CISSP Practice полностью

5. b. Physical and environmental controls help prevent contingencies. Although many of the other controls, such as logical access controls, also prevent contingencies, the major threats that a contingency plan addresses are physical and environmental threats, such as fires, loss of power, plumbing breaks, or natural disasters. Logical access controls can address both the software and hardware threats.

6. Risks in the use of cellular radio and telephone networks during a disaster include which of the following?

a. Security and switching office

b. Security and redundancy

c. Redundancy and backup power systems

d. Backup power systems and switching office

6. a. The airwaves are not secure, and a mobile telephone switching office can be lost during a disaster. The cellular company may need a diverse route from the cell site to another mobile switching office.

7. Contingency planning integrates the results of which of the following?

a. Business continuity plan

b. Business impact analysis

c. Core business processes

d. Infrastructural services

7. b. Contingency planning integrates and acts on the results of the business impact analysis. The output of this process is a business continuity plan consisting of a set of contingency plans—with a single plan for each core business process and infrastructure component. Each contingency plan should provide a description of the resources, staff roles, procedures, and timetables needed for its implementation.

Sources and References

“Contingency Planning Guide for Federal Information Systems (NIST SP 800-34R1),” National Institute of Standards and Technology (NIST), U.S. Department of Commerce, Gaithersburg, Maryland, May 2010.

“Contingency Planning Guide for Information Technology Systems (NIST SP 800-34),” National Institute of Standards and Technology (NIST), U.S. Department of Commerce, Gaithersburg, Maryland, June 2002.

“An Introduction to Computer Security: The NIST Handbook (NIST SP 800-12),” National Institute of Standards and Technology (NIST), U.S. Department of Commerce, Gaithersburg, Maryland, October 1995.

Domain 9

Legal, Regulations, Investigations, and Compliance

Traditional Questions, Answers, and Explanations

1. Computer fraud is discouraged by:

a. Willingness to prosecute

b. Ostracizing whistle blowers

c. Overlooking inefficiencies in the judicial system

d. Accepting the lack of integrity in the system

1. a. Willingness to prosecute sends a strong message to potential perpetrators, which could discourage computer fraud. Situational pressures (e.g., gambling and drugs), opportunities to commit fraud (e.g., weak system of controls), and personal characteristics (e.g., lack of integrity and honesty) are major causes of fraud, whether or not computer related. There is nothing new about the act of committing fraud. There is perhaps no new way to commit fraud because someone somewhere has already tried it. The other three choices encourage computer fraud.

2. When computers and peripheral equipment are seized in relation to a computer crime, what is it is an example of?

a. Duplicate evidence

b. Physical evidence

c. Best evidence

d. Collateral evidence

2. d. Collateral evidence is evidence relevant only to some evidential fact, and that is not by itself relevant to a consequential fact. Here, computers and peripheral equipment are examples of collateral evidence because they are a part of the crime scene, not a crime by themselves.

Duplicate evidence is a document that is produced by some mechanical process that makes it more reliable evidence of the contents of the original than other forms of secondary evidence (for example, a photocopy of the original). Modern statutes make duplicates easily substitutable for an original. Duplicate evidence is a part of the best evidence rule.

Direct inspection or observation of people, property, or events obtains physical evidence. Best evidence is primary evidence that is the most natural, reliable, and in writing (for example, a written instrument such as a letter, statement, contract, or deed). It is the most satisfactory proof of the fact based on documentary evidence because the best evidence rule prevents a party from proving or disproving the content of writing by oral testimony. However, oral testimony can be used to explain the meaning of the written instrument where the instrument is subject to more than one interpretation.