Effective CISSP Questions

Which of the following is the least suitable target protected by digital rights management tools or technologies?
A. An e-book
B. Customer profile at rest
C. Television program cast through cable
D. A computer program delivered in DVD

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is B. Customer profile at rest.

Customer profiles are not digital publications or copyrighted content protected by Digital Rights Management (DRM). The protection of customer profiles falls in privacy and compliance with legal and regulatory requirements. Proper data classification and security controls protect customer profiles.

Digital Rights Management (DRM) is about the packaging, distributing, controlling, and tracking content based on rights and licensing information. In other words, DRM tools or technologies protect digital publication or copyrighted content. According to Wikipedia, there are various DRM technologies:

  • Verifications
    • Product keys
    • Limited install activations
    • Persistent online authentication
  • Encryption
  • Copying restriction
  • Anti-tampering
  • Regional lockout
  • Tracking
    • Watermarks
    • Metadata
  • Television: The CableCard standard and the broadcast flag concept

Digital Rights Management (DRM)

  • packaging, distributing, controlling, and tracking content based on rights and licensing information (ISO/IEC TS 22424-1:2020)
  • systematic approach to copyright protection to prevent unauthorized redistribution of digital media and restrict the ways consumers can use the content they’ve acquired (ISO/IEC TS 23078-1:2020)
  • digital technology that is separate to the product form of a specific digital publication and which is used to control access to content (ISO 28560-1:2014)
  • technology based on encryption software used to control access to the content and which is distinct from the product form of a specific digital publication
  • Digital rights management (DRM) tools or technological protection measures (TPM) are a set of access control technologies for restricting the use of proprietary hardware and copyrighted works. DRM technologies try to control the use, modification, and distribution of copyrighted works (such as software and multimedia content), as well as systems within devices that enforce these policies. (Wikipedia)



My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

The Effective CISSP - SRM

The Effective CISSP: Practice Questions

The Effective CISSP: Practice Questions

A. 電子書
B. 儲存的客戶資料
C. 通過電纜播出的電視節目
D. 用DVD交付的電腦程式


Leave a Reply