Expert systems use all of the following techniques for artificial intelligence
EXCEPT

a. automatic logical processing.
b. inference engine processing.
c. general methods of searching for problem solutions.
d. cyclic-based reasoning statements.

Answer: d.

(Reference: Summers, Rita, Secure Computing, McGraw Hill, 1997, pg 638)

I suppose I only like this because I know the answer. For this one you have to
know AI programming, and the types of languages used in different types of AI
programming. Expert systems are generally programmed using functional
programming languages, and functional programming languages are known for
creating straight drop-through systems, with no loops.

The point being, lots of technology does have security implications. I frequently
tell students that *anything* you learn can be used in security. So there is a good
possibility that, somewhere in the exam you face, there is going to be a question
on a topic that you know *nothing* about.

Two points to remember. The first is, answer every question. Even if you have
to guess, you have a 25% chance of getting the point for that question.

Second point: don't panic. Remember, you only have to get 70% to pass.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
Education is the best defense against the media.
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

What is the name of a malicious computer program that replicates itself by attaching to other programs?

 

a. Virus.
b. Worm.
c. Trap door.
d. Trojan horse.

 

Answer: a.

 

OK, hopefully the answer is obvious, but it points out the importance of not getting too buried in the details.  First of all, we can discard trap door and trojan horse because neither of them has anything to do with replication.  That leaves us with two replicating options, virus and worm.  Now, some of you may know that not all viruses replicate by attaching to other programs.  (And, in fact, these days relatively few do.)  But worms definitely do not attach to other programs.  So, of the options given, virus is still the correct answer.

Isn't "replicates itself" the definition of a worm?

 

---

@rslade wrote:

What is the name of a malicious computer program that replicates itself by attaching to other programs?

 

a. Virus.
b. Worm.
c. Trap door.
d. Trojan horse.

 

Answer: a.

 

OK, hopefully the answer is obvious, but it points out the importance of not getting too buried in the details.  First of all, we can discard trap door and trojan horse because neither of them has anything to do with replication.  That leaves us with two replicating options, virus and worm.  Now, some of you may know that not all viruses replicate by attaching to other programs.  (And, in fact, these days relatively few do.)  But worms definitely do not attach to other programs.  So, of the options given, virus is still the correct answer.

---

 

Illegally accessing data, without recourse to malware, and then threatening to release it unless someone pays a ransom is called:

 

a) ransomware

b) extortion

c) breachstortion

d) I DON'T KNOW WHAT IT'S CALLED, BUT IT'S NOT RANSOMWARE!!!!

 

Answer: b or c, depending upon how "l33t" you want to sound.

 

Discussion:

 

IT'S NOT RANSOMWARE!  RANSOMWARE INVOLVES SOFTWARE!  RANSOMWARE INVOLVES MALWARE!  JUST DOING A BREACH AND STEALING FILES IS NOT RANSOMWARE!!!!

 

(I'm sorry.  I've go lie down, now ...)

“I’ll have a ‘B’ Rob...”

A system file that has been patched numerous times becomes infected with a virus.
The anti-virus software warns that disinfecting the file may damage it. What
course of action should be taken?

a. Replace the file with the original version from master media
b. Proceed with automated disinfection
c. Research the virus to see if it is benign
d. Restore an uninfected version of the patched file from backup media

Answer: d.

OK, replace with original? We've been told it's been patched numerous times.
Repatching will be tedious. Automated disinfection? Doesn't always work.
Research benign? Even if benign, you can always get into trouble. So the correct
answer is restore uninfected from backup. (How do you *know* it's uninfected?
That's not part of the question.)

======================
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
"Cybersecurity Lessons from CoVID-19" CRC Press 0367682699
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
http://en.wikipedia.org/wiki/Robert_Slade
https://is.gd/RotlWB http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/

I would like to hope that everyone considers, virus, malware, ransomware questions this way.  1st course of action, restore from backup.  We breach backups almost in every chapter of the CBK

What is the final step in the change control management process?

 

a. Inform the users of the change.
b. Test the functionality of the change.
c. Update the procedure manual.
d. Report the change to management.

 

Answer: d.

 

Reference: HISM, edited by Ruthberg & Tipton; Auerbach; 1993; pg 399-400.

 

Discussion:

 

Answer a - wrong - users often initiate the request for change.  OK, yes, you should tell them you've done it, but generally that's part of the process, and you tell management last.
Answer b - wrong - changes must be tested prior to implementation.
Answer c - wrong - the procedure manual is updated to show the change.
Answer d - correct - management is notified that the change has been implemented.  And they may want to accredit it.  (Probably should.)

One of the security issues associated with the use of Internet based fax services is:

 

a. Fax is stored in plaintext at the service.
b. Group 2 fax does not support encryption.
c. The services verify fax content.
d. Fax transmissions are usually blocked by a firewall.

 

Answer: a