Business Continuity provides a planning methodology that allows continuity in business operations:

A.

Before and after a disaster

B.

Before a disaster

C.

Before, during and after a disaster

ADAM, an employee from a multinational company, uses his company’s accounts to send e-mails to a third party with their spoofed mail address. How can you categorize this type of account?

A.

Inappropriate usage incident

B.

Unauthorized access incident

C.

Network intrusion incident

D.

Denial of Service incident

Identify a standard national process which establishes a set of activities, general tasks and a management structure to certify and accredit systems that will maintain the information assurance (IA) and security posture of a system or site.

A.

NIASAP

B.

NIAAAP

C.

NIPACP

D.

NIACAP

According to the Fourth Amendment of USA PATRIOT Act of 2001; if a search does NOT violate a person’s “reasonable” or “legitimate” expectation of privacy then it is considered:

A.

Constitutional/ Legitimate

B.

Illegal/ illegitimate

C.

Unethical

D.

None of the above

The left over risk after implementing a control is called:

A.

Residual risk

B.

Unaccepted risk

C.

Low risk

D.

Critical risk

When an employee is terminated from his or her job, what should be the next immediate step taken by an organization?

A.

All access rights of the employee to physical locations, networks, systems, applications and data should be disabled

B.

The organization should enforce separation of duties

C.

The access requests granted to an employee should be documented and vetted by the supervisor

D.

The organization should monitor the activities of the system administrators and privileged users who have permissions to access the sensitive information

Digital evidence must:

A.

Be Authentic, complete and reliable

B.

Not prove the attackers actions

C.

Be Volatile

D.

Cast doubt on the authenticity and veracity of the evidence

Business continuity is defined as the ability of an organization to continue to function even after a disastrous
event, accomplished through the deployment of redundant hardware and software, the use of fault tolerant
systems, as well as a solid backup and recovery strategy. Identify the plan which is mandatory part of a
business continuity plan?

A.

Forensics Procedure Plan

B.

Business Recovery Plan

C.

Sales and Marketing plan

D.

New business strategy plan

An information security incident is

A.

Any real or suspected adverse event in relation to the security of computer systems or networks

B.

Any event that disrupts normal today’s business functions

C.

Any event that breaches the availability of information assets

D.

All of the above

Overall Likelihood rating of a Threat to Exploit a Vulnerability is driven by :

A.

Threat-source motivation and capability

B.

Nature of the vulnerability

C.

Existence and effectiveness of the current controls

D.

All the above

Which of the following is NOT one of the techniques used to respond to insider threats:

A.

Placing malicious users in quarantine network, so that attack cannot be spread

B.

Preventing malicious users from accessing unclassified information

C.

Disabling the computer systems from network connection

D.

Blocking malicious user accounts

Performing Vulnerability Assessment is an example of a:

A.

Incident Response

B.

Incident Handling

C.

Pre-Incident Preparation

D.

Post Incident Management