<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:st1="urn:schemas-microsoft-com:office:smarttags" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 11 (filtered medium)">
<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]--><o:SmartTagType
namespaceuri="urn:schemas-microsoft-com:office:smarttags" name="PostalCode"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="Street"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="address"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="City"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="place"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="PersonName"/>
<!--[if !mso]>
<style>
st1\:*{behavior:url(#default#ieooui) }
</style>
<![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:blue;
text-decoration:underline;}
p
{mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman";}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:Arial;
color:navy;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang=EN-US link=blue vlink=blue>
<div class=Section1>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>1<sup>st</sup> questions answer is a.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>2<sup>nd</sup> id d because unless and until
the a new software is not tested with tools can not signed off. <o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<div>
<p><font size=2 color=navy face=Arial><span style='font-size:10.0pt;font-family:
Arial;color:navy'>Thanks and Regards,</span></font><font color=navy><span
style='color:navy'> <br>
</span></font><st1:PersonName w:st="on"><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'>Surendra Maurya</span></font></st1:PersonName><font
color=navy><span style='color:navy'> <br>
</span></font><font size=2 color=navy face=Arial><span style='font-size:10.0pt;
font-family:Arial;color:navy'> </span></font><font color=navy><span
style='color:navy'> <br>
</span></font><font size=2 color=navy face=Arial><span style='font-size:10.0pt;
font-family:Arial;color:navy'>Office: (022) 30801161</span></font><font
color=navy><span style='color:navy'> <br>
</span></font><st1:City w:st="on"><st1:place w:st="on"><font size=2 color=navy
face=Arial><span style='font-size:10.0pt;font-family:Arial;color:navy'>Mobile</span></font></st1:place></st1:City><font
size=2 color=navy face=Arial><span style='font-size:10.0pt;font-family:Arial;
color:navy'>: (+91) 9004023530</span></font><font color=navy><span
style='color:navy'> </span></font><o:p></o:p></p>
</div>
<div>
<div class=MsoNormal align=center style='text-align:center'><font size=3
face="Times New Roman"><span style='font-size:12.0pt'>
<hr size=2 width="100%" align=center tabindex=-1>
</span></font></div>
<p class=MsoNormal><b><font size=2 face=Tahoma><span style='font-size:10.0pt;
font-family:Tahoma;font-weight:bold'>From:</span></font></b><font size=2
face=Tahoma><span style='font-size:10.0pt;font-family:Tahoma'> <st1:PersonName
w:st="on">cisspstudy-bounces@cccure.org</st1:PersonName> [mailto:<st1:PersonName
w:st="on">cisspstudy-bounces@cccure.org</st1:PersonName>] <b><span
style='font-weight:bold'>On Behalf Of </span></b>Jason Marshall<br>
<b><span style='font-weight:bold'>Sent:</span></b> Wednesday, September 02,
2009 1:32 PM<br>
<b><span style='font-weight:bold'>To:</span></b> <st1:PersonName w:st="on">The
CISSP Study Mailing list</st1:PersonName><br>
<b><span style='font-weight:bold'>Subject:</span></b> Re: [Cisspstudy]
preambles questions</span></font><o:p></o:p></p>
</div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<div id=idOWAReplyText20419>
<div>
<p class=MsoNormal><font size=2 color=black face=Tahoma><span style='font-size:
10.0pt;font-family:Tahoma;color:black'>I agree with the 1st question but why
would the answer to the second be (b) ?</span></font><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'> <o:p></o:p></span></font></p>
</div>
<div>
<p class=MsoNormal><font size=2 face=Tahoma><span style='font-size:10.0pt;
font-family:Tahoma'>IMO there is nothing unethical about cloning a virus but
stating it would <strong><b><font face=Tahoma><span style='font-family:Tahoma'>never</span></font></b></strong>
leave the test lab ... how can you be sure of that? (Isn't that how some
virus's get out in the first place ala "The Creeper Virus" of 1971?)</span></font><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'> <o:p></o:p></span></font></p>
</div>
<div>
<p class=MsoNormal><font size=2 face=Tahoma><span style='font-size:10.0pt;
font-family:Tahoma'>Testing AV software would involve introducing known and
unknown virus's for the software to detect and I would have thought then the
answer would be (d).</span></font><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'> <o:p></o:p></span></font></p>
</div>
<div>
<p class=MsoNormal><font size=2 face=Tahoma><span style='font-size:10.0pt;
font-family:Tahoma'>Can someone help me understand why it would be (b) and not
(d) please ?</span></font><o:p></o:p></p>
</div>
</div>
<div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'> <o:p></o:p></span></font></p>
</div>
<div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>Jason<o:p></o:p></span></font></p>
</div>
<div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<div class=MsoNormal align=center style='text-align:center'><font size=3
face="Times New Roman"><span style='font-size:12.0pt'>
<hr size=2 width="100%" align=center tabIndex=-1>
</span></font></div>
<p class=MsoNormal style='margin-bottom:12.0pt'><b><font size=2 face=Tahoma><span
style='font-size:10.0pt;font-family:Tahoma;font-weight:bold'>From:</span></font></b><font
size=2 face=Tahoma><span style='font-size:10.0pt;font-family:Tahoma'> <st1:PersonName
w:st="on">cisspstudy-bounces@cccure.org</st1:PersonName> on behalf of ashley
challackal<br>
<b><span style='font-weight:bold'>Sent:</span></b> Wed 02/09/2009 04:35<br>
<b><span style='font-weight:bold'>To:</span></b> <st1:PersonName w:st="on">The
CISSP Study Mailing list</st1:PersonName><br>
<b><span style='font-weight:bold'>Subject:</span></b> Re: [Cisspstudy]
preambles questions</span></font><o:p></o:p></p>
</div>
<div>
<div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>Answers are <o:p></o:p></span></font></p>
</div>
<div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>a) <o:p></o:p></span></font></p>
</div>
<div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>b) <o:p></o:p></span></font></p>
</div>
<div>
<p class=MsoNormal style='margin-bottom:12.0pt'><font size=3
face="Times New Roman"><span style='font-size:12.0pt'>In the first scenario it
is any security professionals responsibility to act to mitigate, not to exploit
the gap..<o:p></o:p></span></font></p>
</div>
<div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>On Tue, Sep 1, 2009 at 7:30 PM, Vardhan, Aditya {PI} <<a
href="mailto:aditya.vardhan@intl.pepsico.com">aditya.vardhan@intl.pepsico.com</a>>
wrote:<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>Pl share the correct answers,<br>
I think these are,<br>
1- a<br>
2 -b<o:p></o:p></span></font></p>
<div>
<div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><br>
-----Original Message-----<br>
From: <a href="mailto:cisspstudy-bounces@cccure.org">cisspstudy-bounces@cccure.org</a><br>
[mailto:<a href="mailto:cisspstudy-bounces@cccure.org">cisspstudy-bounces@cccure.org</a>]
On Behalf Of <a href="mailto:An.Dang@do.treas.gov">An.Dang@do.treas.gov</a><br>
Sent: Tuesday, September 01, 2009 5:49 PM<br>
To: <a href="mailto:cisspstudy@cccure.org">cisspstudy@cccure.org</a><br>
Subject: Re: [Cisspstudy] preambles questions<br>
<br>
I have a few questions that are in the "gray area" of things. I
have<br>
the answers (maybe) but want to know what the group thinks.<br>
<br>
Using ISC(2) preambles as guides, answers these questions:<br>
<br>
1) A visiting professor is assigned to work in a university computing<br>
center. He found a hole in a financial transaction program that would<br>
enable one to collect students' social security numbers, last names, and<br>
other personally identifiable information. He quietly collected the<br>
information into a computer file and gave the file to the system<br>
administrator on his last day.<br>
a) The professor was unethical. He should have disclosed the hole right<br>
away.<br>
b) There is nothing unethical with what he did. He did not give the<br>
information to anyone else.<br>
c) Though he did nothing unethical, the professor should have disclosed<br>
the information because ISC(2) preambles stated responsibility to the<br>
public first.<br>
d) None of the above. ISC(2) ethics were observed.<br>
<br>
2) An analyst for an anti-virus software company is assigned to test a<br>
new product. He developed an automated program to generate multiple<br>
instances of a computer virus with varying signatures. He wants to use<br>
it to test the new anti-virus software the company is going to publish.<br>
a) He should not use it. It is illegal to create virus.<br>
b) There is nothing wrong with using it since it is contained in a test<br>
lab and would never get out to the Internet.<br>
c) It is unethical to develop something that would potentially harm the<br>
public.<br>
d) It is part of his job. It is completely ethical.<br>
<br>
<br>
<br>
_______________________________________________<br>
cisspstudy mailing list<br>
<a href="mailto:cisspstudy@cccure.org">cisspstudy@cccure.org</a><br>
<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org"
target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
<br>
_______________________________________________<br>
cisspstudy mailing list<br>
<a href="mailto:cisspstudy@cccure.org">cisspstudy@cccure.org</a><br>
<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org"
target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><o:p></o:p></span></font></p>
</div>
</div>
</div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><br>
<br clear=all>
<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><br>
-- <br>
with love <br>
<br>
ashley challackal<o:p></o:p></span></font></p>
</div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><img border=0 width=236 height=72 id="_x0000_i1026"
src="http://bde.listmanagementportal.com/signature/signature.jpg"><br>
<br>
</span></font><b><font size=1 color="#1f497d" face=Tahoma><span
style='font-size:9.0pt;font-family:Tahoma;color:#1F497D;font-weight:bold'><a
href="http://www.nxtbook.com/nxteu/LBM/intelligentcontact1/#/0"
title="http://www.nxtbook.com/nxteu/LBM/intelligentcontact1/#/0">Click here to
read the latest LBM Industry Newsletter</a></span></font></b> <br>
<br>
This e-mail has been sent from a PC belonging to LBM, registered office LBM
House, <st1:Street w:st="on"><st1:address w:st="on">Atlantic Street</st1:address></st1:Street>,
Altrincham, <st1:place w:st="on"><st1:City w:st="on">Cheshire</st1:City>, <st1:PostalCode
w:st="on">WA14 5FY</st1:PostalCode></st1:place>. Its contents are confidential
to the sender and the intended recipient. If you receive it in error, please
tell us by return and then delete it from your system; you may not rely on its
contents nor copy/disclose it to anyone. Opinions, conclusions and statements
of intent in this e-mail are those of the sender and will not bind LBM unless
confirmed by an authorised representative independently of this message. We do
not accept responsibility for viruses; you must scan for these. Please note
that e-mails sent to and from LBM are routinely monitored for record keeping,
quality control and training purposes, to ensure regulatory compliance and to
prevent viruses and unauthorised use of our computer systems. Thank you for
your co-operation. <o:p></o:p></p>
</div>
</body>
</html>