BCS CISMP-V9 BCS Foundation Certificate in Information Security Management Principles V9.0 Exam Practice Test

Answer : A

When selecting a third-party digital forensics service provider, it is crucial to ensure that the company has the appropriate accreditations and the staff hold relevant certifications. This ensures that the service provider adheres to recognized standards and best practices in digital forensics, which is essential for the integrity and admissibility of evidence. Company accreditation provides assurance that the organization follows industry-recognized quality standards, while staff certification demonstrates that the individuals handling the forensic process are qualified and competent. This combination is vital for maintaining the credibility of the forensic investigation and the security of the data handled.

Answer : D

Regular rotation of staff monitoring critical CCTV systems is recommended primarily to address the limitations of the human attention span. Research suggests that the average human attention span during intense monitoring tasks is approximately 20 minutes. After this period, vigilance and alertness can significantly decrease, leading to a potential lapse in monitoring effectiveness. Rotating staff helps to ensure that individuals are always at their most attentive when observing the CCTV feeds, which is crucial for maintaining security and safety standards. This practice also helps to mitigate risks associated with fatigue and the potential for missing critical events or details.

Answer : A

Loading bays are areas of a facility where goods are loaded and unloaded, which can be busy and potentially hazardous. They are considered vulnerable points for security breaches due to the high volume of goods movement and external access. Using them as staff entrances increases the risk of unauthorized access and potential security incidents. By restricting access to loading bays and directing staff to use dedicated entrances, an organization can better control entry points, monitor traffic, and maintain security protocols.This principle is part of the Physical and Environmental Security Controls domain, which emphasizes the importance of securing physical access to protect information assets1.

Answer : B

Syslog is a standard for message logging and allows devices to send event notification messages across IP networks to event message collectors - also known as Syslog servers or SIEM (Security Information and Event Management) systems. Native support for syslog is commonly found in various network devices and Unix/Linux-based systems.

Enterprise Wireless Access Points,Linux Web Server Appliances, andEnterprise Stateful Firewallstypically have built-in capabilities to generate and send syslog messages to a SIEM system for monitoring and analysis.

Windows Desktop Systems, on the other hand, do not natively support syslog because Windows uses its own event logging system known as Windows Event Log.While it is possible to configure Windows systems to send logs to a SIEM appliance, this usually requires additional software or agents to translate Windows Event Log messages into syslog format before they can be sent1.

Answer : C

When an organization opts for public cloud services, it relinquishes direct control over many aspects of security and privacy. While the cloud service provider maintains the physical servers, the organization loses the ability to physically access these servers. This is a significant shift from traditional on-premises data centers where the organization would have complete control over and access to the physical infrastructure. In the context of the public cloud, the organization must rely on the cloud provider's security measures and protocols to protect its data.However, it's important to note that while physical access is lost, cloud providers typically offer robust security features and compliance certifications that can compensate for this loss12.

Answer : D

The ports discovered during the port scan are indicative of the services that are likely running on the device. Here's a breakdown of what each port typically signifies:

TCP port 22: This is commonly used for Secure Shell (SSH) which is used for secure logins, file transfers (scp, sftp) and port forwarding.

TCP port 80: This port is used for Hypertext Transfer Protocol (HTTP), which is the foundation of data communication for the World Wide Web; essentially, it's the standard port for web traffic.

TCP port 443: This is used for HTTP Secure (HTTPS). It's the protocol for secure communication over a computer network within a web browser, providing a secure version of HTTP.

TCP port 3306: This is the default port for the MySQL database, which is often used in conjunction with web applications.

TCP port 8080: This is an alternative to port 80 and is used for web traffic, particularly for proxy and caching.

Given this information, the most likely type of device is aWeb server, as it uses these ports for web traffic, secure communication, and potentially for a database that supports web applications.

Answer : B

The AAA service, which stands for Authentication, Authorization, and Accounting, is essential for managing user access to network resources. When it comes to providing AAA services for both wireless and remote access network services in a non-proprietary manner, RADIUS (Remote Authentication Dial-In User Service) is the most suitable technology.

RADIUS is an open standard protocol widely used for network access authentication and accounting. It is supported by a variety of network vendors and devices, making it a non-proprietary solution that can be easily integrated into different network environments.RADIUS provides a centralized way to authenticate users, authorize their access levels, and keep track of their activity on the network1.

TACACS+is a Cisco proprietary protocol and therefore does not meet the requirement of avoiding proprietary solutions.

OAuthis a framework for authorization and is not typically used for network access control in the same way that RADIUS is.

MS Access Databaseis not a network authentication protocol and would not provide the necessary AAA services for network security.