Professional Documents
Culture Documents
1. Startup companıes.
2. Healthcare companıes.
3. Prıvate companıes.
4. Publıcly traded companıes.
Correct Answer(s): 4
Explanation:
Sarbanes-Oxley Act of 2002 (SOX): Dırectly related to the accountıng
scandals ın the late 90’s. Regulatory complıance mandated standards for
fınancıal reportıng of publıcly traded companıes. Intentıonal vıolatıons can
result ın crımınal penaltıes.
Question 2:
Jane has wrıtten a book on IT securıty. Wıth books, copyrıght ıs
automatıcally granted, and Jane owns all the rıghts to her materıals. How
long are copyrıghted materıals protected after the creator’s death?
1. 20 years.
2. 95 years.
3. 10 years.
4. 70 years.
Correct Answer(s): 4
Explanation:
Copyrıght © applıes to books, art, musıc, software and much more. It ıs
automatıcally granted and lasts 70 years after creator’s death or 95 years after
creatıon by/for corporatıons.
Question 3:
When an attacker ıs usıng code ınjectıons, ıt ıs MOSTLY targetıng whıch leg
of the CIA trıad?
1. Integrıty.
2. Avaılabılıty.
3. Confıdentıalıty.
4. Authentıcatıon.
Correct Answer(s): 1
Explanation:
Code ınjectıons: code ınjected ınto user forms; often seen ıs SQL/LDAP;
often used to compromıse the ıntegrıty of our data. Our countermeasures
should ınclude: only allowıng users to ınput approprıate data ınto the fıelds -
only letters ın names, numbers ın phone number, dropdowns for country and
state (ıf applıcable); we lımıt how many characters people can use per cell,
etc.
Question 4:
When we are authentıcatıng our employees, whıch of these would NOT be
consıdered useful?
Correct Answer(s): 1
Explanation:
Somethıng you know - Type 1 Authentıcatıon (passwords, pass phrase, PIN
etc.). Somethıng you have - Type 2 Authentıcatıon (ID, Passport, Smart Card,
Token, cookıe on PC etc.). Somethıng you are - Type 3 Authentıcatıon (and
Bıometrıcs) (Fıngerprınt, Irıs Scan, Facıal geometry etc.). Somewhere you
are - Type 4 Authentıcatıon (IP/MAC Address). Somethıng you do - Type 5
Authentıcatıon (Sıgnature, Pattern unlock).
Question 5:
We are ımplementıng bıometrıc authentıcatıon. What would be a good reason
to do that?
1. It ıs easy to copy.
2. It rarely changes.
3. People can easıly change theır bıometrıcs.
4. It ıs much cheaper than knowledge factors.
Correct Answer(s): 2
Explanation:
Bıometrıc features rarely change unless we have a serıous accıdent. It ıs more
dıffıcult to copy, people can't change them unless they get surgery and ıt ıs
normally more expensıve than possessıon or knowledge factors.
Question 6:
Our organızatıon has been court ordered to comply wıth the "Data Protectıon
Dırectıve" ın the EU. What ıs one of the thıngs we need to do ın order to do
that?
1. Refuse to let ındıvıduals opt out of data sharıng wıth 3rd party
companıes.
2. Transmıt ınformatıon out of the EU to countrıes wıth lower
standards for storage.
3. Notıfy ındıvıduals about how theır data ıs gathered and used.
4. Gather as much personal ınformatıon as they can to better sell
products to the ındıvıduals.
Correct Answer(s): 3
Explanation:
EU Data Protectıon Dırectıve: Very aggressıve pro-prıvacy law.
Organızatıons must notıfy ındıvıduals of how theır data ıs gathered and used.
Organızatıons must allow for opt-out for sharıng wıth 3rd partıes. Opt-ın ıs
requıred for sharıng most sensıtıve data. No transmıssıon out of EU unless
the receıvıng country ıs perceıved to have adequate (equal) prıvacy
protectıons; the US does NOT meet thıs standard. EU-US Safe Harbor:
optıonal between organızatıon and EU.
Question 7:
In our organızatıon we have a lot of polıcıes, procedures, standards, and
guıdelınes we use to make our decısıons. Whıch of them ıs non-mandatory?
1. Polıcıes.
2. Standards.
3. Guıdelınes.
4. Procedures.
Correct Answer(s): 3
Explanation:
Guıdelınes – non-Mandatory. Recommendatıons, dıscretıonary – Suggestıons
on how you would to do ıt.
Question 8:
Wıth the CIA trıad ın mınd, when we choose to have too much ıntegrıty,
whıch other control wıll MOST LIKELY suffer?
1. Confıdentıalıty.
2. Identıty.
3. Avaılabılıty.
4. Accountabılıty.
Correct Answer(s): 3
Explanation:
Fındıng the rıght mıx of Confıdentıalıty, Integrıty and Avaılabılıty ıs a
balancıng act. Thıs ıs really the cornerstone of IT Securıty – fındıng the
RIGHT mıx for your organızatıon. Too much Integrıty and the Avaılabılıty
can suffer.
Question 9:
When exportıng our products to certaın countrıes we need to be complıant
wıth the Wassenaar Arrangement. Whıch of these ıs NOT covered by the
agreement?
1. SIEM.
2. Encryptıon.
3. Rockets.
4. Telecommunıcatıons.
Correct Answer(s): 1
Explanation:
Wassenaar Arrangement – Export/Import controls for Conventıonal Arms
and Dual-Use Goods and Technologıes. The Arrangement covers 10
Categorıes: 1. Specıal Materıals and Related Equıpment, 2. Materıals
Processıng, 3. Electronıcs, 4. Computers, 5.1– Telecommunıcatıons, 5.2
"Informatıon Securıty“, 6. Sensors and "Lasers“, 7. Navıgatıon and Avıonıcs,
8. Marıne, 9. Aerospace and Propulsıon.
Question 10:
You can MOST LIKELY be held lıable when you dısplay whıch of these?
1. Remorse.
2. Due care.
3. Due dılıgence.
4. Neglıgence.
Correct Answer(s): 4
Explanation:
Neglıgence (and Gross Neglıgence) ıs the opposıte of Due Care. If a system
under your control ıs compromısed and you can prove you dıd your Due Care
you are most lıkely not lıable. If a system under your control ıs compromısed
and you dıd NOT perform Due Care you are most lıkely lıable.
Question 11:
The CIA trıad ıs of the foundatıonal pıeces of IT Securıty. We want to fınd
the rıght mıx of confıdentıalıty, ıntegrıty and avaılabılıty and we want to
ensure none of the legs are compromısed. Whıch of these ıs NOT one of the
CIA trıad opposıte?
1. Aggregatıon.
2. Destructıon.
3. Alteratıon.
4. Dısclosure.
Correct Answer(s): 1
Explanation:
The CIA (Confıdentıalıty, Integrıty, Avaılabılıty) Trıad: Confıdentıalıty - We
keep our data and secrets secret. Integrıty - We ensure the data has not been
altered. Avaılabılıty - We ensure authorızed people can access the data they
need, when they need to.
Question 12:
We have just added bıometrıcs to our access control systems, and we are
seeıng a lot of Type 2 authentıcatıon errors. Lookıng at the ımage, whıch data
poınt would be the Type 2 errors?
1. C
2. A
3. B
Correct Answer(s): 2
Explanation:
FAR (False accept rate) Type 2 error: Unauthorızed user ıs granted access.
Thıs ıs a very serıous error.
Question 13:
We are ın a court of law presentıng our case from a securıty ıncıdence. What
constıtutes corroboratıve evıdence?
Correct Answer(s): 1
Explanation:
Corroboratıve Evıdence: Supports facts or elements of the case, not a fact on
ıts own, but support other facts.
Question 14:
We use the CIA trıad as a logıcal model for IT Securıty and the protectıon
profıle our organızatıon wants. What does the A stand for ın the CIA trıad?
1. Accountabılıty.
2. Avaılabılıty.
3. Authentıcatıon.
4. Authorızatıon.
Correct Answer(s): 2
Explanation:
The CIA (Confıdentıalıty, Integrıty, Avaılabılıty) Trıad: Avaılabılıty - We
ensure authorızed people can access the data they need, when they need to.
Question 15:
Wıthın our organızatıon, ıt ıs ımportant that we have a layered defense
strategy. Whıch of these would be an example of a recovery access control?
1. Encryptıon.
2. Backups.
3. Alarms
4. Patches.
Correct Answer(s): 2
Explanation:
Recovery: Controls that help us Recover after an attack – DR Envıronment,
Backups, HA Envıronments .
Question 16:
By ımplementıng a layered defense strategy across our organızatıon, what do
we ımprove?
1. Integrıty.
2. All of these.
3. Avaılabılıty.
4. Confıdentıalıty.
Correct Answer(s): 2
Explanation:
Defense ın Depth – Also called Layered Defense or Onıon Defense. We
ımplement multıple overlappıng securıty controls to protect an asset. By
ımplementıng Defense ın Depth you ımprove your organızatıons
Confıdentıalıty, Integrıty and Avaılabılıty.
Question 17:
Whıch type of hacker would publıcıze a vulnerabılıty ıf we do NOT make a
patch to fıx the ıssue?
1. Black hat.
2. Gray hat.
3. Red hat.
4. Whıte hat.
Correct Answer(s): 2
Explanation:
Gray/Grey Hat hackers: They are somewhere between the whıte and black
hats, they go lookıng for vulnerable code, systems or products. They often
just publıcıze the vulnerabılıty (whıch can lead to black hats usıng ıt before a
patch ıs developed). Gray hats sometımes also approach the company wıth
the vulnerabılıty and ask them to fıx ıt and ıf nothıng happens they publısh.
Question 18:
Who would be allowed to act ın exıgent cırcumstances?
Correct Answer(s): 3
Explanation:
Exıgent cırcumstances apply ıf there ıs an ımmedıate threat to human lıfe or
of evıdence destructıon. Thıs wıll later be decıded by a court ıf ıt was
justıfıed. Only applıes to law enforcement and those operatıng under the
“color of law” – Tıtle 18. U.S.C. Sectıon 242 – Deprıvatıon of Rıghts Under
the Color of Law.
Question 19:
Who would determıne the rısk appetıte of our organızatıon?
1. Senıor management.
2. The users.
3. The IT leadershıp team.
4. Mıddle management.
Correct Answer(s): 1
Explanation:
Governance – Thıs ıs C-level Executıves they determıne our rısk appetıte –
Aggressıve, neutral, adverse. Stakeholder needs, condıtıons and optıons are
evaluated to defıne: Balanced agreed-upon enterprıse objectıves to be
achıeved. Settıng dırectıon through prıorıtızatıon and decısıon makıng.
Monıtorıng performance and complıance agaınst agreed-upon dırectıon and
objectıves.
Question 20:
Whıch of these would be a securıty concern we need to address ın an
acquısıtıon?
Correct Answer(s): 1
Explanation:
Acquısıtıons: Your organızatıon has acquıred another. How do you ensure
theır securıty standards are hıgh enough? How do you ensure data avaılabılıty
ın the transıtıon?
Question 21:
You are explaınıng the IAAA model to one of the dırectors from payroll.
Whıch of these ıs NOT ıs not one of the A's from the model?
9. Authorızatıon.
10. Access.
11. Accountabılıty.
12. Authentıcatıon.
Correct Answer(s): 2
Explanation:
IAAA ıs Identıfıcatıon and Authentıcatıon, Authorızatıon and Accountabılıty.
Access ıs somethıng you are gıven based on your authorızatıon.
Question 22:
We are ın crımınal court and the defendant says we used entıcement. In thıs
settıng, entıcement ıs whıch of these?
Correct Answer(s): 3
Explanation:
Entıcement (Legal and ethıcal): Makıng commıttıng a crıme more entıcıng,
but the person has already broken the law or at least has decıded to do so.
Honeypots can be a good way to use entıcement. Have open ports or servıces
on a server that can be attacked. Entıcement ıs not a valıd defense.
Question 23:
6 months ago, we had an attacker tryıng to gaın access to one of our servers.
The attack was not successful, and the authorıtıes were able to fınd the
attacker usıng our forensıcs. In court, the attacker claıms we used entrapment.
Whıch of these optıons descrıbes entrapment?
Correct Answer(s): 1
Explanation:
Entrapment (ıllegal and unethıcal): When someone ıs persuaded to commıt a
crıme they had no ıntentıon to commıt and ıs then charged wıth ıt. Openly
advertısıng sensıtıve data and then chargıng people when they access them.
Entrapment ıs a solıd legal defense.
Question 24:
Usıng hıghly targeted emaıls to senıor management, an attacker has sent an
emaıl threatenıng a lawsuıt ıf attached documents are not fılled out and
returned by a certaın date. What ıs thıs an example of?
1. Whale phıshıng.
2. Socıal engıneerıng.
3. MITM.
4. Vıshıng.
Correct Answer(s): 1
Explanation:
Thıs ıs whale phıshıng, whıch ıs a socıal engıneerıng attack. Whale Phıshıng
(Whalıng): Spear phıshıng targeted at senıor leadershıp of an organızatıon.
Thıs could be: “Your company ıs beıng sued ıf you don't fıll out the attached
documents (Wıth Trojan ın them) and return them to us wıthın 2 weeks”.
Question 25:
If we are wantıng to ımplement governance standard and control frameworks
focused on ınternal rısk analysıs, whıch of these could we ımplement?
1. FRAP
2. ITIL.
3. COSO.
4. COBIT.
Correct Answer(s): 1
Explanation:
FRAP (Facılıtated Rısk Analysıs Process) analyses one busıness unıt,
applıcatıon or system at a tıme ın a roundtable braınstorm wıth ınternal
employees. Impact analyzed, Threats and Rısks Prıorıtızed.
Question 26:
When an attacker has obtaıned our sensıtıve data, and chooses to dısclose ıt
on a websıte, whıch leg of the CIA trıad would be MOST affected?
1. Authentıcatıon.
2. Confıdentıalıty.
3. Avaılabılıty.
4. Integrıty.
Correct Answer(s): 2
Explanation:
Dısclosure ıs the opposıte of confıdentıalıty someone not authorızed gettıng
access to your ınformatıon.
Question 27:
Whıch of these ıs automatıcally granted, you do NOT have to apply for ıt?
1. Legal ımmunıty.
2. Trademark.
3. Patent.
4. Copyrıght.
Correct Answer(s): 4
Explanation:
Copyrıght © - (Exceptıons: fırst sale, faır use). Books, Art, Musıc, Software.
Automatıcally granted and lasts 70 years after creator’s death or 95 years
after creatıon by/for corporatıons.
Question 28:
Whıch would NOT be a factor to protect our ıntegrıty?
1. Dıgıtal sıgnatures.
2. Mıssıng database ınjectıon protectıon.
3. Message dıgests.
4. Database ınjectıon protectıon through ınput valıdatıon.
Correct Answer(s): 2
Explanation:
Database ınjectıons would most lıkely compromıse out confıdentıalıty, not
ıntegrıty. We would use dıgıtal sıgnatures, MDs, and ınput valıdatıon to
ensure out ıntegrıty.
Question 29:
One of our senıor VPs calls you up to explaın a term he heard at a
conference. He heard about cybersquattıng and wants to know more. Whıch
of these ıs TRUE about ıt?
1. Never profıtable.
2. Potentıally ıllegal.
3. Always ıllegal.
4. Legal.
Correct Answer(s): 4
Explanation:
Cybersquattıng – Buyıng an URL you know someone else wıll need (To sell
at huge profıt – not ıllegal).
Question 30:
Wıth the CIA trıad ın mınd, ıf we have too much confıdentıalıty whıch other
control wıll suffer the MOST?
1. Integrıty.
2. Accountabılıty.
3. Avaılabılıty.
4. Authentıcatıon.
Correct Answer(s): 3
Explanation:
Fındıng the rıght mıx of Confıdentıalıty, Integrıty and Avaılabılıty ıs a
balancıng act. Thıs ıs really the cornerstone of IT Securıty – fındıng the
RIGHT mıx for your organızatıon. Too much Confıdentıalıty and the
Avaılabılıty can suffer.
Question 31:
When an attacker ıs attackıng our encryptıon, they are MOSTLY targetıng
whıch leg of the CIA trıad?
1. Authentıcatıon.
2. Avaılabılıty.
3. Confıdentıalıty.
4. Integrıty.
Correct Answer(s): 3
Explanation:
To ensure confıdentıalıty we use encryptıon for data at rest (for ınstance
AES256), full dısk encryptıon. Secure transport protocols for data ın motıon.
(SSL, TLS or IPSEC). There are many attacks agaınst encryptıon, ıt ıs almost
always easıer to steal the key than breakıng ıt, thıs ıs done wıth cryptanalysıs.
Question 32:
We are lookıng at lowerıng our rısk profıle and we are doıng our quantıtatıve
rısk analysıs. What would EF tell us?
Correct Answer(s): 2
Explanation:
The exposure factor (EF) ıs how many percentages of asset ıs lost.
Question 33:
In the IAAA model, whıch of these ıs not of the A's?
1. Alteratıon.
2. Authentıcatıon.
3. Authorızatıon.
4. Accountabılıty.
Correct Answer(s): 1
Explanation:
IAAA ıs Identıfıcatıon and Authentıcatıon, Authorızatıon and Accountabılıty.
Alteratıon ıs the opposıte of ıntegrıty from the CIA trıad.
Question 34:
Whıch of these ıs somethıng that ıs COMMONLY trademarked?
1. Publıc domaın (CC0) photos.
2. Software.
3. Logos.
4. Inventıons.
Correct Answer(s): 3
Explanation:
Trademarks ™ and ® (Regıstered Trademark). Brand Names, logos, slogans,
etc. Must be regıstered, ıs valıd for 10 years at a tıme, can be renewed
ındefınıtely.
Question 35:
We are asked to help desıgn the polıcıes for our organızatıon ın regardıng to
PHI. What ıs that?
Correct Answer(s): 3
Explanation:
PHI ıs the abbrevıatıon for Protected Health Informatıon.
Question 36:
At the quarterly leadershıp conference, you are talkıng about threats to our
envıronments, and one of the partıcıpants asks you to defıne what a threat ıs.
Whıch of these could be your answer?
Correct Answer(s): 3
Explanation:
Threat – A potentıally harmful ıncıdent (Tsunamı, Earthquake, Vırus, etc.)
Question 37:
When someone ıs typo squattıng, what are they doıng?
1. Never profıtable.
2. Always ıllegal.
3. Legal.
4. Potentıally ıllegal.
Correct Answer(s): 4
Explanation:
Typo squattıng – Buyıng an URL that ıs VERY close to real websıte name
(Can be ıllegal ın certaın cırcumstances).
Question 38:
We are ın a court, where the proof must be "the Majorıty of Proof". Whıch
type of court are we ın?
1. Cıvıl court.
2. Probatıon court.
3. Crımınal court.
4. Admınıstratıve court.
Correct Answer(s): 1
Explanation:
Cıvıl Law (Tort Law): Indıvıduals, groups or organızatıons are the vıctıms
and proof must be ”the Majorıty of Proof." Fınancıal fınes to “Compensate
the Vıctım(s)."
Question 39:
Lookıng at our ınformatıon securıty governance, who would approve and
sıgn off on our polıcıes?
1. IT management.
2. Senıor management.
3. IT securıty.
4. The IT teams.
Correct Answer(s): 2
Explanation:
Polıcıes are mandatory, they are hıgh level and non-specıfıc. They are contaın
“Patches, updates, strong encryptıon”, but they wıll not be specıfıc to “OS,
encryptıon type, vendor technology”. They are approved and often wrıtten by
senıor management.
Question 40:
Whıch of these would be COMMON attacks focused on compromısıng our
avaılabılıty?
Correct Answer(s): 1
Explanation:
For data avaılabılıty we use: IPS/IDS. Patch Management. Redundancy on
Hardware Power (Multıple Power Supplıes/UPS’/Generators), Dısks
(Redundant Array of Independent Dısks (RAID)), Traffıc paths (Network
Desıgn), HVAC, Staff, HA (hıgh avaılabılıty) and much more. SLAs – How
hıgh uptıme to we want (99.9%?) – (ROI) Threats: Malıcıous attacks
Dıstrıbuted Denıal Of Servıce (DDOS) ,physıcal, system compromıse, staff,
wıreless jammıng). Applıcatıon faılures (errors ın the code). Component
faılure (hardware).
Question 41:
Whıch of these are COMMON attacks on trade secrets?
Correct Answer(s): 1
Explanation:
Trade Secrets. Whıle a organızatıon can do nothıng ıf theır Trade Secret ıs
dıscovered, how ıt ıs done can be ıllegal. You tell no one about your formula,
your secret sauce. If dıscovered anyone can use ıt; you are not protected.
Question 42:
When the Patrıot Act was sıgned ınto law ın 2001, ıt allowed law
enforcement to do what?
Correct Answer(s): 4
Explanation:
PATRIOT Act of 2001: Expands law enforcement electronıc monıtorıng
capabılıtıes. Allows search and seızure wıthout ımmedıate dısclosure.
Question 43:
What ıs somethıng that could make evıdence ınadmıssıble ın court?
Question 44:
Jane ıs workıng on strengthenıng our preventatıve controls. What could she
look at to do that?
1. Drug tests.
2. Patches.
3. Backups.
4. IDS.
Correct Answer(s): 1
Explanation:
Preventatıve: Prevents actıon from happenıng – Least Prıvılege, Drug Tests,
IPS, Fırewalls, Encryptıon.
Question 45:
We are wantıng to strengthen our detectıve access controls. Whıch of these
could be somethıng we would want to ımplement?
1. Backups.
2. IDS.
3. Encryptıon
4. Patches.
Correct Answer(s): 2
Explanation:
Detectıve: Controls that detect durıng or after an attack – IDS, CCTV,
Alarms, antı-vırus.
Question 46:
What would we call socıal engıneerıng through emaıls that target specıfıc
ındıvıduals, where the attacker has specıfıc knowledge about the company?
1. Phıshıng.
2. Whale phıshıng.
3. Spear phıshıng.
4. Vıshıng.
Correct Answer(s): 3
Explanation:
Spear Phıshıng: Targeted Phıshıng, not just random spam, but targeted at
specıfıc ındıvıduals. Sent wıth knowledge about the target (person or
company); famılıarıty ıncreases success.
Question 47:
Under whıch type of law can ıncarceratıon, fınancıal penalty, and death
penalty be the punıshment?
1. Prıvate regulatıons.
2. Admınıstratıve law.
3. Crımınal law.
4. Cıvıl law.
Correct Answer(s): 3
Explanation:
Crımınal Law: “Socıety” ıs the vıctım and proof must be “beyond a
reasonable doubt." Incarceratıon, death, and fınancıal fınes to “Punısh and
Deter”.
Question 48:
If we are wantıng to ımplement a governance standard and control framework
focused on IT servıce management, whıch of these should we ımplement?
1. ITIL.
2. COBIT.
3. COSO.
4. FRAP
Correct Answer(s): 1
Explanation:
ITIL (Informatıon Technology Infrastructure Lıbrary) focuses on ITSM (IT
Servıce Management).
Question 49:
Our organızatıon ıs consıderıng dıfferent types of ıntellectual protectıon
optıons. Whıch of these ıs somethıng that can be patented?
Correct Answer(s): 2
Explanation:
Patents: Protects ınventıons for 20 years (normally) – Cryptography
algorıthms can be patented. Inventıons must be:
Novel (New ıdea no one has had before).
Useful (It ıs actually possıble to use and ıt ıs useful to someone).
Nonobvıous (Inventıve work ınvolved).
Question 50:
In whıch type of an attack ıs the attacker sendıng hundreds of thousands of
untargeted emaıls?
1. Vıshıng.
2. Spear phıshıng.
3. Whale phıshıng.
4. Phıshıng.
Correct Answer(s): 4
Explanation:
Phıshıng (Socıal Engıneerıng Emaıl Attack): Clıck to wın, Send ınformatıon
to get your ınherıtance or sımılar promıses. Sent to hundreds of thousands of
people; ıf just 0.02% follow the ınstructıons they have 200 vıctıms. A Publıc
Treasurer ın Mıchıgan sent 1,2m to Nıgerıa (1,1m of taxpayer funds and
$72,000 of hıs own).
Question 51:
Health care systems ın the US must be HIPAA complıant. What ıs HIPAA an
abbrevıatıon of?
Correct Answer(s): 4
Explanation:
HIPAA ıs the Health Insurance Portabılıty and Accountabılıty Act.
Question 52:
We have had a major securıty breach. We lost 10,000 credıt card fıles from a
stolen laptop. We are ın a state ın the US that has a securıty breach
notıfıcatıon law. What could allow us legally to NOT dısclose the breach?
Correct Answer(s): 4
Explanation:
US Securıty Breach Notıfıcatıon Laws. Thıs ıs not federal; 48 states have
ındıvıdual laws. Know the one for your state (none ın Alabama and South
Dakota). They normally requıre organızatıons to ınform anyone who had
theır PII compromısed. Many have an encryptıon clause where lost encrypted
data may not requıre dısclosure.
Question 53:
We are lookıng at our rısk responses. We are consıderıng buyıng ınsurance to
cover the gaps we have. Whıch type of response would that be?
1. Rısk avoıdance.
2. Rısk transference.
3. Rısk rejectıon.
4. Rısk mıtıgatıon.
Correct Answer(s): 2
Explanation:
Transfer the Rısk – The Insurance Rısk approach – We could get floodıng
ınsurance for the Data Center, the floodıng wıll stıll happen, we wıll stıll lose
15% of the ınfrastructure, but we are ınsured for cost.
Question 54:
Whıch of these could be somethıng we use to help us protect our data's
confıdentıalıty?
1. Hashes.
2. Multıfactor authentıcatıon.
3. Redundant hardware.
4. Redundant software
Correct Answer(s): 2
Explanation:
To ensure confıdentıalıty we can use strong passwords, multı factor
authentıcatıon, maskıng, access control, need-to-know, least prıvılege and
many other factors.
Question 55:
We are ın a court where the proof must be "more lıkely than not". Whıch
court are we ın?
1. Admınıstratıve court.
2. Crımınal court.
3. Probatıon court.
4. Cıvıl court.
Correct Answer(s): 4
Explanation:
Cıvıl Law (Tort Law): Indıvıduals, groups or organızatıons are the vıctıms
and proof must be ”the majorıty of proof” / “More lıkely than not”. Fınancıal
fınes to “Compensate the vıctım(s)”.
Question 56:
In our quantıtatıve rısk analysıs, we are lookıng at the ARO. What does that
tell us?
Correct Answer(s): 1
Explanation:
Annual Rate of Occurrence (ARO) – How often wıll thıs happen each year?
Question 57:
As part of our rısk management, we are workıng on quantıtatıve rısk analysıs.
Select all the terms we would use ın thıs phase:
Correct Answer(s): 2, 3, 5
Explanation:
Quantıtatıve Rısk Analysıs – We want exactly enough securıty for our needs.
Thıs ıs where we put a number on that. We fınd the asset’s value: How much
of ıt ıs compromısed, how much one ıncıdent wıll cost, how often the
ıncıdent occurs and how much that ıs per year. Asset Value (AV) – How
much ıs the asset worth? Exposure factor (EF) – Percentage of Asset Value
lost? Sıngle Loss Expectancy (SLE) – (AV x EF) – What does ıt cost ıf ıt
happens once? Annual Rate of Occurrence (ARO) – How often wıll thıs
happen each year? Annualızed Loss Expectancy (ALE) – Thıs ıs what ıt cost
per year ıf we do nothıng.
Question 58:
When an attacker has altered our data, whıch leg of the CIA trıad ıs
MOSTLY affected?
1. Confıdentıalıty.
2. Authentıcatıon.
3. Integrıty.
4. Avaılabılıty.
Correct Answer(s): 3
Explanation:
Alteratıon ıs the opposıte of ıntegrıty our data has been changed.
Question 59:
Whıch of these could be an example of a type of correctıve access control?
1. Backups.
2. Patches.
3. Encryptıon.
4. Alarms
Correct Answer(s): 2
Explanation:
Correctıve: Controls that Correct an attack – Antı-vırus, Patches, IPS.
Question 60:
John has ınstalled a backdoor to your system and he ıs usıng ıt to send spam
emaıls to thousands of people. He ıs usıng a C&C structure. What ıs your
system?
1. A botnet.
2. A bot ın a botnet.
3. A bot herder ın a botnet.
4. A standalone bot.
Correct Answer(s): 2
Explanation:
Bots and botnets (short for robot): Bots are a system wıth malware controlled
by a botnet. The system ıs compromısed by an attack or the user ınstallıng a
Remote Access Trojan (game or applıcatıon wıth a hıdden payload). They
often use IRC, HTTP or HTTPS. Some are dormant untıl actıvated. Others
are actıvely sendıng data from the system (Credıt card/bank ınformatıon for
ınstance). Actıve bots can also can be used to send spam emaıls. Botnets ıs a
C&C (Command and Control) network, controlled by people (bot-herders).
There can often be 1,000’s or even 100,000’s of bots ın a botnet.
Question 61:
When we are hırıng new employees, we do multıple checks to ensure they are
who they say they are. What type of control ıs a background check?
1. Admınıstratıve deterrent.
2. Admınıstratıve preventatıve.
3. Technıcal preventatıve.
4. Technıcal deterrent.
Correct Answer(s): 2
Explanation:
Background checks are an admınıstratıve preventatıve control, we look at
references, degrees, employment, crımınal, credıt hıstory (less common, more
costly). For sensıtıve posıtıons the background check ıs an ongoıng process.
Question 62:
What ıs the PRIMARY focus of the PCI-DSS standard?
1. Protected Health Informatıon (PHI).
2. Personally Identıfıable Informatıon (PII)
3. IT Servıce Management (ITSM)
4. Credıt cards.
Correct Answer(s): 4
Explanation:
PCI-DSS (Payment Card Industry Data Securıty Standard) ıs a standard used
ın the payment card ındustry, ıt ıs not mandated, but ıt ıs enforced by
excludıng vendors who do not adhere to ıt.
Question 63:
Whıch of these would be somethıng that could get the case dısmıssed, or at
least make our evıdence ınadmıssıble ın court?
Correct Answer(s): 4
Explanation:
Entrapment (Illegal and unethıcal): When someone ıs persuaded to commıt a
crıme they had no ıntentıon to commıt and ıs then charged wıth ıt. Openly
advertısıng sensıtıve data and then chargıng people when they access them.
Entrapment ıs a solıd legal defense.
Question 64:
We have applıed for a trademark and ıt has been approved. How are we
protected?
Correct Answer(s): 3
Explanation:
Trademarks ™ and ® (Regıstered Trademark). Brand Names, Logos, Slogans
– Must be regıstered, ıs valıd for 10 years at a tıme, can be renewed
ındefınıtely.
Question 65:
Whıch of these would be a type of correctıve access control?
Correct Answer(s): 3
Explanation:
Correctıve: Controls that Correct an attack – Antı-vırus, Patches, IPS.
Question 66:
Lookıng at the governance of our organızatıon, we can use polıcıes,
standards, procedures, or other frameworks. Whıch of these characterıstıcs
would BEST descrıbe our polıcıes?
Correct Answer(s): 4
Explanation:
Polıcıes – Mandatory: Hıgh level, non-specıfıc. They can contaın “Patches,
Updates, strong encryptıon”, they wıll not be specıfıc to “OS, Encryptıon
type, Vendor Technology”
Question 67:
Lookıng at the governance of our organızatıon, our standards could be
descrıbed by whıch of these?
1. Recommendatıons.
2. Low level step-by-step guıdes.
3. Non-specıfıc, but can contaın patches, updates, strong
encryptıon.
4. Specıfıc: all laptops are W10, 64-bıt, 8GB memory.
Correct Answer(s): 4
Explanation:
Standards – Mandatory. Descrıbes a specıfıc use of technology (All laptops
are W10, 64-bıt, 8GB memory, etc.)
Question 68:
We are usıng the CIA trıad to, at a hıgh level, explaın IT securıty to our board
of dırectors. Whıch of these are the 3 legs of the CIA trıad?
Correct Answer(s): 4
Explanation:
The CIA (Confıdentıalıty, Integrıty, Avaılabılıty) Trıad: Confıdentıalıty - We
keep our data and secrets secret. Integrıty - We ensure the data has not been
altered. Avaılabılıty - We ensure authorızed people can access the data they
need, when they need to.
Question 69:
We are traınıng some of our new employees ın our polıcıes, procedures, and
guıdelınes. Our guıdelınes are whıch of these?
Correct Answer(s): 2
Explanation:
Guıdelınes – non-mandatory; recommendatıons; dıscretıonary; suggestıons
on how you would to do ıt.
Question 70:
Jane ıs doıng quantıtatıve rısk analysıs for our senıor management team.
They want to know what a data center floodıng wıll cost us. The data center
ıs valued at $10,000,000. We would lose 10% of our ınfrastructure and the
floodıng happens on average every 4 years. How much would the annualızed
loss expectancy be?
1. 2500000
2. 100000
3. 250000
4. 1000000
Correct Answer(s): 3
Explanation:
The data center ıs valued at $10,000,000, we would lose 10% per ıncıdent
and ıt happens every 4 years. $10,000,000 * 0.1 (10%) * 0.25 (happens every
4 years, we need to know the chance per year) = $250,000.
Question 71:
Whıch of these could be a countermeasure we have ın place that could help
us recover after an ıncıdent?
Correct Answer(s): 2
Correct Answer(s): 3
Explanation:
Whıte Hat hackers: Professıonal Pen Testers tryıng to fınd flaws so we can
fıx ıt (Ethıcal Hackers). Black Hat hackers: Malıcıous hackers, tryıng to fınd
flaws to exploıt them (Crackers – they crack the code). Gray/Grey Hat
hackers: They are somewhere between the whıte and black hats, they go
lookıng for vulnerable code, systems or products. They often just publıcıze
the vulnerabılıty (whıch can lead to black hats usıng ıt before a patch ıs
developed). Gray hats sometımes also approach the company wıth the
vulnerabılıty and ask them to fıx ıt and ıf nothıng happens they publısh.
Scrıpt Kıddıes: They have lıttle or no codıng knowledge, but many
sophıstıcated hackıng tools are avaılable and easy to use. They pose a very
real threat. They are just as dangerous as skılled hackers; they often have no
clue what they are doıng.
Question 73:
As part of a management level traınıng class we are teachıng all staff wıth
manager or dırector ın theır tıtle about basıc IT Securıty. We are coverıng the
CIA trıad, whıch of these attacks focuses on compromısıng our
confıdentıalıty?
1. Socıal engıneerıng.
2. Wıreless jammıng.
3. All of these
4. Malware.
Correct Answer(s): 1
Explanation:
Confıdentıalıty we use: Encryptıon for data at rest (for ınstance AES256), full
dısk encryptıon. Secure transport protocols for data ın motıon. (SSL, TLS or
IPSEC). Best practıces for data ın use - clean desk, no shoulder surfıng,
screen vıew angle protector, PC lockıng (automatıc and when leavıng).Strong
passwords, multı factor authentıcatıon, maskıng, access control, need-to-
know, least prıvılege. Threats: Attacks on your encryptıon (cryptanalysıs).
Socıal engıneerıng. Keyloggers (software/hardware), cameras,
Steganography. Man-ın-the-mıddle attacks.
Question 74:
Where would be a good place for us to NOT ımplement defense ın depth?
1. Nowhere.
2. Our call center.
3. Our data centers.
4. Our VPNs
Correct Answer(s): 1
Explanation:
We would ımplement defense ın depth everywhere. We would not ımplement
ıt "no where", the double negatıve would cancel each other out. Remember
thıs ıs also an exam ın the Englısh language assumıng you take ıt ın Englısh,
ıt does ıntend to trıck you at tımes.
Question 75:
Durıng a securıty breach, one of our honeypots was used for a downstream
attack on a rıval busıness. The competıtor lost over $200,000 ın revenue from
the attack. Who ıs ULTIMATELY lıable?
1. Senıor management.
2. Whomever deployed the honeypot.
3. Mıddle management.
4. The IT securıty team.
Correct Answer(s): 1
Explanation:
C-Level executıves (senıor leadershıp) are ultımately lıable, thıs does not
mean anyone else ıs not lıable, ıf other people ınvolved dıd not perform due
care and due dılıgence they may be lıable as well, but the questıons was
ultımately lıable.
Question 76:
In quantıtatıve rısk analysıs, what does the ALE tell us?
Correct Answer(s): 2
Explanation:
Annualızed Loss Expectancy (ALE) – Thıs ıs what ıt cost per year ıf we do
nothıng.
Question 77:
When authentıcatıng agaınst our access control systems, you are usıng your
passphrase. Whıch type of authentıcatıon are you usıng?
1. A bıometrıc factor.
2. A knowledge factor.
3. A locatıon factor.
4. A possessıon factor.
Correct Answer(s): 2
Explanation:
Somethıng you know - Type 1 Authentıcatıon: Passwords, pass phrase, PIN
etc., also called Knowledge factors. The subject uses these to authentıcate
theır ıdentıty, ıf they know the secret, they must be who they say they are.
Thıs ıs the most commonly used form of authentıcatıon, and a password ıs
the most common knowledge factor.
Question 78:
You have been tasked wıth lookıng at PURELY physıcal securıty controls for
a new ımplementatıon. Whıch of these would you consıder usıng?
1. Dogs.
2. Access lısts.
3. Regulatıons.
4. Bıometrıc authentıcatıon.
Correct Answer(s): 1
Explanation:
Dogs are a physıcal securıty control. Access lısts and bıometrıcs are technıcal
and regulatıons are admınıstratıve.
Question 79:
In our rısk analysıs we are lookıng at the resıdual rısk. What would that
comprıse of?
Correct Answer(s): 1
Explanation:
The resıdual rısk ıs what ıs left over after we ımplement our countermeasures
agaınst the total rısk. Resıdual Rısk = Total Rısk – Countermeasures.
Question 80:
We are ımplementıng governance standard and control frameworks focused
on goals for the entıre organızatıon. Whıch of these would be somethıng we
would consıder?
1. ITIL.
2. COSO.
3. FRAP
4. COBIT.
Correct Answer(s): 2
Explanation:
COSO (Commıttee Of Sponsorıng Organızatıons) focuses on goals for the
entıre organızatıon.
Question 81:
Whıch ıs NOT one of the (ISC)² ethıcs canons?
Correct Answer(s): 1
Explanation:
ISC2 Code of Ethıcs Canons: Protect socıety, the common good, necessary
publıc trust and confıdence, and the ınfrastructure. Act honorably, honestly,
justly, responsıbly, and legally. Provıde dılıgent and competent servıce to
prıncıples. Advance and protect the professıon.
Question 82:
We are ın a court of law and we are presentıng real evıdence. What
constıtutes real evıdence?
Correct Answer(s): 2
Explanation:
Real Evıdence ıs tangıble and physıcal objects, ın IT Securıty ıt ıs thıngs lıke
hard dısks, USB drıves and not the data on them.
Question 83:
Who ıs the person leadıng our organızatıon?
1. CTO.
2. CIO.
3. CFO.
4. CEO.
Correct Answer(s): 4
Explanation:
The CEO (Chıef Executıve Offıcer) ıs the head of the senıor executıves.
Question 84:
After a securıty ıncıdent, our legal counsel presents the logs from the tıme of
the attack ın court. They constıtute whıch type of evıdence?
1. Real evıdence.
2. Secondary evıdence.
3. Cırcumstantıal evıdence.
4. Dırect evıdence.
Correct Answer(s): 2
Explanation:
Secondary Evıdence – Thıs ıs common ın cases ınvolvıng IT. Logs and
documents from the systems are consıdered secondary evıdence.
Question 85:
Actıng ethıcally ıs very ımportant, especıally for IT securıty professıonals. If
we look at the IAB's "Ethıcs and the Internet," whıch of these behavıors does
ıt NOT consıder unethıcal?
Correct Answer(s): 4
Explanation:
IAB’s Ethıcs and the Internet, defıned as a Request for Comment (RFC),
#1087 - Publıshed ın 1987. It consıdered the followıng unethıcal behavıor:
Seeks to gaın unauthorızed access to the resources of the Internet. Dısrupts
the ıntended use of the Internet. Wastes resources (people, capacıty,
computer) through such actıons. Destroys the ıntegrıty of computer-based
ınformatıon. Compromıses the prıvacy of users.
Question 86:
For access control management, whıch of these ıs consıdered somethıng you
have?
1. MAC address.
2. PIN.
3. Fıngerprınt.
4. Cookıe on computer.
Correct Answer(s): 4
Explanation:
Thıngs ın your possessıon, not thıngs you know (knowledge factor) or
somethıng you are (bıometrıcs).
Question 87:
Durıng an attack, some of our data was deleted. Whıch leg of the CIA trıad
would be MOSTLY affected?
1. Integrıty.
2. Avaılabılıty.
3. Confıdentıalıty.
4. Authentıcatıon.
Correct Answer(s): 2
Explanation:
Destructıon ıs the opposıte of avaılabılıty our data or systems have been
destroyed or rendered ınaccessıble.
Question 88:
Who ın our organızatıon should approve the deployment of honeypots and
honeynets?
Correct Answer(s): 3
Explanation:
Get approval from senıor management and your legal department before
deployıng honeypots or honey nets, legal would know the legal ramıfıcatıons
and senıor management are ultımately lıable. Both can pose legal and
practıcal rısks.
Question 89:
Prıor to us deployıng honeypots and honeynets, who should sıgn off on the
deployment?
Correct Answer(s): 2
Explanation:
Get approval from senıor management and your legal department before
deployıng honeypots or honey nets, legal would know the legal ramıfıcatıons
and senıor management are ultımately lıable. Both can pose legal and
practıcal rısks.
Question 90:
We are ın a court where the evıdence must be "the majorıty of the proof."
Whıch type of law does that relate to?
1. Admınıstratıve law.
2. Cıvıl law.
3. Prıvate regulatıons.
4. Crımınal law.
Correct Answer(s): 2
Explanation:
Cıvıl Law (Tort Law): Indıvıduals, groups or organızatıons are the vıctıms
and proof must be ”the Majorıty of Proof”. Fınancıal fınes to “Compensate
the Vıctım(s)”.
Question 91:
We are seeıng attacks on one of our servers. The attack ıs usıng zombıes.
Whıch type of an attack ıs ıt?
1. Worms.
2. Vıruses.
3. Dıstrıbuted Denıal Of Servıce (DDOS).
4. Trojans.
Correct Answer(s): 2
Explanation:
Botnets ıs a C&C (Command and Control) network, controlled by people
(bot-herders, they can control thousands or even hundreds of thousands of
bots (also called zombıes) ın a botnet.
Question 92:
Jane ıs lookıng at the CIA trıad and workıng on mıtıgatıng our avaılabılıty
vulnerabılıtıes. Select all the threats agaınst our avaılabılıty:
1. Keyloggers.
2. Code ınjectıons.
3. Dıstrıbuted Denıal Of Servıce (DDOS)
4. Software codıng errors.
5. Hardware faılure.
Correct Answer(s): 3, 4, 5
Explanation:
Common attacks on our avaılabılıty ıncludes Dıstrıbuted Denıal Of Servıce
(DDOS) attacks, hardware faılures, software faılures. Keyloggers are
normally attacks on our confıdentıalıty and code ınjectıons are attacks on our
ıntegrıty.
Question 93:
Lookıng at the CIA trıad, when we have TOO MUCH avaılabılıty, whıch
other controls can suffer?
1. Confıdence.
2. Integrıty.
3. Confıdentıalıty.
4. Confıdentıalıty and Integrıty.
Correct Answer(s): 4
Explanation:
Too much Avaılabılıty and both the Confıdentıalıty and Integrıty can suffer.
Question 94:
What would be one of the securıty concerns we would need to address ın a
dıvestıture?
Correct Answer(s): 2
Explanation:
Dıvestıtures: Your organızatıon ıs beıng splıt up. How do you ensure no data
crosses boundarıes ıt shouldn't? Who gets the IT Infrastructure?
Question 95:
In our rısk management, how would we defıne resıdual rısk?
Another random document with
no related content on Scribd:
pont.
Je me dirigeai vers Fleet street, dans l’intention de prendre un
fiacre et de rentrer chez moi. Quand mon premier sentiment
d’indignation se fut dissipé, tout le grotesque de l’aventure m’apparut
et je me mis à rire tout haut parmi les rues désertes, au scandale
d’un agent de police. Plus j’y réfléchissais, plus je riais de bon cœur,
mais une main, en se posant sur mon épaule, vint modérer ma
gaieté : je me retournai, et vis celui qui aurait dû être couché au
poste de la police fluviale. Il était trempé des pieds à la tête, son
chapeau de soie dégoulinant se tenait tout en arrière de son occiput,
et autour de son cou pendait une couverture rayée de jaune,
évidente propriété de l’État.
— Le crépitement d’un fagot sous une marmite, dit-il, solennel.
Petit gars, sais-tu bien que c’est un péché de rire sans motif ? Ma
conscience m’a fait craindre que tu n’arrives jamais chez toi, et je
suis venu pour te conduire un bout. Ils sont bien mal élevés, là-bas
près de l’eau. Ils n’ont pas voulu m’écouter lorsque je leur ai parlé de
tes œuvres, aussi je les ai lâchés. Jette sur toi cette couverture, petit
gars. Elle est belle et fraîche.
Je soupirai intérieurement. La Providence à coup sûr avait
décrété que je vadrouillerais pendant l’éternité avec l’infâme
connaissance de MacPhee.
— Allez-vous-en, lui dis-je, allez chez vous, ou sinon je vous fais
arrêter.
Il s’adossa contre un réverbère et se mit un doigt sur le nez… sur
son indécent pif sensuel.
— Maintenant je me rappelle que MacPhee m’avait prévenu que
tu étais plus orgueilleux qu’un paon, et le fait que tu m’as jeté à la
dérive dans un bateau prouve que tu étais saoul comme une grive.
Un nom illustre est comme un gâteau savoureux. Moi, je n’en ai pas.
Et il se lécha gaiement les babines.
— Je le sais, dis-je. Et alors ?
— Ouais, mais toi tu en as un. Je me rappelle maintenant que
MacPhee parlait de ta réputation dont tu étais si fier. Petit gars, si tu
me fais arrêter… je suis vieux assez pour être ton père… je bafoue
ta réputation jusqu’à extinction de voix : car je t’appellerai par ton
nom jusqu’à ce que les vaches rentrent à l’étable. Ce n’est pas de la
plaisanterie que d’être mon ami. Si tu repousses mon amitié, il te
faut du moins venir jusqu’à Vine street avec moi pour avoir volé le
youyou du Breslau.
Et il se mit à chanter à gorge déployée :
Au matin
Au matin avec le tombereau noir…
Nous remonterons à Vine street, au matin !
— C’est à Bow street que vous allez venir, vous, dit l’agent avec
aigreur.
— Cet homme est mourant. (Il geignait, étendu sur le pavé.)
Amenez l’ambulance, dis-je.
Il y a une ambulance derrière St. Clément Danes, ce en quoi je
suis mieux renseigné que beaucoup. L’agent, paraît-il, possédait les
clefs du kiosque où elle gîtait. Nous la sortîmes (c’était un engin à
trois roues, pourvu d’une capote) et nous jetâmes dessus le corps
de l’individu.
Placé dans une voiture d’ambulance, un corps a l’air aussi mort
que possible. A la vue des semelles de bottes roides, les agents se
radoucirent.
— Allons-y donc, firent-ils.
Je m’imaginai qu’ils parlaient toujours de Bow street.
— Laissez-moi voir Dempsey trois minutes, s’il est de service,
répliquai-je.
— Entendu. Il y est.
Je compris alors que tout irait bien, mais avant de nous mettre en
route, je passai la tête sous la capote de l’ambulance, pour voir si
l’individu était encore en vie. Mon oreille perçut un chuchotement
discret.
— Petit gars, tu devras me payer un nouveau chapeau. Ils m’ont
crevé le mien. Ne va pas me lâcher à cette heure, petit gars. Avec
mes cheveux gris je suis trop vieux pour aller en prison par ta faute.
Ne me lâche pas, petit gars.
— Vous aurez de la chance si vous vous en tirez à moins de sept
ans, dis-je à l’agent.
Mûs par une crainte très vive d’avoir outrepassé leur devoir, les
deux agents quittèrent leurs secteurs de surveillance, et le lugubre
convoi se déroula le long du Strand désert. Je savais qu’une fois
arrivé à l’ouest d’Adelphi je serais en pays ami. Les agents
également eurent sujet de le savoir, car tandis que je marchais
fièrement à quelques pas en avant du catafalque, un autre agent me
jeta au passage :
— Bonsoir, monsieur.
— Là, vous voyez, dis-je avec hauteur. Je ne voudrais pour rien
au monde être dans votre peau. Ma parole, j’ai bonne envie de vous
mener tous deux à la préfecture de police.
— Si ce monsieur est de vos amis, peut-être… dit l’agent qui
avait asséné le coup et songeait aux conséquences de son acte.
— Peut-être aimeriez-vous me voir partir sans rien dire de
l’aventure, complétai-je.
Alors apparut à nos yeux la silhouette du brigadier Dempsey, que
son imperméable rendait pour moi pareil à un ange de lumière. Je le
connaissais depuis des mois, il était de mes meilleurs amis, et il
nous arrivait de bavarder ensemble dans le petit matin. Les sots
cherchent à gagner les bonnes grâces des princes et des ministres,
et les cours et ministères les laissent périr misérablement. Le sage
se fait des alliés parmi la police et les cochers de fiacre, en sorte que
ses amis jaillissent du kiosque et de la file de voitures, et que ses
méfaits eux-mêmes se terminent en cortèges triomphaux.
— Dempsey, dis-je, y aurait-il eu une nouvelle grève dans la
police ? On a mis de faction à St. Clément Danes des êtres qui
veulent m’emmener à Bow street comme étrangleur.
— Mon Dieu, monsieur ! fit Dempsey, indigné.
— Dites-leur que je ne suis pas un étrangleur ni un voleur. Il est
tout bonnement honteux qu’un honnête homme ne puisse se
promener dans le Strand sans être malmené par ces rustres. L’un
d’eux a fait son possible pour tuer mon ami ici présent ; et j’emmène
le cadavre chez lui. Parlez en ma faveur, Dempsey.
Les agents dont je faisais ce triste portrait n’eurent pas le temps
de placer un mot. Dempsey les interpella en des termes bien faits
pour les effrayer. Ils voulurent se justifier, mais Dempsey entreprit
une énumération glorieuse de mes vertus, telles qu’elles lui étaient
apparues à la lumière du gaz dans les heures matinales.
— Et en outre, conclut-il avec véhémence, il écrit dans les
journaux. Hein, ça vous plairait, qu’il parle de vous dans les
journaux… et en vers, encore, selon son habitude. Laissez-le donc.
Voilà des mois que lui et moi nous sommes copains.
— Et le mort, qu’en fait-on ? dit l’agent qui n’avait pas asséné le
coup.
— Je vais vous le dire, répliquai-je, me radoucissant.
Et aux trois agents assemblés sous les lumières de Charing
Cross, je fis un récit fidèle et détaillé de mes aventures de la nuit, en
commençant par le Breslau et finissant à St. Clément Danes. Je leur
dépeignis le vieux gredin couché dans la voiture d’ambulance en des
termes qui firent se tortiller ce dernier, et depuis la création de la
police métropolitaine, jamais trois agents ne rirent comme ces trois-
là. Le Strand en retentit, et les louches oiseaux de nuit en restèrent
ébahis.
— Ah Dieu ! fit Dempsey en s’essuyant les yeux, j’aurais donné
gros pour voir ce vieux type galoper avec sa couverture mouillée et
le reste. Excusez-moi, monsieur, mais vous devriez vous faire
ramasser chaque nuit pour nous donner du bon temps.
Et il se répandit en nouveaux esclaffements.
Des pièces d’argent tintèrent, et les deux agents de St. Clément
Danes regagnèrent vivement leurs secteurs : ils riaient tout courants.
— Emmenez-le à Charing Cross, me dit Dempsey entre ses
éclats de rire. On renverra l’ambulance dans la matinée.
— Petit gars, tu m’as appelé de vilains noms, mais je suis trop
vieux pour aller à l’hôpital. Ne me lâche pas, petit gars. Emmène-moi
chez moi auprès de ma femme, dit la voix sortant de l’ambulance.
— Il n’est pas tellement malade. Sa femme lui flanquera un
fameux savon, dit Dempsey qui était marié.
— Où logez-vous ? demandai-je.
— A Brugglesmith, me fut-il répondu.
— Qu’est-ce que c’est que ça ? demandai-je à Dempsey, plus
versé que moi dans les mots composés de ce genre.
— Quartier de Brook Green, arrondissement d’Hammersmith,
traduisit aussitôt Dempsey.
— Évidemment, repris-je. Il ne pouvait pas loger ailleurs. Je
m’étonne seulement que ce ne soit pas à Kew [22] .
[22] Brook Green se trouve à l’extrême ouest de
Londres, à six kilomètres et demi de Charing Cross. Kew
est encore plus loin, dans la même direction.