CISSP CH1 || A+ Certified.
What is the final step of a quantitative risk analysis correct answers conduct a cost/benefit
analysis to determine whether organization should implement proposed countermeasure
Under DCMA, what type of offenses do not require prompt action by an internet service provider
after it received a notification of infringement claim from a copyright holder? correct answers
Transmission of information over the provider's network by customwe.
Provider are not responsible for Transitory activities of their users.
In 1991, the Federal Sentencing Guidelines formalized a rule that requires senior executives to
take personal responsibility for information security matters. What is the name of the rule?
correct answers Prudent man rule
It requires senior executives take personal responsibility for ensuring the due care that ordinary,
prudent individuals would excursive in the same situation. The rule originally applied to
financial matters, but the Federal Sentencing Guidenlies applied tehm to informaoon security
matters in 1991.
Which of the following is a compliment control to password? correct answers Finger print scan
-- something you are
password, username, PIN, Security questions -- something you know
What U.S. government agency has primary responsibility in adminstratering te terms of privacy
sheild agreements between EU and US under GDPR? correct answers Department of Commerce
The framework replaced an earlier framework known as Privacy Shield Agreement, which was
ruled insufficient in the wake int he NSA surveillance disclosures
, FISMA correct answers Federal Information Security Management Act -- apples to government
contractors,
GISRA correct answers The precursor to FISMA but expired in Nov 2002.
HIPPA correct answers Health Insurance Portability and Accountability Act of 1996
PCI DSS correct answers payment card industry data security standard - credit card, prevent
identity theft
GLBA (Gramm-Leach-Bliley Act) correct answers A U.S. law that requires banks and financial
institutions to alert customers of their policies and practices in disclosing customer information.
Chris is advising travelers from his organization who will be visiting different countries
overseas. He is concerned about compliance with export control laws. Which of the following
technologies is most likely to trigger these regulations? correct answers Encryption softwares
The export of encryption software to certain countries is regulated under US export control laws
Economic Espionage Act correct answers EEA imposes fines and jail sentences on anyone found
guilty of stealing trade secrets from a US corporation. it gives true teeth to the intellectual
property rights of trade secret owners
due care correct answers Individual should react in a situation using the same level of care that
would be expected from any reasonable person. It is a very broad standard.
due diligence correct answers Individual assigned a responsibility should exercise sue care to
complete it accuratelt and in a timely manner
What is the final step of a quantitative risk analysis correct answers conduct a cost/benefit
analysis to determine whether organization should implement proposed countermeasure
Under DCMA, what type of offenses do not require prompt action by an internet service provider
after it received a notification of infringement claim from a copyright holder? correct answers
Transmission of information over the provider's network by customwe.
Provider are not responsible for Transitory activities of their users.
In 1991, the Federal Sentencing Guidelines formalized a rule that requires senior executives to
take personal responsibility for information security matters. What is the name of the rule?
correct answers Prudent man rule
It requires senior executives take personal responsibility for ensuring the due care that ordinary,
prudent individuals would excursive in the same situation. The rule originally applied to
financial matters, but the Federal Sentencing Guidenlies applied tehm to informaoon security
matters in 1991.
Which of the following is a compliment control to password? correct answers Finger print scan
-- something you are
password, username, PIN, Security questions -- something you know
What U.S. government agency has primary responsibility in adminstratering te terms of privacy
sheild agreements between EU and US under GDPR? correct answers Department of Commerce
The framework replaced an earlier framework known as Privacy Shield Agreement, which was
ruled insufficient in the wake int he NSA surveillance disclosures
, FISMA correct answers Federal Information Security Management Act -- apples to government
contractors,
GISRA correct answers The precursor to FISMA but expired in Nov 2002.
HIPPA correct answers Health Insurance Portability and Accountability Act of 1996
PCI DSS correct answers payment card industry data security standard - credit card, prevent
identity theft
GLBA (Gramm-Leach-Bliley Act) correct answers A U.S. law that requires banks and financial
institutions to alert customers of their policies and practices in disclosing customer information.
Chris is advising travelers from his organization who will be visiting different countries
overseas. He is concerned about compliance with export control laws. Which of the following
technologies is most likely to trigger these regulations? correct answers Encryption softwares
The export of encryption software to certain countries is regulated under US export control laws
Economic Espionage Act correct answers EEA imposes fines and jail sentences on anyone found
guilty of stealing trade secrets from a US corporation. it gives true teeth to the intellectual
property rights of trade secret owners
due care correct answers Individual should react in a situation using the same level of care that
would be expected from any reasonable person. It is a very broad standard.
due diligence correct answers Individual assigned a responsibility should exercise sue care to
complete it accuratelt and in a timely manner
