New Year Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > BCS > Information security and CCP scheme certifications > CISMP-V9

CISMP-V9 BCS Foundation Certificate in Information Security Management Principles V9.0 Question and Answers

Question # 4

When handling and investigating digital evidence to be used in a criminal cybercrime investigation, which of the following principles is considered BEST practice?

A.

Digital evidence must not be altered unless absolutely necessary.

B.

Acquiring digital evidence cart only be carried on digital devices which have been turned off.

C.

Digital evidence can only be handled by a member of law enforcement.

D.

Digital devices must be forensically "clean" before investigation.

Full Access
Question # 5

What is the name of the method used to illicitly target a senior person in an organisation so as to try to coerce them Into taking an unwanted action such as a misdirected high-value payment?

A.

Whaling.

B.

Spear-phishing.

C.

C-suite spamming.

D.

Trawling.

Full Access
Question # 6

The policies, processes, practices, and tools used to align the business value of information with the most appropriate and cost-effective infrastructure from the time information is conceived through its final disposition.

Which of the below business practices does this statement define?

A.

Information Lifecycle Management.

B.

Information Quality Management.

C.

Total Quality Management.

D.

Business Continuity Management.

Full Access
Question # 7

Which of the following controls would be the MOST relevant and effective in detecting zero day attacks?

A.

Strong OS patch management

B.

Vulnerability assessment

C.

Signature-based intrusion detection.

D.

Anomaly based intrusion detection.

Full Access
Question # 8

Which types of organisations are likely to be the target of DDoS attacks?

A.

Cloud service providers.

B.

Any financial sector organisations.

C.

Online retail based organisations.

D.

Any organisation with an online presence.

Full Access
Question # 9

James is working with a software programme that completely obfuscates the entire source code, often in the form of a binary executable making it difficult to inspect, manipulate or reverse engineer the original source code.

What type of software programme is this?

A.

Free Source.

B.

Proprietary Source.

C.

Interpreted Source.

D.

Open Source.

Full Access
Question # 10

Once data has been created In a standard information lifecycle, what step TYPICALLY happens next?

A.

Data Deletion.

B.

Data Archiving.

C.

Data Storage.

D.

Data Publication

Full Access
Question # 11

One traditional use of a SIEM appliance is to monitor for exceptions received via syslog.

What system from the following does NOT natively support syslog events?

A.

Enterprise Wireless Access Point.

B.

Windows Desktop Systems.

C.

Linux Web Server Appliances.

D.

Enterprise Stateful Firewall.

Full Access
Question # 12

Select the document that is MOST LIKELY to contain direction covering the security and utilisation of all an organisation's information and IT equipment, as well as email, internet and telephony.

A.

Cryptographic Statement.

B.

Security Policy Framework.

C.

Acceptable Usage Policy.

D.

Business Continuity Plan.

Full Access
Question # 13

When undertaking disaster recovery planning, which of the following would NEVER be considered a "natural" disaster?

A.

Arson.

B.

Electromagnetic pulse

C.

Tsunami.

D.

Lightning Strike

Full Access
Question # 14

Which of the following acronyms covers the real-time analysis of security alerts generated by applications and network hardware?

A.

CERT

B.

SIEM.

C.

CISM.

D.

DDoS.

Full Access
Question # 15

Which standards framework offers a set of IT Service Management best practices to assist organisations in aligning IT service delivery with business goals - including security goals?

A.

ITIL.

B.

SABSA.

C.

COBIT

D.

ISAGA.

Full Access
Question # 16

Which of the following statutory requirements are likely to be of relevance to all organisations no matter which sector nor geographical location they operate in?

A.

Sarbanes-Oxley.

B.

GDPR.

C.

HIPAA.

D.

FSA.

Full Access
Question # 17

What term is used to describe the act of checking out a privileged account password in a manner that bypasses normal access controls procedures during a critical emergency situation?

A.

Privileged User Gateway

B.

Enterprise Security Management

C.

Multi Factor Authentication.

D.

Break Glass

Full Access
Question # 18

How does network visualisation assist in managing information security?

A.

Visualisation can communicate large amounts of data in a manner that is a relatively simple way for people to analyse and interpret.

B.

Visualisation provides structured tables and lists that can be analysed using common tools such as MS Excel.

C.

Visualisation offers unstructured data that records the entirety of the data in a flat, filterable ftle format.

D.

Visualisation software operates in a way that is rarely and thereby it is less prone to malware infection.

Full Access
Question # 19

Ensuring the correctness of data inputted to a system is an example of which facet of information security?

A.

Confidentiality.

B.

Integrity.

C.

Availability.

D.

Authenticity.

Full Access
Question # 20

Which standard deals with the implementation of business continuity?

A.

ISO/IEC 27001

B.

COBIT

C.

IS0223G1.

D.

BS5750.

Full Access
Question # 21

In business continuity (BC) terms, what is the name of the individual responsible for recording all pertinent information associated with a BC exercise or real plan invocation?

A.

Recorder.

B.

Desk secretary.

C.

Scribe.

D.

Scrum Master.

Full Access
Question # 22

What Is the KEY purpose of appending security classification labels to information?

A.

To provide guidance and instruction on implementing appropriate security controls to protect the information.

B.

To comply with whatever mandatory security policy framework is in place within the geographical location in question.

C.

To ensure that should the information be lost in transit, it can be returned to the originator using the correct protocols.

D.

To make sure the correct colour-coding system is used when the information is ready for archive.

Full Access
Question # 23

What type of attack could directly affect the confidentiality of an unencrypted VoIP network?

A.

Packet Sniffing.

B.

Brute Force Attack.

C.

Ransomware.

D.

Vishing Attack

Full Access
Question # 24

Which type of facility is enabled by a contract with an alternative data processing facility which will provide HVAC, power and communications infrastructure as well computing hardware and a duplication of organisations existing "live" data?

A.

Cold site.

B.

Warm site.

C.

Hot site.

D.

Spare site

Full Access
Question # 25

Which of the following is NOT an information security specific vulnerability?

A.

Use of HTTP based Apache web server.

B.

Unpatched Windows operating system.

C.

Confidential data stored in a fire safe.

D.

Use of an unlocked filing cabinet.

Full Access
Question # 26

What Is the first yet MOST simple and important action to take when setting up a new web server?

A.

Change default system passwords.

B.

Fully encrypt the hard disk.

C.

Apply hardening to all applications.

D.

Patch the OS to the latest version

Full Access
Question # 27

Which of the following describes a qualitative risk assessment approach?

A.

A subjective assessment of risk occurrence likelihood against the potential impact that determines the overall severity of a risk.

B.

The use of verifiable data to predict the risk occurrence likelihood and the potential impact so as to determine the overall severity of a risk.

C.

The use of Monte-Carlo Analysis and Layers of Protection Analysis (LOPA) to determine the overall severity of a risk.

D.

The use of Risk Tolerance and Risk Appetite values to determine the overall severity of a risk

Full Access
Question # 28

As well as being permitted to access, create, modify and delete information, what right does an Information Owner NORMALLY have in regard to their information?

A.

To assign access privileges to others.

B.

To modify associated information that may lead to inappropriate disclosure.

C.

To access information held in the same format and file structure.

D.

To delete all indexed data in the dataset.

Full Access
Question # 29

What form of training SHOULD developers be undertaking to understand the security of the code they have written and how it can improve security defence whilst being attacked?

A.

Red Team Training.

B.

Blue Team Training.

C.

Black Hat Training.

D.

Awareness Training.

Full Access
Question # 30

Which algorithm is a current specification for the encryption of electronic data established by NIST?

A.

RSA.

B.

AES.

C.

DES.

D.

PGP.

Full Access