Page 1565 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1565
machine is that you will lose the contents of memory. Carefully
consider the pros and cons of removing power. After all is
considered, it may be the best choice.
10. B, D. Hacktivists (the word is a combination of hacker and activist)
often combine political motivations with the thrill of hacking. They
organize themselves loosely into groups with names like
Anonymous and Lolzsec and use tools like the Low Orbit Ion
Cannon to create large-scale denial-of-service attacks with little
knowledge required.
11. C. Criminal investigations may result in the imprisonment of
individuals and, therefore, have the highest standard of evidence to
protect the rights of the accused.
12. B. Root-cause analysis seeks to identify the reason that an
operational issue occurred. The root-cause analysis often highlights
issues that require remediation to prevent similar incidents in the
future.
13. A. Preservation ensures that potentially discoverable information is
protected against alteration or deletion.
14. B. Server logs are an example of documentary evidence. Gary may
ask that they be introduced in court and will then be asked to offer
testimonial evidence about how he collected and preserved the
evidence. This testimonial evidence authenticates the documentary
evidence.
15. B. In this case, you need a search warrant to confiscate equipment
without giving the suspect time to destroy evidence. If the suspect
worked for your organization and you had all employees sign
consent agreements, you could simply confiscate the equipment.
16. A. Log files contain a large volume of generally useless information.
However, when you are trying to track down a problem or an
incident, they can be invaluable. Even if an incident is discovered
as it is happening, it may have been preceded by other incidents.
Log files provide valuable clues and should be protected and
archived.
17. D. Review examines the information resulting from the processing
