1. Right Answer: C
Explanation: The following answers are incorrect:All of the other choices are facilitated by a BCP:the continuation of critical business functionsthe rapid recovery of mission-critical business operationsthe reduction of the impact of a disaster

2. Right Answer: B
Explanation: RSA e-mail standers stands for SMIME envelope. Using tm's private key to sign messages, users will ensure recipients of message integrity by using sender�´s public key for hash decryption and content comparison.Exam candidates should be aware of e-mail solutions and technologies that addresses confidentiality, integrity and non-repudiation.The following answers are incorrect:Implementing PGP and allowing for recipient to receive the private key used to sign e-mail message.Implementing RSA standard for messages envelope and instructing users to sign all messages using their public key from the PKI digital certificate.Implementing MIME solutions and providing a footer within each message sent, referencing to policy constraints related to e-mail usage.The following reference(s) were/was used to create this question:CISA Review Manual 2010 - Chapter 5 - 5.4.5-Encryption - Digital Envelope

3. Right Answer: C
Explanation: As stated in SP 800-34 Rev. 1:To be effective, the plan must be maintained in a ready state that accurately reflects system requirements, procedures, organizational structure, and policies.During the Operation/Maintenance phase of the SDLC, information systems undergo frequent changes because of shifting business needs, technology upgrades, or new internal or external policies.As a general rule, the plan should be reviewed for accuracy and completeness at an organization-defined frequency (at least once a year for the purpose of the exam) or whenever significant changes occur to any element of the plan. Certain elements, such as contact lists, will require more frequent reviews.Remember, there could be two good answers as specified above. Either once a year or whenever significant changes occur to the plan. You will of course get only one of the two presented within your exam.Reference(s) used for this question:NIST SP 800-34 Revision 1

4. Right Answer: C
Explanation: Salami slicing or Salami attack refers to a series of many small actions, often performed by clandestine means, that as an accumulated whole produces a much larger action or result that would be difficult or unlawful to perform all at once. The term is typically used pejoratively. Although salami slicing is often used to carry out illegal activities, it is only a strategy for gaining an advantage over time by accumulating it in small increments, so it can be used in perfectly legal ways as well.An example of salami slicing, also known as penny shaving, is the fraudulent practice of stealing money repeatedly in extremely small quantities, usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. It would be done by always rounding down, and putting the fractions of a cent into another account. The idea is to make the change small enough that any single transaction will go undetected.In information security, a salami attack is a series of minor attacks that together results in a larger attack. Computers are ideally suited to automating this type of attack.The following answers are incorrect:Eavesdropping - is the act of secretly listening to the private conversation of others without their consent, as defined by Black's Law Dictionary. This is commonly thought to be unethical and there is an old adage that 'eavesdroppers seldom hear anything good of themselves...eavesdroppers always try to listen to matters that concern them.'Traffic analysis - is the process of intercepting and examining messages in order to deduce information from patterns in communication. It can be performed even when the messages are encrypted and cannot be decrypted. In general, the greater the number of messages observed, or even intercepted and stored, the more can be inferred from the traffic. Traffic analysis can be performed in the context of military intelligence, counter-intelligence, or pattern-of-life analysis, and is a concern in computer security.Masquerading - A masquerade attack is an attack that uses a fake identity, such as a network identity, to gain unauthorized access to personal computer information through legitimate access identification. If an authorization process is not fully protected, it can become extremely vulnerable to a masquerade attack.Masquerade attacks can be perpetrated using stolen passwords and logons, by locating gaps in programs, or by finding a way around the authentication process.The attack can be triggered either by someone within the organization or by an outsider if the organization is connected to a public network. The amount of access masquerade attackers get depends on the level of authorization they've managed to attain. As such, masquerade attackers can have a full smorgasbord of cybercrime opportunities if they've gained the highest access authority to a business organization. Personal attacks, although less common, can also be harmful.The following reference(s) were/was used to create this question: http://searchfinancialsecurity.techtarget.com/definition/eavesdropping http://en.wikipedia.org/wiki/Salami_slicing http://en.wikipedia.org/wiki/Eavesdropping http://en.wikipedia.org/wiki/Traffic_analysis http://www.techopedia.com/definition/4020/masquerade-attack

5. Right Answer: A
Explanation: In computing, a denial-of-service (DoS) or distributed denial-of-service (DDoS) attack is an attempt to make a machine or network resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of efforts to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet. As clarification, DDoS (Distributed Denial of Service) attacks are sent by two or more persons, or bots. (See botnet) DoS (Denial of Service) attacks are sent by one person or system.Keystroke logging, often referred to as key logging or keyboard capturing, is the action of recording (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored. It also has very legitimate uses in studies of human-computer interaction. There are numerous key logging methods, ranging from hardware and software-based approaches to acoustic analysis.There are four types of a computer crimes:1. Computer is the target of a crime '' Perpetrator uses another computer to launch an attack. In this attack the target is a specific identified computer. Ex. Denial of Service (DoS), hacking2. Computer is the Subject of a crime '' In this attack perpetrator uses computer to commit crime and the target is another computer. In this attack, target may or may not be defined. Perpetrator launches attack with no specific target in mind. Ex. Distributed DoS, Malware3. Computer is the tool of a crime '' Perpetrator uses computer to commit crime but the target is not a computer. Target is the data or information stored on a computer. Ex. Fraud, unauthorized access, phishing, installing key logger4. Computer Symbolizes Crime '' Perpetrator lures the user of a computer to get confidential information. Target is user of computer. Ex. Social engineering methods like Phishing, Fake website, Scam Mails, etcThe following answers are incorrect:Eavesdropping - is the act of secretly listening to the private conversation of others without their consent, as defined by Black's Law Dictionary. This is commonly thought to be unethical and there is an old adage that 'eavesdroppers seldom hear anything good of themselves...eavesdroppers always try to listen to matters that concern them.'Traffic analysis - is the process of intercepting and examining messages in order to deduce information from patterns in communication. It can be performed even when the messages are encrypted and cannot be decrypted. In general, the greater the number of messages observed, or even intercepted and stored, the more can be inferred from the traffic. Traffic analysis can be performed in the context of military intelligence, counter-intelligence, or pattern-of-life analysis, and is a concern in computer security.Masquerading - A masquerade attack is an attack that uses a fake identity, such as a network identity, to gain unauthorized access to personal computer information through legitimate access identification. If an authorization process is not fully protected, it can become extremely vulnerable to a masquerade attack.Masquerade attacks can be perpetrated using stolen passwords and logons, by locating gaps in programs, or by finding a way around the authentication process.The attack can be triggered either by someone within the organization or by an outsider if the organization is connected to a public network. The amount of access masquerade attackers get depends on the level of authorization they've managed to attain. As such, masquerade attackers can have a full smorgasbord of cybercrime opportunities if they've gained the highest access authority to a business organization. Personal attacks, although less common, can also be harmful.The following reference(s) were/was used to create this question:CISA review Manual 2014. Page number 321http://en.wikipedia.org/wiki/Denial-of-service_attackhttp://en.wikipedia.org/wiki/Eavesdroppinghttp://en.wikipedia.org/wiki/Traffic_analysishttp://www.techopedia.com/definition/4020/masquerade-attack