Information Security

Sample CPP Exam

Questions
 1. Any formula, pattern, device or
compilation of information which is
used in one’s business and which
gives him an opportunity to gain an
advantage over competitors who do
not know or use it is:

 a. A monopoly
 b. An unfair trade practice
 c. A trade secret
 d. A patent
 1. Any formula, pattern, device or
compilation of information which is
used in one’s business and which
gives him an opportunity to gain an
advantage over competitors who do
not know or use it is:

 a. A monopoly
 b. An unfair trade practice
 c. A trade secret
 d. A patent
2. Probably the main reason for loss of
sensitive information is:

 a. Inadvertent disclosure
 b. Deliberately stolen by outsider
 c. Industrial espionage
 d. Deliberately stolen by insider
2. Probably the main reason for loss of
sensitive information is:
 a. Inadvertent disclosure
 b. Deliberately stolen by outsider
 c. Industrial espionage
 d. Deliberately stolen by insider
3. The primary tool of pre-employment
screening is the:
 a. Interview
 b. Application form
 c. The investigation
 d. The investigator
3. The primary tool of pre-employment
screening is the:
 a. Interview
 b. Application form
 c. The investigation
 d. The investigator
4. Competitive intelligence gathering is a
legitimate activity which is engaged in by
many firms throughout the world. The most
important function of competitive
intelligence is to:
 a. Alert senior management to marketplace
changes in order to prevent surprise
 b. Alert senior management as to the personal
habits of competitive senior
management
 c. Alert government intelligence agencies to
marketplace changes
 d. Alert senior management to changes in
protocol in foreign countries
4. Competitive intelligence gathering is a
legitimate activity which is engaged in by
many firms throughout the world. The most
important function of competitive
intelligence is to:
 a. Alert senior management to marketplace
changes in order to prevent surprise
 b. Alert senior management as to the personal
habits of competitive senior
management
 c. Alert government intelligence agencies to
marketplace changes
 d. Alert senior management to changes in
protocol in foreign countries
 5. The instrument used to monitor
telephone call by providing a record of
all numbers dialed from a particular
phone is called:

 a. A wiretap
 b. A bug
 c. An electronic surveillance
 d. A pen register
 5. The instrument used to monitor
telephone call by providing a record of
all numbers dialed from a particular
phone is called:

 a. A wiretap
 b. A bug
 c. An electronic surveillance
 d. A pen register
 6. A clandestine listening device,
generally a small hidden microphone
and radio transmitter is known as :

 a. A bug
 b. A wiretap
 c. A tempest
 d. A beeper
 6. A clandestine listening device,
generally a small hidden microphone
and radio transmitter is known as :

 a. A bug
 b. A wiretap
 c. A tempest
 d. A beeper
 7. A microphone with a large disk-
like attachment used for listening to
audio from great distances is known
as:

 a. Contact microphone
 b. Spike microphone
 c. Parabolic microphone
 d. Moving coil microphone
 7. A microphone with a large disk-
like attachment used for listening to
audio from great distances is known
as:

 a. Contact microphone
 b. Spike microphone
 c. Parabolic microphone
 d. Moving coil microphone
 8. Sound waves too high in
frequency to be heard by the human
ear, generally above 20 KHZ are known
as:
 a. Microwaves
 b. Ultrasonic
 c. High frequency
 d. Short-wave
 8. Sound waves too high in
frequency to be heard by the human
ear, generally above 20 KHZ are known
as:
 a. Microwaves
 b. Ultrasonic
 c. High frequency
 d. Short-wave
 9. Two methods of protection
against telephone line eavesdropping
are apparently reliable. The first
method is “don’t discuss sensitive
information” and the other is:

 a. To use a wire tap detector

 b. To use a radio jammer
 c. To use an audio jammer
 d. To use encryption equipment
 9. Two methods of protection
against telephone line eavesdropping
are apparently reliable. The first
method is “don’t discuss sensitive
information” and the other is:

 a. To use a wire tap detector

 b. To use a radio jammer
 c. To use an audio jammer
 d. To use encryption equipment
 10. The unauthorized acquisition of
sensitive information is known as:

 a. Industrial espionage
 b. Embezzlement
 c. Larceny
 d. False pretenses
 10. The unauthorized acquisition of
sensitive information is known as:

 a. Industrial espionage
 b. Embezzlement
 c. Larceny
 d. False pretenses
 11. Proprietary information is:
 a. Information which must be so classified
under government order
 b. Private information of highly sensitive
character
 c. Defense data which must be classified
according to federal regulations
 d. Anything that an enterprise considers
relevant to its status or operations
and does not want to disclose publicly
 11. Proprietary information is:
 a. Information which must be so classified
under government order
 b. Private information of highly sensitive
character
 c. Defense data which must be classified
according to federal regulations
 d. Anything that an enterprise
considers relevant to its status or
operations and does not want to disclose
publicly
 12. A trade secret is:

 a. Any formula, pattern, device or compilation of

information which is used in one’s business and
which gives that business an opportunity to gain an
advantage over competitors who do not know or use it
 b. All information about a company which the
company desires to protect
 c. Information of a company which is registered as
such with the Patent Office
 d. Information so designated by the government
 12. A trade secret is:

 a. Any formula, pattern, device or compilation of

information which is used in one’s business
and which gives that business an opportunity to
gain an advantage over competitors who do
not know or use it
 b. All information about a company which the
company desires to protect
 c. Information of a company which is registered as
such with the Patent Office
 d. Information so designated by the government
 13. The control software of a Private Board
Exchange (PBX) can be accessed and
compromised by calling the telephone
number of a device on the PBX from a
computer and modem. The name of this PBX
device is the:

 a. Time Domain Reflectometer

 b. Remote Maintenance Access
Terminal
 c. Current Carrier Signaling Port
 d. Internal and Remote Signal Port
 13. The control software of a Private Board
Exchange (PBX) can be accessed and
compromised by calling the telephone
number of a device on the PBX from a
computer and modem. The name of this PBX
device is the:

 a. Time Domain Reflectometer

 b. Remote Maintenance Access
Terminal
 c. Current Carrier Signaling Port
 d. Internal and Remote Signal Port
 14. Which of the following is
generally not true in regard to
proprietary information?

 a. Secret information does not have to be

specifically identifiable
 b. Secret information must be such that it
can be effectively protected
 c. The more narrowly a business defines what it
regards as secret, the easier it is to protect
that body of information
 d. It is difficult to protect as a trade secret that
which can be found in publicly
accessible sources
 14. Which of the following is
generally not true in regard to
proprietary information?

 a. Secret information does not have to be

specifically identifiable
 b. Secret information must be such that it
can be effectively protected
 c. The more narrowly a business defines what it
regards as secret, the easier it is to protect
that body of information
 d. It is difficult to protect as a trade secret that
which can be found in publicly
accessible sources
 15. With respect to trade secrets, it may be
decided that its disclosure by another was innocent
rather than wrongful even in the case where the
person making the disclosure really was guilty of
malice or wrong intent. This situation may occur
when:
 a. There is absence of evidence that an owner
has taken reasonable precautions to protect
confidential information
 b. The trade secret was not registered
 c. The trade secret did not involve national
defense information
 d. The trade secret was not in current use
 15. With respect to trade secrets, it may be
decided that its disclosure by another was innocent
rather than wrongful even in the case where the
person making the disclosure really was guilty of
malice or wrong intent. This situation may occur
when:

 a. There is absence of evidence that an owner

has taken reasonable precautions to protect
confidential information
 b. The trade secret was not registered
 c. The trade secret did not involve national
defense information
 d. The trade secret was not in current use
16. The class of person under a duty to
safeguard a proprietary secret is known
as:

 a. Agents
 b. Principals
 c. Fiduciaries
 d. Business Associates
16. The class of person under a duty to
safeguard a proprietary secret is known
as:

 a. Agents
 b. Principals
 c. Fiduciaries
 d. Business Associates
 17. Which of the following is not a correct
statement, or a general rule, involving the
protection of proprietary information?

 a. By operation of common law employees are presumed to

be fiduciaries to the extent they may not disclose secrets of
their employers without authorization
 b. As a class, employees are the largest group of persons
bound to secrecy because of their status or relationship
 c. Other than employees, any other persons to be bound to
secrecy must agree to be so bound
 d. Any agreements to be bound must always be in writing and
are not implied from acts
 17. Which of the following is not a correct
statement, or a general rule, involving the
protection of proprietary information?

 a. By operation of common law employees are presumed to

be fiduciaries to the extent they may not disclose secrets of
their employers without authorization
 b. As a class, employees are the largest group of persons
bound to secrecy because of their status or relationship
 c. Other than employees, any other persons to be bound to
secrecy must agree to be so bound
 d. Any agreements to be bound must always be in writing
and are not implied from acts
 18. Probably the chief reason for the
loss of information about sensitive
operations is:
 a. Deliberately stolen by an outsider
 b. Loss by fire or other disaster
 c. Deliberately stolen by insider
 d. Lost through inadvertent disclosure
 18. Probably the chief reason for the
loss of information about sensitive
operations is:
 a. Deliberately stolen by an outsider
 b. Loss by fire or other disaster
 c. Deliberately stolen by insider
 d. Lost through inadvertent
disclosure
19. The term “eavesdropping” refers to:

 a. Wiretapping only
 b. “Bugging” only
 c. Both wiretapping and “bugging”
 d. Mail covers
19. The term “eavesdropping” refers to:

 a. Wiretapping only
 b. “Bugging” only
 c. Both wiretapping and “bugging”
 d. Mail covers
 20. A microphone which has the
characteristics of requiring no power source
to operate it, is quite small, relatively
difficult to detect, and is offered by
equipment suppliers in such items as cuff
links and hearing aides is known as:

 a. Carbon microphone
 b. Dynamic microphone
 c. Contact microphone
 d. Parabolic microphone
 20. A microphone which has the
characteristics of requiring no power source
to operate it, is quite small, relatively
difficult to detect, and is offered by
equipment suppliers in such items as cuff
links and hearing aides is known as:

 a. Carbon microphone
 b. Dynamic microphone
 c. Contact microphone
 d. Parabolic microphone
 21. A microphone which is normally
installed on a common wall adjoining a
target area when it is impractical or
impossible to enter the area to make a
microphone installation is:
 a. Carbon microphone
 b. Dynamic microphone
 c. Contact microphone
 d. Parabolic microphone
 21. A microphone which is normally
installed on a common wall adjoining a
target area when it is impractical or
impossible to enter the area to make a
microphone installation is:
 a. Carbon microphone
 b. Dynamic microphone
 c. Contact microphone
 d. Parabolic microphone
22. Which of the following is not true
with regard to electronic
eavesdropping:
 a. A listening device installed in a wire will cause a
crackling sound, click or other noise than can be heard on
the line
 b. An effective countermeasures survey to detect evidence
of electronic eavesdropping in telephone equipment
must be conducted by a person technically familiar with
such equipment
 c. All wiring should be traced out and accounted for in a
countermeasures survey
 d. In a countermeasures survey to detect electronic
eavesdropping. A physical search should be utilized
as well as an electronic search
22. Which of the following is not true
with regard to electronic
eavesdropping:
 a. A listening device installed in a wire will cause a
crackling sound, click or other noise than can be
heard on the line
 b. An effective countermeasures survey to detect evidence
of electronic eavesdropping in telephone equipment
must be conducted by a person technically familiar with
such equipment
 c. All wiring should be traced out and accounted for in a
countermeasures survey
 d. In a countermeasures survey to detect electronic
eavesdropping. A physical search should be utilized
as well as an electronic search
 23. In designing a proprietary
information protection program, the
area of greatest vulnerability is:

 a. Personnel files
 b. Marketing data
 c. Employees
 d. Computers
 23. In designing a proprietary
information protection program, the
area of greatest vulnerability is:

 a. Personnel files
 b. Marketing data
 c. Employees
 d. Computers
24. Two of the three most common
methods of information losses are
inadvertent disclosure and industrial
espionage. Which of the following is the
third:

 a. Newspaper articles
 b. Television
 c. Magazine articles
 d. Theft by an insider
 24. Two of the three most common
methods of information losses are
inadvertent disclosure and industrial
espionage. Which of the following is the
third:

 a. Newspaper articles
 b. Television
 c. Magazine articles
 d. Theft by an insider
25. Which of the following statements
is incorrect with regard to an
information security program?

 a. A good information security program will provide

absolute protection against an enemy spy
 b. The information security program is an attempt to
make theft of sensitive information difficult, not
necessarily eliminate it
 c. A trust relationship must be established and
maintained with employees
 d. The good will and compliance of employees is crucial
for success
25. Which of the following statements
is incorrect with regard to an
information security program?

 a. A good information security program will provide

absolute protection against an enemy spy
 b. The information security program is an attempt to
make theft of sensitive information difficult, not
necessarily eliminate it
 c. A trust relationship must be established and
maintained with employees
 d. The good will and compliance of employees is crucial
for success
 26. Vital records normally constitute
the following percentage of the
company’s total records:
 a. 2%
 b. 5%
 c. 10%
 d. 15%
 26. Vital records normally constitute
the following percentage of the
company’s total records:
 a. 2%
 b. 5%
 c. 10%
 d. 15%
 27. A specially constructed
microphone attached directly to an
object or surface to be protected and
which responds only when the
protected object or surface is
disturbed is known as:
 a. Parabolic microphone
 b. Special audio microphone
 c. Contact microphone
 d. Surreptitious microphone
 27. A specially constructed
microphone attached directly to an
object or surface to be protected and
which responds only when the
protected object or surface is
disturbed is known as:
 a. Parabolic microphone
 b. Special audio microphone
 c. Contact microphone
 d. Surreptitious microphone
 28. “Social engineering” is:

 a. The conversation involved in the beginning of a

romantic relationship
 b. A function of the personnel department in which
like persons are teamed together in
workshops or seminars for maximum
productivity
 c. The subtle elicitation of information without
revealing the true purpose of the call
 d. The specific design of a business structure to
facilitate the interaction of the inhabitants
 28. “Social engineering” is:

 a. The conversation involved in the beginning of a

romantic relationship
 b. A function of the personnel department in which
like persons are teamed together in
workshops or seminars for maximum
productivity
 c. The subtle elicitation of information without
revealing the true purpose of the call
 d. The specific design of a business structure to
facilitate the interaction of the inhabitants
29. A former employee, who had access to your
trade secret information, is now employed by a
competitor and is apparently using the trade secret
information to gain market share. There are several
serious factors you should consider before you institute
litigation in the matter. Which of the following is not a
serious factor to be considered?
 a. You may have to expose the very secrets you are
attempting to protect
 b. The cost of the litigation may exceed the value of the
secret information
 c. You may lose your case
 d. Other employees may leave the company and attempt
to use trade secret information in the business of a
new employer
29. A former employee, who had access to your
trade secret information, is now employed by a
competitor and is apparently using the trade secret
information to gain market share. There are several
serious factors you should consider before you institute
litigation in the matter. Which of the following is not a
serious factor to be considered?
 a. You may have to expose the very secrets you are
attempting to protect
 b. The cost of the litigation may exceed the value of the
secret information
 c. You may lose your case
 d. Other employees may leave the company and attempt
to use trade secret information in the business of a
new employer
 30. Electromagnetic radiation is
detectable electromagnetic energy is
generated by electronic information
processing devices. Which of the
following is used to protect very
sensitive equipment?
 a. A current carrier device
 b. Pneumatic cavity shielding
 c. Tempest shielding
 d. Pen register shielding
 30. Electromagnetic radiation is
detectable electromagnetic energy is
generated by electronic information
processing devices. Which of the
following is used to protect very
sensitive equipment?
 a. A current carrier device
 b. Pneumatic cavity shielding
 c. Tempest shielding
 d. Pen register shielding
Information Security
The End