The term “Forensic artifact” is used to describe an unintentional trace of an attacker activity that can be identified on a host or network. Forensic artifacts include information that can be extracted from (among other sources) registry keys (applies to MS Windows), event logs, timestamps, web browser search history, or files left in the system trash folder.
True
Which of the following can be used to validate the origin (provenance) of digital evidence? (Select 2 answers)
Hashing
Checksums
The process of searching, collecting, and securing electronic data with the intent of using it in a legal proceeding or investigation is known as:
** E-discovery **
E-discovery is a form of digital investigation that attempts to find evidence in email, business communications and other data that could be used in litigation or criminal proceedings. The traditional discovery process is standard during litigation, but e-discovery is specific to digital evidence.
The term “Non-repudiation” describes the inability to deny responsibility for performing a specific action. In the context of data security, non-repudiation ensures data confidentiality, provides the proof of data integrity, and proof of data origin.
False
Which of the following answers can be used to describe the category of managerial security controls? (Select 3 answers)
- Also known as administrative controls
- Focused on managing risk
- Documented in written policies
Which of the following examples fall into the category of managerial security controls? (Select 3 answers)
- Organizational security policy
- Risk assessments
- Vulnerability assessments
Which of the following answers can be used to describe the category of operational security controls (Select 3 answers)
- Focused on the day-to-day procedures of an organization
- Used to ensure that the equipment continues to work as specified
- Primarily implemented and executed by people (as opposed to systems)
Which of the following examples fall into the category of operational security controls? (Select 3 answers)
- Configuration management
- Data backups
- Awareness programs
Which of the following answers can be used to describe the category of technical security controls (Select 3 answers)
- Sometimes called logical security controls
- Executed by computer systems (instead of people)
- Implemented with technology
Which of the answers listed below refer to examples of technical security controls? (Select 3 answers)
- Encryption protocols
- Firewall ACLs
- Authentication protocols
What are the examples of preventive security controls? (Select 3 answers)
- Security guards
- System hardening
- Separation of duties
Which of the following answers refer to examples of detective security controls (Select all that apply)
- Log monitoring
- Security audits
- CCTV
- IDS
Which of the answers listed below refer to examples of corrective security controls? (Select all that apply)
- IPS
- Backups and system recovery
- Alternate site
- Fire suppression system
Examples of deterrent security controls include: (Select 3 answers)
- Warning signs
- Lighting
- Login banners
Which of the following answers refer to compensating security controls? (Select all that apply)
- Backup power system
- Sandboxing
- Temporary port blocking
- Temporary service disablement
The purpose of PCI DSS is to provide protection for:
Credit cardholder data
Which of the following examples do not fall into the category of physical security controls? (Select 3 answers)
- IDS/IPS
- Encryption protocols
- Firewall ACLs
Which of the following regulates personal data privacy of the European Union (EU) citizens?
** GDPR **
The General Data Protection Regulation (GDPR) is the European Union’s (EU) personal data protection law that aims to protect the privacy of EU citizens
Which of the following answers refers to a nonprofit organization focused on developing globally-recognized best practices for securing IT systems and data against cyberattacks?
** CIS **
The Center for Internet Security is a 501 nonprofit organization
A mandatory IT security and risk management framework for U.S. federal government developed by NIST is known as:
** RMF **
The Risk Management Framework (RMF), presented in NIST SP 800-37
Which of the following answers refers to a NIST’s voluntary framework outlining best practices for computer security?
** CSF **
The Cybersecurity Framework (CSF) is a set of cybersecurity best practices and recommendations from the National Institute of Standards and Technology (NIST).
An ISO/IEC standard defining requirements for information security management systems is known as:
** ISO/IEC 27001 **
ISO/IEC 27001 is an international standard to manage information security
Which of the following answers refers to an ISO/IEC standard providing code of practice for information security controls?
** ISO/IEC 27002 **
ISO 27002 is a compliance framework that lays down guidelines and security policies that are designed to assist any company to establish, manage, and enhance its data protection protocols
An extension to the ISO/IEC 27001 standard that focuses on privacy data management is called:
** ISO/IEC 27701 **
ISO 27701 was developed to provide a standard for data privacy controls, which, when coupled with an ISMS, allows an organisation to demonstrate effective privacy data management
