E are invalid selections. |
| < Day Day Up > |
|