BCS cismp-v9 practice test

Question 1

Which of the following is an asymmetric encryption algorithm?
A. DES.
B. AES.
C. ATM.
D. RSA.

Answer:

D
//www.omnisecu.com/security/public-key-infrastructure/asymmetric-encryption-
algorithms.php

Question 2

Which algorithm is a current specification for the encryption of electronic data established by NIST?
A. RSA.
B. AES.
C. DES.
D. PGP.

Answer:

B
//www.nist.gov/publications/advanced-encryption-standard-aes

Question 3

When seeking third party digital forensics services, what two attributes should one seek when
making a choice of service provider?

• A. Appropriate company accreditation and staff certification.
• B. Formal certification to ISO/IEC 27001 and alignment with ISO 17025.
• C. Affiliation with local law enforcement bodies and local government regulations.
• D. Clean credit references as well as international experience.

Answer:

B

Question 4

When preserving a crime scene for digital evidence, what actions SHOULD a first responder initially
make?
A. Remove power from all digital devices at the scene to stop the data changing.
B. Photograph all evidence and triage to determine whether live data capture is necessary.
C. Remove all digital evidence from the scene to prevent unintentional damage.
D. Don't touch any evidence until a senior digital investigator arrives.

Answer:

D
//www.ncjrs.gov/pdffiles1/nij/219941.pdf

Question 5

When a digital forensics investigator is conducting art investigation and handling the original data,
what KEY principle must they adhere to?

• A. Ensure they are competent to be able to do so and be able to justify their actions.
• B. Ensure they are being observed by a senior investigator in all actions.
• C. Ensure they do not handle the evidence as that must be done by law enforcement officers.
• D. Ensure the data has been adjusted to meet the investigation requirements.

Answer:

A

Question 6

In business continuity (BC) terms, what is the name of the individual responsible for recording all
pertinent information associated with a BC exercise or real plan invocation?

• A. Recorder.
• B. Desk secretary.
• C. Scribe.
• D. Scrum Master.

Answer:

A

Question 7

Which type of facility is enabled by a contract with an alternative data processing facility which will
provide HVAC, power and communications infrastructure as well computing hardware and a
duplication of organisations existing "live" data?

• A. Cold site.
• B. Warm site.
• C. Hot site.
• D. Spare site

Answer:

A

Question 8

When undertaking disaster recovery planning, which of the following would NEVER be considered a
"natural" disaster?

• A. Arson.
• B. Electromagnetic pulse
• C. Tsunami.
• D. Lightning Strike

Answer:

B

Question 9

In business continuity, what is a battle box?
A. A portable container that holds Items and information useful in the event of an organisational
disaster.
B. An armoured box that holds all an organisation's backup databases.
C. A collection of tools and protective equipment to be used in the event of civil disturbance.
D. A list of names and addresses of staff to be utilised should industrial action prevent access to a
building.

Answer:

A
//www.battlebox.biz/why.asp

Question 10

What term is used to describe the testing of a continuity plan through a written scenario being used
as the basis for discussion and simulation?

• A. End-to-end testing.
• B. Non-dynamic modeling
• C. Desk-top exercise.
• D. Fault stressing

Answer:

C