Chapter 1: Security and Risk Management (Domain 1) 323
- B. There is no requirement that patents be for inventions made by American citizens.
Patentable inventions must, on the other hand, be new, nonobvious, and useful. - A. Keyloggers monitor the keystrokes of an individual and report them back to an
attacker. They are designed to steal sensitive information, a disruption of the goal of
confidentiality. - A. Risks exist when there is an intersection of a threat and a vulnerability. This is
described using the equation Risk = Threat * Vulnerability. - A. The fourth step of the NIST risk management framework is assessing security controls.
- D. HAL Systems decided to stop offering the service because of the risk. This is an
example of a risk avoidance strategy. The company altered its operations in a manner that
eliminates the risk of NTP misuse. - C. Confidentiality controls prevent the disclosure of sensitive information to unauthorized
individuals. Limiting the likelihood of a data breach is an attempt to prevent unauthorized
disclosure. - A. The emergency response guidelines should include the immediate steps an organi-
zation should follow in response to an emergency situation. These include immediate
response procedures, a list of individuals who should be notified of the emergency and
secondary response procedures for first responders. They do not include long-term
actions such as activating business continuity protocols, ordering equipment, or
activating DR sites. - B. Although the CEO will not normally serve on a BCP team, it is best to obtain top-level
management approval for your plan to increase the likelihood of successful adoption.
6 7. D. The project scope and planning phase includes four actions: a structured analysis of
the organization, the creation of a BCP team, an assessment of available resources, and an
analysis of the legal and regulatory landscape.
- D. Keeping a server up and running is an example of an availability control because it
increases the likelihood that a server will remain available to answer user requests. - A. A cold site includes the basic capabilities required for data center operations: space,
power, HVAC, and communications, but it does not include any of the hardware required
to restore operations. - C. The Computer Fraud and Abuse Act (CFAA) makes it a federal crime to maliciously
cause damage in excess of $5,000 to a federal computer system during any one-year period. - B. ISO 27002 is an international standard focused on information security and titled
“Information technology—Security techniques—Code of practice for information security
management.” The Information Technology Infrastructure Library (ITIL) does contain
security management practices, but it is not the sole focus of the document, and the ITIL
security section is derived from ISO 27002. The Capability Maturity Model (CMM)
is focused on software development, and the Project Management Body of Knowledge
(PMBOK) Guide focuses on project management.