RCR 057: CISSP Exam Questions for Cyber Investigations (Domain 8) - CISSP Training and Study!

Jan 11, 2020

 

SubscribeiTunes | Goggle Play | Stitcher Radio | RSS

Description:

Shon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career.  Shon utilizes his expansive knowledge while providing superior training from his years of training people in cybersecurity. 

In this episode, Shon will talk about questions for Domain 8 (Software Development Security) of the CISSP Exam.

 CISSP Exam Questions:  

QUESTION 1

There are different categories for evidence depending upon what form it is in and possibly how it was collected. Which of the following is considered supporting evidence?

  • A. Best evidence
  • B. Corroborative evidence
  • C. Conclusive evidence
  • D. Direct evidence

 CORRECT ANSWER - B. Corroborative evidence 

Corroborative evidence cannot stand alone, but instead is used as supporting information in a trial. It is often testimony indirectly related to the case but offers enough correlation to supplement the lawyer's argument. The other choices are all types of evidence that can stand alone.

From <https://searchsecurity.techtarget.com/quiz/CISSP-Domain-8-quiz-Law-Investigations-and-Ethics?q0=1&q1=0&q2=2&q3=1&q4=1&q5=1&q6=2&q7=0&q8=2&q9=0&q10=1&q11=3&q12=0&q13=3&q14=2&x=69&y=11>

 QUESTION 2

Computer-generated or electronic information is most often categorized as what type of evidence?

  • A. Best
  • B. Hearsay
  • C. Corroborative
  • D. Opinion

CORRECT ANSWER - B. Hearsay 

Because computer files and systems can be modified after the fact without others being aware of it, they are considered hearsay evidence. Hearsay evidence is not considered reliable or trustworthy because it is not firsthand evidence.

From <https://searchsecurity.techtarget.com/quiz/CISSP-Domain-8-quiz-Law-Investigations-and-Ethics?q0=1&q1=0&q2=2&q3=1&q4=1&q5=1&q6=2&q7=0&q8=2&q9=0&q10=1&q11=3&q12=0&q13=3&q14=2&x=69&y=11>

 QUESTION 3

Which type of law punishes the individuals with financial restitution instead of jail penalties?

  • A. Tort
  • B. Administrative
  • C. Criminal
  • D. Regulatory

CORRECT ANSWER - A. Tort 

Tort, a type of civil law, deals only with financial restitution or community service as punishments. Typically, civil lawsuits do not require the degree of burden of proof that criminal cases require. Administrative law deals with government-imposed regulations on large organizations and companies in order to protect the safety and best interest of their employees and customers.

From <https://searchsecurity.techtarget.com/quiz/CISSP-Domain-8-quiz-Law-Investigations-and-Ethics?q0=1&q1=0&q2=2&q3=1&q4=1&q5=1&q6=2&q7=0&q8=2&q9=0&q10=1&q11=3&q12=0&q13=3&q14=2&x=69&y=11>

 QUESTION 4

Which of the following is an attack that uses tools to intercept electronic communication signals usually passively instead of actively?

  • A. Masquerading
  • B. Social engineering
  • C. Wiretapping
  • D. Salami

CORRECT ANSWER - C. Wiretapping 

Wiretapping is the act of intercepting electronic signals. Under the U.S. Federal Wiretap Law, it is illegal without a court order. The most common example of wiretapping is with law enforcement agencies. In order for these organizations to legally tap into a suspect s line, there must be a court-approved order allowing it.

From <https://searchsecurity.techtarget.com/quiz/CISSP-Domain-8-quiz-Law-Investigations-and-Ethics?q0=1&q1=0&q2=2&q3=1&q4=1&q5=1&q6=2&q7=0&q8=2&q9=0&q10=1&q11=3&q12=0&q13=3&q14=2&x=69&y=11>

 BTW - Get access to all my CISSP Training Courses here at:  https://shongerber.com/

Want to find Shon Gerber elsewhere on the internet?

LinkedIn – www.linkedin.com/in/shongerber

Facebook - https://www.facebook.com/CyberRiskReduced/

LINKS: 

TRANSCRIPT:

 welcome to reduce cyber risk podcast where we provide you the training and tools you need to pass the cissp exam while enhancing your cybersecurity career hi my name is Sean Gerber and I'm your host of this action-packed informative podcast join me each week cuz I provide the information you need to grow your knowledge so that you're better prepared to pass the cissp exam all right podcast episode 28 of the cissp exam questions domain 8 hope you all are having a wonderful week this week this is going to follow on to some of the main questions we had before around cissp domain 8 this is software development Security in domain ate all right I'm going to be pulling these questions a lot of these from target.com is domain 8 quiz for lawn investigations and ethics that's where you going to find those all right so let's roll into the question number one there are different categories of evidence depending upon what form it is in and possibly how it was collected which of the following is considered supporting evidence a best evidence be probative evidence C conclusive evidence D direct evidence you want there are different categories for evidence depending upon what form it is in and possibly how it was collected which of the following is considered supporting evidence a best evidence be corroborative evidence C conclusive evidence D direct evidence question you got to kind of go through there and you look at supporting what would be supporting well supporting with you'd couple up that word that would be the next best alternative would be corroborative evidence basically it's can't stand alone but it's got to have it as an additional piece of evidence that is corroborative and I probably just butchered them how that word is said but hey that's to tell you on that one question 2 computer-generated or electronic information most often categorized as what type of evidence generated or electronic information is most often categorized as what type of evidence a best hearsay hearsay Seeker operative opinion queso computer-generated or electronic equipment is most often categorized as what type of evidence not many would probably glob on to the fact that was best evidence cuz you two computers and it's like ones and zeros and yeah you can't really mess with that but yes you can you can you can mess around with computer information and make it look however you want to make it look so the bottom line is is that it is considered be hearsay basically the fact of it is excused as a it could be added into this to Adela contextual contacts add some flavor to the discussion but the other day it can be modified so therefore that should not be used as a corroborative evidence or best evidence it's more just kind of yeah it's out there it did happen but maybe it could add a little bit to the flavor of the investigation question 3 which type of law punishes the individuals with financial restitution instead of jail penalties a tort be administrative Criminal deregulatory which type of law punishes individuals with financial restitution instead of jail penalties all right a tort be administrative see Criminal deregulatory and the answer is a tort is a time of type of civil law that deals only with financial restitution or Community Service as punishment so again that's typically wouldn't think Dennis will this is the article from techtarget typically civil lawsuit do not require the degree of Burden or proof that criminal cases require which we all know from the cissp training at Chong gerber.com that that is the case and administrative law deals with government impose regulations on large organizations and companies in order to protect the safety and best interest of their employees and customers torque is a type of civil law that deals only with financial restitution or Community Service as punishment and in this case if the question was around financial institution instead of jail penalties and the answer is a port question 4 give me a bonus question today which of the following is an attack that uses tools to an intercept electronic communication signals using passively instead of actively K which of the following is an attack using tools to intercept electronic communication signals usually usually passively instead of actively a masquerading be social engineering C wiretapping D salami that would make sense if you do go through these you can pretty much figure out pretty quickly during the morse code of the teletype kind of thing and then they were brought him board when they had that people would go and plug in the the operator plug in the cable to connect you to a new location and so those wiretap laws were put in place because a lot of times The Operators will be listening in on conversations that is question for all right I hope you'll like this I'll be like these questions again you can go check these out at target.com or you can check them out at Shawn gerber.com I'll have these questions available for you as well and I hope you enjoy this podcast and if other than that will catch you on the flip side see you thanks so much for a podcast I would greatly appreciate the feedback also check out my cissp videos that you can find out on YouTube just search for Shawn s h o n Gerber like the baby food toilet or whatever you choose and then you will find a plethora of content to help you pass the cissp exam the first time lastly head over to Sean gerber.com and look at the Cornucopia free cissp materials available

Stay connected with news and updates!

Join our mailing list to receive the latest news and updates from our team. You'r information will not be shared.

Close

Don't you want to pass the CISSP....the FIRST time?

Get my FREE CISSP training videos (Domains 1 - 4) so I can show you how to pass the CISSP Exam...the FIRST time! .