Legal Regulation ComplianceInvestigation1.docx
《Legal Regulation ComplianceInvestigation1.docx》由会员分享,可在线阅读,更多相关《Legal Regulation ComplianceInvestigation1.docx(78页珍藏版)》请在冰豆网上搜索。
![Legal Regulation ComplianceInvestigation1.docx](https://file1.bdocx.com/fileroot1/2022-12/7/39e7d7be-2049-4f39-85fb-8acef9af04b8/39e7d7be-2049-4f39-85fb-8acef9af04b81.gif)
LegalRegulationComplianceInvestigation1
Legal,Regulation,Compliance,andInvestigation
TopofForm
1.Question:
246|Difficulty:
3/5|Relevancy:
3/3
Whichofthefollowingprovesordisprovesaspecificactthroughoraltestimonybasedoninformationgatheredthroughthewitness'sfivesenses?
o
directevidence
o
bestevidence
o
conclusiveevidence
o
hearsayevidence
A.Source:
KRUTZ,RonaldL.&VINES,RusselD.,TheCISSPPrepGuide:
MasteringtheTenDomainsofComputerSecurity,pages310.
Alsocheckout:
HARRIS,Shon,All-In-OneCISSPCertificationExamGuide,McGraw-Hill/Osborne,2002,chapter10:
Law,Investigation,andEthics(page678).
Contributors:
EricYandell,donmurdoch
Studyarea:
CISSPCBKdomain#9-Legal,Regulations,ComplianceandInvestigations
Coveredtopic:
Evidencetypesandadmissibility
Thisquestion©Copyright2003–2006EricYandell,cccure.org.
2.Question:
1210|Difficulty:
3/5|Relevancy:
3/3
Whatiscalledanexceptiontothesearchwarrantrequirementthatallowsanofficertoconductasearchwithouthavingthewarrantin-handifprobablecauseispresentanddestructionoftheevidenceisdeemedimminent?
o
EvidenceCircumstanceDoctrine
o
ExigentCircumstanceDoctrine
o
EvidenceofAdmissibilityDoctrine
o
ExigentProbableDoctrine
B.Source:
KRUTZ,RonaldL.&VINES,RusselD.,TheCISSPPrepGuide:
MasteringtheTenDomainsofComputerSecurity,2001,JohnWiley&Sons,Page313.
Contributors:
NickMackovski,ChristianVezina
Studyarea:
CISSPCBKdomain#9-Legal,Regulations,ComplianceandInvestigations
Coveredtopic:
Evidencecollectionandpreservation
Thisquestion©Copyright2003–2006NickMackovski,cccure.org.
3.Question:
1225|Difficulty:
2/5|Relevancy:
3/3
Lawenforcementagenciesmustgetawarranttosearchandseizeanindividual'sproperty,asstatedinthe_____Amendment.Privatecitizensarenotsubjecttoprotectingtheseamendmentrulesofothersunlesstheyareactingaspoliceagents.
o
First.
o
Second.
o
Third.
o
Fourth.
D.Thecorrectansweris:
Fourth.
AmericancitizensareprotectedbytheFourthAmendmentagainstunlawfulsearchandseizure,solawenforcementagenciesmusthavecauseandrequestasearchwarrantfromajudgeorcourtbeforeconductingsuchasearch.
Lastmodified8/27/2007-J.Hajec
ThankstoBoWeeksforprovidinganupdatetotheresource.
Comment:
Resource:
HARRIS,Shon,All-In-OneCISSPCertificationExamGuide,ThirdEdition,McGraw-Hill/Osborne,2005(Page786)
.
Contributor:
NickMackovski
Studyarea:
CISSPCBKdomain#9-Legal,Regulations,ComplianceandInvestigations
Coveredtopic:
Evidencecollectionandpreservation
Thisquestion©Copyright2003–2006NickMackovski,cccure.org.
4.Question:
230|Difficulty:
5/5|Relevancy:
3/3
Whichofthefollowingprovidesfordatacollectionlimitations,thequalityofdata,specificationsofthepurposefordatacollection,limitationsofdatause,participationbytheindividualonwhomthedataisbeingcollected,andaccountabilityofthedatacontroller?
o
1980OrganizationforEconomicCooperationandDevelopment(OECD)Guidelines
o
1974U.S.PrivacyAct
o
1970U.S.FairCreditReportingAct
o
1973U.S.CodeofFairInformationPractices
A.Source:
KRUTZ,RonaldL.&VINES,RusselD.,TheCISSPPrepGuide:
MasteringtheTenDomainsofComputerSecurity,pages305-307.
Contributor:
EricYandell
Studyarea:
CISSPCBKdomain#9-Legal,Regulations,ComplianceandInvestigations
Coveredtopics
(2):
Computerlaws,Evidencecollectionandpreservation
Thisquestion©Copyright2003–2006EricYandell,cccure.org.
5.Question:
1209|Difficulty:
4/5|Relevancy:
3/3
Thecriteriaforevaluatingthelegalrequirementsforimplementingsafeguardsistoevaluatethecost(C)ofinstitutingtheprotectionversustheestimatedloss(L)resultingfromtheexploitationofthecorrespondingvulnerability.Therefore,alegalliabilityexistswhen:
o
Co
Co
C>L
o
C>L-(residualrisk)
ResidualRiskseemscan’tbevaluedatmonetaryterms.Checkthebook.
A.Ifthecostislowerthantheestimatedloss(CSource:
KRUTZ,RonaldL.&VINES,RusselD.,TheCISSPPrepGuide:
MasteringtheTenDomainsofComputerSecurity,2001,JohnWiley&Sons,Page315.
Contributor:
NickMackovski
Studyarea:
CISSPCBKdomain#9-Legal,Regulations,ComplianceandInvestigations
Coveredtopic:
Legalliability
Thisquestion©Copyright2003–2006NickMackovski,cccure.org.
6.Question:
228|Difficulty:
3/5|Relevancy:
3/3
Whichofthefollowingaddressesindustrialandcorporateespionage?
o
1996U.SEconomicandProtectionofProprietaryInformationAct
o
GenerallyAcceptedSystemsSecurityPrinciples(GASSP)
o
1980OrganizationforEconomicCooperationandDevelopment(OECD)
o
1970U.S.RacketeerInfluencedandCorruptOrganizationAct(RICO)
A.Source:
KRUTZ,RonaldL.&VINES,RusselD.,TheCISSPPrepGuide:
MasteringtheTenDomainsofComputerSecurity,pages305-307.
Contributor:
EricYandell
Studyarea:
CISSPCBKdomain#9-Legal,Regulations,ComplianceandInvestigations
Coveredtopic:
Computerlaws
Thisquestion©Copyright2003–2006EricYandell,cccure.org.
7.Question:
1360|Difficulty:
3/5|Relevancy:
3/3
Whywouldamemorydumpbeadmissibleasevidenceincourt?
o
Becauseitisusedtodemonstratethetruthofthecontents.
o
Becauseitisusedtoidentifythestateofthesystem.
o
Becausethestateofthememorycannotbeusedasevidence.
o
Becauseoftheexclusionaryrule.
B.Amemorydumpcanbeadmittedasevidenceifitactsmerelyasastatementoffact.Asystemdumpisnotconsideredhearsaybecauseitisusedtoidentifythestateofthesystem,notthetruthofthecontents.Theexclusionaryrulementionsthatevidencemustbegatheredlegallyoritcan'tbeused.Thischoiceisadistracter.
Source:
ANDRESS,Mandy,ExamCramCISSP,Coriolis,2001,Chapter10:
Law,Investigation,andEthics(page187).
Lastmodified07/02/2007,RonHehemann
Comment:
Rememberthisisareallivesnapshotofthesystem
Contributor:
ChristianVezina
Studyarea:
CISSPCBKdomain#9-Legal,Regulations,ComplianceandInvestigations
Coveredtopic:
Evidencetypesandadmissibility
Thisquestion©Copyright2003–2006ChristianVezina,cccure.org.
8.Question:
1520|Difficulty:
4/5|Relevancy:
3/3
WhichofthefollowingEuropeanUnion(EU)principlespertainingtotheprotectionofinformationonprivateindividualsisincorrect?
o
Individualshavetherighttocorrecterrorscontainedintheirpersonaldata.
o
Datashouldbeusedonlyforthepurposesforwhichitwascollected,andonlyforareasonableperiodoftime.
o
Transmissionofpersonalinformationtootherorganizationsorindividualsisprohibited.
o
Individualsareentitledtoreceiveareportontheinformationthatisheldaboutthem.
C.Informationcollectedaboutanindividualcannotbedisclosedtootherorganizationsorindividualsunlessauthorizedbylaworbyconsentoftheindividual.Also,transmissionofpersonalinformationtolocationswhere"equivalent"personaldataprotectioncannotbeassuredisprohibited.
Source:
KRUTZ,RonaldL.&VINES,RusselD.,TheCISSPPrepGuide:
MasteringtheTenDomainsofComputerSecurity,JohnWiley&Sons,2001,Chapter9:
Law,Investigation,andEthics(page302).
Contributor:
ChristianVezina
Studyarea:
CISSPCBKdomain#9-Legal,Regulations,ComplianceandInvestigations
Coveredtopic:
Protectionofpersonalinformation
Thisquestion©Copyright2003–2006ChristianVezina,cccure.org.
9.Question:
716|Difficulty:
5/5|Relevancy:
2/3
WhichofthefollowingmadetheftNOlongerrestrictedtophysicalconstraints?
o
TheElectronicEspionageActof1996.
o
TheGrammLeachBlileyActof1999.
o
TheComputerSecurityActof1987.
o
TheFederalPrivacyActof1974.
A.Thecorrectansweris'TheElectronicEspionageActof1996'madetheftnolongerrestrictedtophysicalconstraints.
Theotheranswersareincorrectbecause:
'TheGrammLeachBlileyActof1999'isincorrectasitdealswithfinancialinstitutions.
'TheComputerSecurityActof1987'isincorrectbecauseitdealswithfederalagencies.
'TheFederalPrivacyActof1974'isincorrectbecauseitalsodealswithfederalagencies.
Source:
HARRIS,Shon,All-In-OneCISSPCertificationExamGuide,McGraw-Hill/Osborne,2002,Chapter10:
Law,Investigation,andEthics(page691).
LastModified-18/09/07-SGKrishnan
Comment:
TheElectronicEspionageActof1996madetheftnolongerrestrictedtophysicalconstraints.Assetscouldalsobeviewedasintangibleobjectsthatcanalsobestolenordisclosedordisclosedviatechnologymeans.TheGrammLeachBlileyActdealswithfinancialinstitutionsandtheComputerSecurityActandFederalPrivacyActdealwithfederalagencies.
Contributor:
ChristianVezina
Studyarea:
CISSPCBKdomain#9-Legal,Regulations,ComplianceandInvestigations
Coveredtopic:
Computerlaws
Thisquestion©Copyright2003–2006ChristianVezina,cccure.org.
10.Question:
715|Difficulty:
4/5|Relevancy:
3/3
Whichofthefollowingoutlinedhowseniormanagementareresponsibleforthecomputerandinformationsecuritydecisionsthattheymakeandwhatactuallytookplacewithintheirorganizations?
o
TheComputerSecurityActof1987.
o
TheFederalSentencingGuidelinesof1991.
o
TheEconomicEspionageActof1996.
o
TheComputerFraudandAbuseActof1986.
B.In1991,U.S.FederalSentencingGuidelinesweredevelopedtoprovidejudgeswithcoursesofactionindealingwithwhitecollarc