Curl Commands

 1) Curl Command to download the data from a internet site.

curl -k -O https://testserver.com.au/file.zip 

orapki utility commands

 1) Create a wallet using below command

orapki wallet create -wallet client_wallet -auto_login -pwd "wallet password"

2) chmod 664 ewallet.p12

    chmod 664 cwallet.sso 

3) Convert jks file into wallet

orapki wallet jks_to_pcks12 -wallet client_wallet -pwd "wallet password" -keystore key.jks -jkspwd "wallet password"

ikeycmd commands for kdb database files

 1) Below command will display certificate details like expiry date in the kdb file keystore.kdb

ikeycmd -cert -details -label "Certificate name in KDB" -db keystore.kdb -pw "password of kdb file"

2) Below command will display list of certificates in kdb file

ikeycmd -cert  -list  -db keystore.kdb -pw "password of kdb file"

3) Below command will display ca certificates in kdb file

ikeycmd -cert  -list ca -db keystore.kdb -pw "password of kdb file"

4) Below command will display personal certificates in kdb file

ikeycmd -cert  -list personal -db keystore.kdb -pw "password of kdb file"

5) Below command will validate given certificate in kdb file

ikeycmd -cert  -validate -label  "Certificate name we need  to validate in KDB file" -db keystore.kdb -pw "password of kdb file"

6) Below command will display the default certificate in kdb file

ikeycmd -cert  -getdefault  -db keystore.kdb -pw "password of kdb file"

7) Below command will set the default certificate in kdb file. This will help to set default personal certificate if there are multiple certificates

ikeycmd -cert  -setdefault  -db keystore.kdb  -label "personal certificate name in KDB file"  -pw "password of kdb file"

8) Below command will import certificate into kdb file. 

ikeycmd -cert  -import -file  "Certificate file"   -pw "password of  the certificate file"   -type pkcs12 -label "personal certificate name to be in KDB file"  

-target_pw   "password of kdb file" -target_type CMS

9) Below command will help to delete certificate from kdb file. 

ikeycmd -cert  -delete -label  "Certificate name we need  to delete from KDB file" -db keystore.kdb -pw "password of kdb file" 

Incident Planning Response

 1. Which law or regulation requires government agencies and other organizations that operate systems on behalf of government agencies to create an incident response plan?

Ans :  FISMA (Federal Information Security Management Act of 2002)

2. You are working as a cybersecurity analyst in a Security Operations Center. You received an alert from your SIEM that a workstation might be infected with a piece of malware. Which phase of the incident response lifecycle would you be in when this occurs?

Ans : Detection and Analysis

3. Which of the following NIST Special Publications is titled as the Computer Security Incident Handling Guide?

Ans :  SP 800-61

4. Which of these is included in a policy?

Ans : objectives

5. Which of these is included in a plan?

Ans : measurements and metrics

6. Which of these is included in a procedure?

Ans : forms

7. Which structure would allow an organization to hire a managed security service provider (MSSP) to conduct their 24/7 monitoring but would still rely on the organization’s own employees to conduct an incident response if a serious breach was detected?

Ans :  a partially outsourced model

8. Which role is responsible for the overall success or failure of the technical portions of an incident response?

Ans : team leader

9. Which incident response team member is primarily focused on the creation of an event timeline to show what occurred leading up to the incident?

Ans: forensic analyst

10. Which organization type require an incident responder to send an information request through their manager prior to sending it to an analyst in the human resources department?

Ans :  a vertical organization

11. One of your incident response team members is planning to attend the BlackHat information security conference next month and wants to exchange some of the lessons learned from your organization’s latest incident response efforts with a forensic analyst they know at another company. Which type of coordinating relationship best describes this information exchange?

Ans : team to team

12. Which of these is not considered an indicator that could be used during your technical analysis?

Ans : news articles about an incident

13. Which of these is a consideration when asking contract personnel to come in after working hours for an incident, but is not a major consideration when dealing with your own organizational employees?

Ans : incurring additional labor coverages and costs

14. Which type of technical resource could be used to identify if a Windows system file has been modified?

Ans : cryptographic hash

15. Which of these is not considered a method of preventing future incidents?

Ans : Remove a Remote Access Trojan from the organization’s server.

16. Which attack vector would be used to properly categorize a password spraying attack?

Ans :  attrition-based

17. Which type of indicator of compromise would best represent the vulnerability and exploit data contained within the Common Vulnerabilities and Exposures database?

Ans : public information

18. Which of these is a prioritization category that is used to measure the effect on the confidentiality, integrity, or availability of an organization’s network or servers?

Ans : information impact

19. Which containment strategy involves disconnecting an infected host from the network to prevent the spread of malware?

Ans : isolation

20. Based on the order of volatility, which type of evidence should be collected first?

Ans : swap files

21. Which of these is not considered a recovery action during an incident response?

Ans : Collect evidence from the affected system.

22. When creating your evidence retention policy, which factor would prevent you from retaining data and evidence for an indefinite amount of time?

Ans :  the size of the organization’s budget for data retention

23. What is the most important thing to do during a "Lessons Learned" workshop to get valuable feedback from everyone?

Ans : Avoid assigning blame to anyone.

24. Which of these is not a typical measure or metric collected by the incident handling and incident response team?

Ans : average salary of your incident responders

Service Management Question and Answers

 1. A company is delivering 'Platform (X)' as service of the customer . Who should define the platform as provisioning process and interface protocols?
a. Platform team lead
b. Service manager
c. Service delivery manager
d. Service manager in consultation with consumers, Platform team lead, and service delivery manager.         

2.  What best explains relationship between incident management and change management?
a. Failed changes cause incidents and failed incident lead to changes
b. Incidents may be caused due to changes and changes may be raised to solve incidents  
c. Changes must be cause incidents and changes must be raised to resolve incidents
d. There is no relationship between incident and changes.

3.  What are the characterisitcs of facts when determining root cause ?
a. Facts should be non tamperable
        b. Facts are visisble
c. Both Option 1 and Option 2    
d. Facts can vary based on individual thinking

4.  Under which type of policy does the statement belong to "technology service owner review the root cause for problem record" ?
a. Entitlement policy
b. Organization policy   
c. Escalation and communication protocol
d. Emotional quotient

5. When evaluating the root cause, we need to ensure that the quality of the root cause should contain 
a. At least task control failures
b. Mandatory Organization control failures
c. At least reason for component failures   
d. At least management control failures

6.  One of the significant challenges observed during the deployment phase of change is 
a. Better alignment of IT service to actual business needs     
b. Lack of ownership of impacted service
c. Lack of visibility of communication of changes
d. Time spent in getting changes approved.

7. Which of the following is not valid change type ?
a. Normal Change
b. Random Change     
c. Emergency Change
d. Standard Change

8. Which of the following artefacts should be considered FIRST during any process practice or procedure definition?
a. Education and communication protocols
b. Service level agreements
c. Criteria and Interface protocols
d. RACI and work flows 

9. Which of the following questions and should be asked first when starting to resolve a incident ?
a. What is the priority of the incident 
b. Who are the impacted users
c. What is the start time of the incident
d. What is the impact 

10. Too many problems has been closed as "root cause not found". What is the best course of action to be taken and by whom?
a. Tower Lead - review vendor contract agreement
b. Problem manager - have a review with team.
c. Team member - under go training on problem management techniques training
d. Service delivery manager - understand the risk of problems with unknown root cause in the environment

11. A large number of problems piled up in a Company queue pending RCA completion. Most of them are awaiting customer response for more than 90 days. What should be your approach?
a. As they are vendor dependent, we do not lose on SLA credit. Ignore them.
b. As the incident have not reoccured for 90 days, take a blanket approval from customer to close all incidents at once.
c. Request customer to corodinate with vendor as vendor owns the contract.
d. SDM creates a technology and operations risk register and evaluates the risk of the open problem records with the customer.    

12. Which of the following parameters is NOT a factor for evaluating risk of change ?
a. Capability of team deploying the change
b. Frequency of change
c. Deployment mehtodology adapted  
d. Components undergoing change

13. Similar password reset requests are taking 40 minutes to 8 hours to resolve for a customer. The SLA for such requests is 16 hours, What approach should the service manager take?
a. Determine and address the root cause of the variation.  
b. Do nothing as SLAs are not impacted
c. Establish standard operating procedure for password reset
d. Automate password reset task as it is routine task  

14. Team lead found that too many problems has been closed  by this team as "root cause not found". Upon the enquiry he understood that old problem records that are being closed as root cause not found becuase his team does not have bandwidth to perform root cause. As team lead what should he do ?
a. Inform tower lead not to close problem record.
b. Seek advise from the problem manager - have review with the team. 
c. Convey the information to customer on behalf of his team.
d. Connect with service delivery manager - understand the risk of problems with unknown root cause in the environment.

15. New team members are joining the project. Who should take care of training them on the customer specific operational processes. ?
a. module/ tower leads
b. service management team.
c. project management office of the account.
d. customer

16. The resolving team is complaining about delays from earlier teams in routing incidents. As a result they are unable to resolve incident in a timely manner.What would be your advise as a consultant ?
a. Create audit log entries for activites performed and generate reports on audit log timestamp.
b. Give resolver teams SLA credit   
c. Site the limitations of the tools and live with the problems
d. requests teams to create a new incident each time the issue escalted to new technical team.

17. Which of the following must be dominant attitude of support staff when resolving incidents ?
a. Control bound decision making   
b. Risk based decision making
c. Fact based decision making
d. Time bound decision making

18. A KEDB Record and SOP document were created after major incident to guide the team in future. if similar case re-occured. The team successfully followed the SOP 40 similar instamces however on one instance was missed which lead an outage of 24 hours. Should we perform the root cause ?
a. No it is a single instance, ignore it.
b. Yes, understand what caused the SOP execution failure.  
c. Yes, redocument the known error.
d. No, as the known error is already documented.

19. To facilitate early releases, quality standards can be reduced to save time. Choose the correct option?
a. Products must be delivered to highest quality hence there should not be any compromise on quality.
b. We need to ensure that products are launched as per the commited dates and hence quality can be compromised.
c. Risk must be thoroughly evaluated and balanced business risk decision must be taken in alignment with business objectives 
d. Deploy the changes and incases of any issues immediately redeployed the tested code after 5 days.

20. what is the first step of continual process improvement ?
a. Develop plan for improvement.
b. Review process guides
c. Confirm what is the vision.
d. Assess where you are.    

21. VIP user to make changes to the live network firewall. How should support team proceed for with the change?
a. Raise a change record and follow complete approval process before implementing the network firewall change. 
b. Raise a change request for the purpose of documentation only.
c. Change request need not to be raised.
d. As the request is from the VIP user, implement the request without approval process.

22. Some of the adhoc tasks performed by the change manager are ?
a. Identifying the change process improvement
b. Publishing change notifications during the deployment. 
c. Hosting CAB meetings
d. Identifying the standard changes.

23. What should be the default practise for "failed changes" in an ideal world ?
a. Retain for fix later
b. Rollback full change
c. Fix forward
d. Rollback failed components     

24. Where detailed design of process specific service level agreement (SLA) should be documented ?
a. In respective process guide reference and understandable  
b. service level management process guide
c. in document as said by customer

25. What is the bare minimum requirements to be considered while defining a process ?
a. SOX
b. GDPR   
c. Law of Land 
d. ITIL best practices

Transition Management Question and Answers

1)  Transition sets the benchmark by which the client provider relationship is initially measured.

     True

     False

2)  Successful transitions result in better business outcomes only for the Enterprise (Customer) and not to the provider in the long run.

     False

     True

3)  Well-executed transition enables customers to unlock value from outsourcing initiative in quickest possible time.

     True

     False

4)  Transition does not estimate the costs, timing, resources and risks associated with a service.

    True 

    False

5)  Transition is new or changed service that satisfies the needs of the customer.

     True

     False

6)  A hostile transition in IT can be defined as when you take over knowledge from another external provider and then in a second step, the responsibility to deliver the work is transferred to us.

     True

     False

7) Which of the below statement defines the Knowledge Acquisition phase of the Transition?

Understand the existing environment,process ,service scope

        Hands on experince with actual env with limited scope

        Handle the services in scope with minimal to no support

        Satbilizes the environment and try to achieve the target SLAs/KPIs

         Provide service independently to SLA and strive for continous improvement

8) Which of the below statement defines the Secondary Support of the Transition?

Understand the existing environment,process ,service scope

        Hands on experince with actual env with limited scope

        Handle the services in scope with minimal to no support

        Satbilizes the environment and try to achieve the target SLAs/KPIs

         Provide service independently to SLA and strive for continous improvement

9) Which of the below statement defines the Primary Support phase of the Transition?

Understand the existing environment,process ,service scope

        Hands on experince with actual env with limited scope

        Handle the services in scope with minimal to no support

        Satbilizes the environment and try to achieve the target SLAs/KPIs

         Provide service independently to SLA and strive for continous improvement

10) Which of the below statement defines the Stabilization phase of the Transition?

Understand the existing environment,process ,service scope

        Hands on experince with actual env with limited scope

        Handle the services in scope with minimal to no support

        Satbilizes the environment and try to achieve the target SLAs/KPIs

         Provide service independently to SLA and strive for continous improvement

11) Which of the below statement defines the Steady phase of the Transition?

 Understand the existing environment,process ,service scope

        Hands on experince with actual env with limited scope

        Handle the services in scope with minimal to no support

        Satbilizes the environment and try to achieve the target SLAs/KPIs

         Provide service independently to SLA and strive for continous improvement

12)  Which of the below tools/applications is used to create and maintain the transition plan?

  Service Acquisition Manager (SAM) &   Microsoft Project Plan (MPP )

          Microsoft Project Plan (MPP )

         Service Acquisition Manager (SAM) 

         None

13) Which of the below features are present in the SAM tool?  -- All

        I. Plan and Track the Transition

        II. Import/Export Reports

        III. Task Dependency Mapping

        IV. Milestone Alerts/Report Scheduler

14) Which of the below transition scenarios aligns with scale and complexity?

Transition from mutiple Geographies for DC

15) Which of the below tools/applications is a one-stop shop which provides the details of the past and present transitions?

Transition Program Log (TPL) 

        Contractual Commitments Risk Tracker (CCRT)

        Service Acquisition Manager (SAM)

        Microsoft Project Plan (MPP )

16)  Staff Attrition is a key element during the transition from the in-house customer team.

True

        False

17)  Personal development and team management is the responsibility of Transition Lead, Manager and Director.

True

        False

18)  Transparency to the customer helps in successful transition.

True

        False

19)  Team Building exercise within Company and Client Associates is one of the best practices during the transition.

       True

        False

20) Which of these are not the focus areas of Transition?

Automation

21) Which one of the below option is related to Rigor in Transition (RIT)?

Ensure that all exisitng operational tools and processes are transitionioned and details are documented

22) Quality gates and Acceptance criteria are not related to each other.

     False

    True

23) Toll Gates are applicable for all the phases of Transition.

True

        False

24) Which one of the below Acceptance criteria is related to Pre Secondary Support Quality gate?

RAID Log

25) What is the possible mitigation plan when there is a delay in getting the ODC and network connectivity during the transition?

    connect through alternative vpn

26) Transition Governance/Review takes place in 3 levels to achieve smooth and risk free transition.

    True

    False

Concepts

------------

 ETVX  Model and Phases -    Entry,Task, validation, exit

 Transitional plannin   (ETVX)     -- First Phase

 Knowledge Acquisition    (ETVX)  -- Second Phase

 Secondary Support   (ETVX)    Third Phase

 Primary Support    (ETVX)    Fourth Phase

 Stabilization         (ETVX)    Fifth Phase

 Steady State     (ETVX)    Fifth Phase

 The following tools and applications will be used during a transition:

Service Acquisition Manager (SAM) -- Plan and track, Reports, Import/ Export, Trackers, Acceptance Criteria and Dependecies, Task Dependecies feature, Report Scheduler 

Microsoft Project Plan (MPP ) -- Task administration, resource management, Transition scheduling and tracking , Reporting 

Phases :  startup, Initition, transition execution, closing the transition

Task administration  -- Task, summary task, milestone administration

Contractual Commitments Risk Tracker (CCRT) -- 

 Contract Commitment Tracker is a very useful asset that helps the engagements to track the commitment clauses, specified in the customer contracts, MSAs, SOWs and so on. This tracker enables the project to capture the commitment against the following parameters, apart from other additional commitments.

Transition Program Log (TPL) --  

Focus areas in transition management

Planning and Goveranance

Oboarding and resource rampup

Execution 

Trnasperancy

Process Quality 

Knowledge Quality

Risk and Issues Management

SLA Report Development

Third-Party Contracts

Delivery Readliness and OCM

Tools Integration

Security and Complaince

Transition best practices

Customer Focus

Process Focus

People Focus

Automation and Enablers

Reponsibilites and keyfactors For sucessful transitions

Transition Lead

Transition Manager

Transition Director

Keytool Commands

which keytool
The will display the default keytool path.

 1) keytool -list -cacerts
This will show cacerts in the server.

2) keytool -list -keystore cacerts

3) keytool --v list -keystore cacerts -storepassword "password"
This will show the certificate in verbose mode.

This will show keystore file. It will prompt for keystore password. You need to provide the password for keystore.


4) keytool --importcert -trustcacerts -noprompt -file "certificatename.cer" -cacerts -alias "certificatelabelname" -storepass "password of the file"
This will import the certificate into cacerts 

5) keytool --importkeystore -srckeystore "file.pfx" -srcstoretype pkcs12 -destkeystore "file.jks"-deststoretype JKS -srcstorepass "source keystore password" -deststorepass "destination key store password"
This will import pcks12 certificate that contains root and intermediate into jks format. 

5) keytool --importcert -alias "certificatename in targetfile" -file "file.crt" -keystore "file.jks" -storepass "password of store key password"
This will import new ca certificate into the jks file.

6) keytool  -printcert -file certificate.crt 

This will print the certificate of the file with certificate name , its validitiy and finger print.

7) keytool  -showinfo -tls

This will show the TLS version of the environment and chipers available in this.

8) keytool  -v -list -cacerts -alias "certificatename"

This will show the alias certificate name.

9) keytool -list -keystore -storetype pkcs12 -storepass "keystore password"

This will show the keystore in the server.

10) keytool -import -trustcacerts -alias "certificate alias name "-file C:\temp\mdeCert.cer -keystore cacerts

This will import the certificate into keystore.

CopyRight Question and Answers

1. Where is the indian copyright offices located in india ?

a. New Delhi  
b. Kolkata
c. Chennai
d. Mumbai
e. Bengaluru 

2. We can get the following freedom using copy left ?  
a. The freedom to use the work.
b. The freedom to study the work.
c. The freedom to copy the work.
d. The freedom to modify the work.
e. The freedom to share the work with others.

3. What is Copyleft?
a. The exclusive and assignable legal right, given to the originator for fixed number of years, prior to print, publish, perform, film 
b. Copyleft is a form of licensing and can be used to maintain copyright conditions for works such as computer software, document  
c. The exclusive and assignable legal right, given to the originator to indefinite period.
d. The exclusive right given to person to copy a document, musical work or artistic material.
e. The exclusive right to use a third party software for a certain number of years.

4. Following types of remedies are available for copyright infringement?
a. Civil Remedy
b. Criminal Remedy
c. Quasi-civil remedy
d. Both (1) & (2) 
e. None of these

5. Identify the correct statements ?

a. Copyrighted work must be fixed in tangible form of expression

b. Derivative work is known as related right, not copyright

c. Motion pictures and sound recordings cannot be protected under copyright

d. Universal Copyright Convention (UCC) and Berne Convention are the two principal international conventions related to copyright.

e. A copyright gives the owner full and exclusive rights on the work.

6. Can i stop others from using my program under the terms of GPL ?

a. Yes

b. No

c. Yes, if my competitor stop paying the annual license fee.    

d. Yes, Once the license get terminated.

e. Yes, once the license get renewal.

7. How does a copyright protected work arrive in public domain ?    

a. Copyright has expired.

b. Copyright owner has failed to follow copyright renewal rules (US).

c. Copyright owner deliberately places it in the public domain, known as "dedication".

d. Copyright law does not protect type of work.

e. As per the directive of deputy register of copyright office.

8. Identify the correct statements ?    (all wrong)

a. The Berne Convention, says that as soon as you write, the work you create is not automatically copyrighted by copy

b. A copyright gives the owner full exclusive rights on the work as copyright owner, you may state that nobody is

c. Freeware is a software that is made available to the public free.

d. Shareware is a system of marketing software at no change on a trail basis. Later user may need to pay.

e. Open source does not necessarily mean free-to-use. Restriction may apply such as attribution, modification and redistricbute

9. Can you restrict people from using the Open Source licensed program ?

a. Yes, because as it is open source, I can put my terms

b. No  

c. Yes, under my defined terms and conditions

d. If OSI (Open Source Initiative ) and FSF (Free software foundations) approve.  

e. Yes, without any terms and conditions.

10 What are the characteristics of a free & Open Source Software License?  

a. The freedom to run the program for any purpose

b. The freedom to change and modify the program

c. The freedom to copy and share the program

d. The freedom to share improved versions of the program

e. None of these 

11. What are incorrect statements ?

a. CopyRight law protects shorts phrases like "make my day".  

b. Shareware is a system of marketing software at no charge on trail basis, later user may need to pay.

c. Freeware is a software that is made available to the public for free.

d. CopyRight protection covers facts, ideas, or theories. 

e. exclusive gifts on the work.

12. What is the span of CopyRight in India ?

a. Life of author + 40 years

b. Life of author + 60 years 

c. Life of author + 70 years

d. Life of author + 90 years

e. Life of author + 20 years

13. Identify the incorrect statements ?

a. Images available in public domain also protected under copyright law. Such work cannot be used without permission.   

b. Plagairsm is an act of fraud. It invloves using someone's work and presenting and maintaining as its one's own.

c. When copying from public domain, user should not be careful to avoid plagarism.  

d. CopyRight infringement does not occur when someone other than copyright holder copies the "ëxpression" of work.  

e. CopyRight infringement may occur if infringing work is "substancially similar" to the copyrighted work.

14. Can you write propietary code that links to a open source shared library?

a. Maybe, Provided Open Source license allows it.

b. No  -- wrong

c. Yes

d. Maybe, if Open Source license comes under GPL.

e. Maybe, if Open Source license comes under LGPL.

IP Patent Question and Answers

 1. Activites involved in certain interoperability standardisation works would be considered as ------------
a. an IP risk
b. a corporate risk
c. a IP threat 
d. an IP vulnerability
e. an IP Infringement

2. What is IP risk tolerance ?
a. Perceived impact on the organization's IP and eventually to business due to IP threat.
b. It is the quantam of type of IP-risk an organization is willing to take in order to meet its strategic objectives.
c. Event/Cicrumstance pertaining to intellectual property with potential to adversely impact the organization.
d. Acceptable level of variation of quantam of type of risk an organization can accept or avoid 
e. weakness or gap that exposes the organization to IP threat.

3.  what are typical impact criteria of IP risk?
a. loss of business and financial value.
b. Damage to reputation
c. Exposure to punitive damages
d. Disruption of plans and deadlines     
e. none of the above

4. How the IP vulnerability due to "Inadequate or no FTO analysis prior to product launch or gap between FTO analysis and product release" can be mitigated?
a. conduct FTO analysis to every product release    
b. conduct Landscape analysis in early stages or product release.
c. Migrate non-FTO analysed customer-deployed version to an FTO analysed version. 
d. Ensure IP safety complaince before commercialization of any company assest. 
e. Conduct Landscape analysis in final stages of product release.

5. Intellectual property risk management is not a process of identifying, analysing and responding to risk factors related to IP throughout the life of an IP right?
a. True
b. False

6. The organizations which are continously harnessing intellectual property for competitive advantage & market share are also exposed to significant risks emananting from within the organization?
   a. True
   b. False 
   
7. What is IP Risk ?
   a. Risk associated with any knowledge artifacts or an organization
   b. Risk associated with any intangilble assests of an organization
   c. Risk associated with patents, copyrights, trademarks, trade secrets.
   d. Risk associated with products & platforms, solution, concepts, POC/PoT, Frameworks, Components  -- Answer
   e. Risk associated with software products only

8. What do you mean by IP threat ?
        a. Perceived impact on the organization's IP and eventually to business due to IP threat.
b. It is the quantam of type of IP-risk an organization is willing to take in order to meet its strategic objectives.
       c. Event/Cicrumstance pertaining to intellectual property with potential to adversely impact the organization.
d. Acceptable level of variation of quantam of type of risk an organization can accept or avoid 
e. weakness or gap that exposes the organization to IP threat.

9. Where do IP related risks originate ?
    a. Within the organization itself
    b. Government entities
    c. Independent 3rd parties
    d. Illegal entities
    e. None of the above

10. Identify the correct statements?
    a. Intellectual property Risk Management is a process of identifying, analyzing and responding to risk factors related to IP through out the life of an IP right
  b. Intellectual property Risk Management is a process of analyzing exposure to risk and determine how best to handle such exposure
  c. IP Risk Management would analyze the business impact for any specific IP threat considering the likelihood of occurrence as well as IP risk Tolerance of a business
  d. IP Risk profiling would be performed to identify IP threats & vulnerabilites as well as to nail down the consequence on IP for any specific threat and correspondinng
  e. Proper risk management implies control of possible future events and is proactive rather than reactive.

11. Which of the following are IP related threats ?
a. Employees stealing IP from the company
b. Embracing open source software
c. Trade secrets not being propely managed
d. The publishing activities of the business
e. Trademark disputes with 3rd parties

12. A risk register is 
a. A description of the IP threat 
b. A documented record of the identified risks, their significance or rating, and how they are managed or treated
c. An assessment of IP risk tolerance of a specific OU based on current or existing controls as well as business priority.
d. Any progress updates as the treatments are implemented
e. A register which contains all the future business risk details of an organization.

13. What do you mean by IP vulenability ?
    a. Perceived impact on the organization's IP and eventually to business due to IP threat.
    b. It is the quantam of type of IP-risk an organization is willing to take in order to meet its strategic objectives.
    c. Event/Cicrumstance pertaining to intellectual property with potential to adversely impact the organization.
    d. Acceptable level of variation of quantam of type of risk an organization can accept or avoid 
    e. weakness or gap that exposes the organization to IP threat.

14. What do you mean by Risk Appetite ?
    a. Perceived impact on the organization's IP and eventually to business due to IP threat.
  b. It is the quantam of type of IP-risk an organization is willing to take in order to meet its strategic objectives.
    c. Event/Cicrumstance pertaining to intellectual property with potential to adversely impact the organization.
     d. Acceptable level of variation of quantam of type of risk an organization can accept or avoid 
     e. weakness or gap that exposes the organization to IP threat.

SQL Plus Commands

 To Run SQL Commands'

tnsping TestDB 

to check whether database available

1) To Connect as admin from SQL Plus

           Sample:   sqlplus username/password@TestDB AS SYSDBA

2) To Connect as user using sqlplus

Patent Questions and Answers

  1)  Identify the correct statements 
a. Software patents are allowed in Europe Only 
b. Software patent examination is fast and lead to early grant 
c. The criteria for software patentability is country specific and currently open to interpretation due to changing legal landscape 
d. Software patents are granted globally, not country wise 
e. A mathematical or business method or a computer program per se or algorithms are allowed as inventions in software patents. 
x
2) What are the criteria of patentability? 
a. Novelty 
b. Inventive step 
c. Industry applicability  
d. Best mode 
e. Reduction to Practice or Working model  

3) Patent Cooperation Treaty (PCT) provides a mechanism for the filing of single international patent application which has the same effect of national applications filed in the designated countries? 
a. True 
b. False  

4) Among the sections of Indian patent act, computer program per se is treated as non-invention? 
a. section 3(m) 
b. section 3 (j) 
c. section 3(k) 
d. section 2(k) 

5) When it is not fully developed enough for filing, what type of filing can be done by the inventors? 
a. provisional patent 

6. An inventor came up with the idea which patent eligible as per section 3 and section 4 of Indian patent Act. Which of the following options is true in such a case? 
a. The inventor can get patent as his idea is novel 
b. The inventor can get patent only if his idea is novel and inventive 
c. The inventor can get patent only if his idea is novel, inventive and has some utility 
d. The inventor can get patent only invention claims anything obviously contrary to well established natural laws. 

7) Computer programs can be considered as patentable inventions when they have a non-technical behavior? 
a. True 
b. False 

8) What is the main purpose of providing CRI (Computer Related Invention) guidelines by Indian patent office? 
a. to classify different types of software patents which are patentable and non-patentable 
b.to foster uniformity and consistency in the examination of CRIs 
c. to define various types of software patents 
d.to publish patent application in a more efficient way  
e. to streamline the process of patent filing through regional patent offices across India 

9) Identify the correct statements  
a. Software can be patented in the U.S, if it is unique and tied to the machine 
b.  As per America Invents Act laid out in 2013, any non-US citizen can file a patent in the U.S patent office, only he has  
c. Software patents in the U.S are granted for a period of 18 years from the date of grant of 20 years from the date of filing. 
d. As per America invents Act laid in 2013, patent can be granted on any mathematical formula and on application 
e. As per the America inventions Act laid in 2013, "first inventor to file" is allowed for filing patent applications. 

10) Which of the following inventions are not patent eligible subject matter under section 3 of Indian patent act? 
a. A novel method of water purification 
b. Anti-bacterial and anti-viral property of ginger to cure cold and cough 
c. a system and method for measuring the blood sugar of the person from the fingertip 
d. A machine polluting the air. 
e. A method of agriculture or horticulture. 

11. Identify the incorrect statements?  
a. A provisional application is a non-permanent application which is filed when the invention is in the initial stage and under research to mature in future 
b. A provisional application must be followed by a computer specification within 2 years from the date of provisional application. 
c. Complete after provisional application must be filed within 18 months (about 1 and a half years) after filing of the provisional application. 
d. if the applicant considers that the invention has matured enough to be disclosed but not fully developed, then provisional specification is submitted along with a patent application. 
d. national applications are generally filed at national office such as Indian patent office, to obtain a patent in the country of that office.  

12. What are the requirements of subject matter eligibility under section 101 in the U.S. office? 
a. Claimed invention must be directed to one of the four statutory categories of inventions i.e. process machine, manufacture, or composition of matter. 
b. Claimed invention must not as whole be directed to Judicially recognized exceptions including laws of nature, natural phenomena and abstract idea. 
c. Claimed invention must not as whole be directed to mere-physical phenomena, scientific principles, systems depending only on human intelligence, mental process, disembodied matter. 
d. Claims directed to or encompassing a human organism. 
e. Claims directed to the basic tools of scientific and technological work and claimed as a process, machine, manufacture or composition of matter. 

13) Patent prosecution is the interaction between applicants of their representatives, and the patent office regarding a patent, or an application for a patent.  
a. True 
b. False 

 
14)  What do you understand by patent application date? 
a. Date on which the patent application was filed 
b. Date on which the patent application was available to the public. 
c. Date on which the patent application was granted notice of allowance. 
d. Date on which the patent application undergoes first examination by patent office 
e. Date on which the patent application is internally published by the patent office. 

15)  Among the following, which is not a Patent granting Authority? 
a.  USPTO (United States Patent and Trademark Office) 
b. EPO (European Patent Office) 
C. JPO (Japan Patent Office) 
d. WIPO (World Intellectual Property Organization) 
E. IPO (Indian Patent Office) 

16) Bibliographic Information of a patent document does not provide which of the following information? 
A. Inventors/Applicant/Assignee 
B. Priority date/ filed date /grant date 
C. References Cited /Classifications 
D. Publication date 
E. Detailed description 

17) A Patent document is a ------------------- 
A. Legal document 
B. non-legal document 
C. Technical document 
D. Functional document 
F. Business document  
 
18)  Patents must be renewed by paying a renewal fee so that they are kept "in-force"? 
A. True 
B. False  

19) Which section of the patent document defines the scope of invention? 
A. Summary  
B. Description 
C. Claims 
D. Drawings 
E. Abstract 

21) A number published on the document at USPTO (United States Patent and Trademark Office) is Choose correct option?  
A. Patent Application publication number  
B. Granted patent number for design patent 
C. Granted patent number for utility patent 
D. Patent Application number 
E. Reissued patent number 

22) As per the manual of patent examination procedure (MPEP), an applicant can amend the claims during prosecution. Which of the following is true? 
A. Yes, without any restrictions and anytime during the examination phase 
B. Yes, only if amended claim is sufficiently disclosed in the description  
C. Yes, and moreover additional subject matter may be added to the specification in support of
the claims before the final office action. 
D. Once filed, claims cannot be modified unless there is a written approval from supervisory Patent examiner.
E. Yes, but only the dependent claims can be amended and at any time during the examination phase 

23) To determine literal infringement of a competitor's product on a company patented invention in U.S It is sufficient to check which of the following? 
A. All the elements of at least one of the independent claims of a company granted patent, maps to the features of the competitors product. 
B. The functions performed by the competitor's product should be present in the description of the Company granted patent. 
C. The functions performed by the competitor's product should be present in the summary of the Company granted patent. 
D. At least one of the elements claimed in the dependent claim of the Company granted patent should map to the functions performed by the competitor product. 
E. The functions performed by the competitor's product should be present in the abstract and description of the Company granted patent. 

24) Arrange the following in the chronological sequence of patent filing to Patent grant as per examination norms laid out by the Indian patent office. 
1. Office action 
2. Request for examination 
3. Publication of Patent 
4. Examination of Patent 
5.  Patent Grant 
1-->2-->4--> 3-->5 
2-->3-->1-->4-->5 
3-->2-->1-->4-->5  
2-->4-->3-->1-->5 
3-->2-->4-->1-->5 

25) 1. A device, the device compromising a writing instrument, and at least one light source attached to the writing instrument  
2. The device in claim 1, wherein the least one light source is detachably attached to the writing instrument. 
Choose correct answer 
        a.  Claim 1 is an independent apparatus claim 
          b.  Claim 2 is dependent method 
          c.   Comprising is an element of the independent claim.
          d.   "A writing instrument, and at least one light source attached to the writing instrument" are transitional phrases of the independent claim. 
        e. Claim 1 is dependent apparatus claim. 

26) In case of U.S patent application, the background section of a patent document provides which of the following?  
A. Existing technology relating to the field of invention as of today. 
B. Existing technology relating to the field of invention at the time of filing patent application for the invention. 
C. Limitations and problems in the art at the time of patent application. 
D. Existing technology relating to the field of invention at the time of grant of the patent application. 
E. Existing technology relating to the field of invention at the time of publishing of patent application. 

27 ) An Application residing in the U.K, files a patent application in india claiming priority from the first applicantion in UK. The terms of patent granted in india will be.
A. 20 years from the date of filing of the earliest application (U.K Application)   
B. 20 years from the date of filing the application in india
C. 17 years from the date of grant of application in india   
D. 20 years from the date of publication of the application    
E. 20 years from the date of filing or later filed application (Indian Application)  

28) Identify the correct statements  
A. In most patent rules, renewal annuities or Maintenace fees must be regularly paid in order to keep the patent in force. 
B. Patent maintenance begins after the publication of patent application. 
C. The term of the patent is the maximum period for which it can be maintained in force. 
D. In certain jurisdictions, patent renewal fee also varies based on number of claims in the patent. 
E. The term of every patent in India is twenty years from the date of filing of the patent application, irrespective of whether it is filed with provisional or complete specification

29)   Among these, identify what is not present in an indian patent application ?
A. Claims
B.Drawings
C. Abstract
D. Features
E.Summary