CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. BCS
  5. CISMP-V9

Free CISMP-V9 Exam Braindumps (page: 7)

Page 7 of 26
PDF with 100 Questions

Why might the reporting of security incidents that involve personal data differ from other types of security incident?

  1. Personal data is not highly transient so its 1 investigation rarely involves the preservation of volatile memory and full forensic digital investigation.
  2. Personal data is normally handled on both IT and non-IT systems so such incidents need to be managed in two streams.
  3. Data Protection legislation normally requires the reporting of incidents involving personal data to a Supervisory Authority.
  4. Data Protection legislation is process-oriented and focuses on quality assurance of procedures and governance rather than data-focused event investigation

Answer(s): D



When handling and investigating digital evidence to be used in a criminal cybercrime investigation, which of the following principles is considered BEST practice?

  1. Digital evidence must not be altered unless absolutely necessary.
  2. Acquiring digital evidence cart only be carried on digital devices which have been turned off.
  3. Digital evidence can only be handled by a member of law enforcement.
  4. Digital devices must be forensically "clean" before investigation.

Answer(s): D



Which of the following compliance legal requirements are covered by the ISO/IEC 27000 series?

1. Intellectual Property Rights.
2. Protection of Organisational Records
3. Forensic recovery of data.
4. Data Deduplication.
5. Data Protection & Privacy.

  1. 1, 2 and 3
  2. 3, 4 and 5
  3. 2, 3 and 4
  4. 1, 2 and 5

Answer(s): D



Why have MOST European countries developed specific legislation that permits police and security services to monitor communications traffic for specific purposes, such as the detection of crime?

  1. Under the European Convention of Human Rights, the interception of telecommunications represents an interference with the right to privacy.
  2. GDPR overrides all previous legislation on information handling, so new laws were needed to ensure authorities did not inadvertently break the law.
  3. Police could previously intercept without lawful authority any communications in the course of transmission through a public post or telecoms system.
  4. Surveillance of a conversation or an online message by law enforcement agents was previously illegal due to the 1950 version of the Human Rights Convention.

Answer(s): C



Page 7 of 26



Post your Comments and Discuss BCS CISMP-V9 exam with other Community members:

bob commented on September 09, 2024
clarification on the level of standards and policy
UNITED STATES
upvote

Lovedeep commented on March 30, 2024
To other guys out there who are going to take this exam. I want to share with you that this exam is extremely hard. Unless you study a lot and use these exam questions dumps you are not going to pass. I pass my exam after 2 attempt but these questions are word by word and was a live saver.
UNITED KINGDOM
upvote

Noobtastic commented on March 29, 2024
In a security governance framework, which of the following publications would be at the HIGHEST level? the answer should be policy
UNITED KINGDOM
upvote

dave commented on March 29, 2024
Question 8 from the official BCS text book "A policy is a high-level statement of an organisation’s values, goals and objectives in a specific area"
Anonymous
upvote

dave commented on March 29, 2024
Question 2 answer is wrong Availability is not one of AAA
Anonymous
upvote

sarra commented on January 17, 2024
the aaa triad in information security is authentication, accounting and authorisation so the answer should be d 1, 3 and 5.
UNITED KINGDOM
upvote

Nikki commented on November 07, 2023
The AAA Triad in Information Security is Authentication, Accounting and Authorisation so the answer should be D 1, 3 and 5.
UNITED KINGDOM
upvote