CET2691 Final Exam Study Guide
In a situation where phishing attackers attempt to steal personal information, which of the following federal acts can be used to prosecute such a crime?
**INCORRECT** Computer Fraud and Abuse Act
What is a forensic duplicate image?
A bit-by-bit copy of the original storage media
Which role identifies the person in an organization who has the senior most role in protecting information security?
CISO
When performing computer forensics, what is a potential source of digital evidence?
Cell phone
Which of the following is not a risk management technique?
Certification
The ____________________ protects the personal information of children online. Children's Internet Protection Act (CIPA) Children's Online Privacy Protection Act (COPPA) Family Educational Rights and Privacy Act (FERPA) Health Insurance Portability and Accountability Act (HIPAA)
Children's Online Privacy Protection Act (COPPA)
The American legal system is based in large part on ____________________ common law.
English
Which doctrine prevents the government from using illegally gathered evidence at a criminal trial? Locard's Exchange Daubert Fruit of the Poisonous Tree Doctrine of Precedent
Fruit of the Poisonous Tree
The ________________________ makes identify theft a federal crime.
Identity Theft and Assumption Deterrence Act
__________________ is the process of reviewing known vulnerabilities and threats. Risk analysis Risk mitigation Risk engineering Risk avoidance
Risk analysis
SOX ______________ requires CEOs and CFOs to certify a company's SEC reports. Section 404 Section 302 Section 708 Section 906
Section 302
A conflict of interest is any situation where a person's private interests and professional obligations collide. In the risk assessment context, a conflict of interest is a situation where a member's responsibilities as part of the risk assessment team might conflict with one's job responsibilities. In these situations, independent observers might question whether a person's private interests improperly influenced his or her professional decisions. True False
True
An incident is any event that involves an organization's equipment, data, or other resources. True False
True
FERPA has four main requirements: Annual notification, access to education records, amendment of education records, and disclosure of education records. True False
True
What is the name of data that is stored in memory? forensically sound persistent volatile static
volatile
Which law requires each federal agency to develop an information security program?
FISMA
The _____________ established the national banking system in the United States. National Bank Act of 1864 Bank Secrecy Act of 1970 Bank Holding Company Act of 1956 Gramm-Leach-Bliley Act
National Bank Act of 1864
Which of the following would not appear in an IT acceptable use policy (AUP)?
data retention
Which of the following is not a primary analysis area of computer forensics?
**INCORRECT** Media analysis
__________________ is the wrongful act that constitutes a crime.
Actus reus
A judge or jury can consider only __________ evidence when deciding cases.
Admissible
What situation would be an example of an exploit?
An art thief sneaks into a museum and steals a famous painting and then sneaks out of the museum without being caught by security because the thief identified and traveled through the museum via blind spots of the museum's security cameras. After the incident, the museum increases the number of security guards and cameras guarding the museum at all times.
In forming a contract, the parties must bargain for something of value. This is called ____________________.
Consideration
Compensatory, consequential, nominal, and liquidated are all types of ____________.
Damages
Individual consumers are the targets of hackers far more often that financial institutions. True False
False
The Enron scandal proved that self-regulation has only benefits and little to no drawbacks, as evidenced by the role of their accounting firm, Arthur Andersen. True False
False
The following scenario is an example of a situation in which a copyrighted work is protected under fair use for educational purposes: a professor prepares a newsletter for a Web site. The professor includes in the newsletter a copyrighted cartoon about teaching students to illustrate a humorous point. True False
False
The _________________ requires schools to protect students' records. Health Insurance Portability and Accountability Act (HIPAA) Family Educational Rights and Privacy Act (FERPA) Children's Internet Protection Act (CIPA) Children's Online Privacy Protection Act (COPPA)
Family Educational Rights and Privacy Act (FERPA)
At the federal level, what is the name of the main guidance regarding the submission of evidence at trial?
Federal Rules of Evidence
The mission of the __________________ is to protect consumers and to make sure that business is competitive by eliminating practices harmful to business. National Credit Union Administration (NCUA) Federal Trade Commission (FTC) Office of Thrift Supervision Federal Financial Institutions Examination Council (FFIEC)
Federal Trade Commission (FTC)
_________________ was created by Congress to make health insurance portable. CIPA HITECH Act HIPAA FERPA
HIPAA
_______________________ is part of the executive management team's responsibility for protecting an organization's information assets.
Information security governance
A trademark has two criteria: 1) it must be used in interstate commerce and 2) _____________________.
It must be distinctive
Which of the following is not one of the responsibilities of information security managers?
Make sure that security is used to support business goals
________________ means that the parties to the contract must show that they intended to enter into a specific transaction with specific terms.
Mutual assent
___________ includes reviewing transaction logs and uses real-time monitoring to find evidence. Media analysis Code analysis Network analysis Log analysis
Network analysis
Which of the following is true regarding Locard's exchange principle? Computer forensic specialists need to have the same skills as a traditional information security professional. People leave trace evidence in the physical world but not the digital world. People leave trace evidence whenever they interact with other people and with their surroundings. Computer forensic specialists do not need to understand the laws of evidence and legal procedure, only good evidence collection processes.
People leave trace evidence whenever they interact with other people and with their surroundings.
Any organization's risk management plan includes:
Risk assessment, risk response, training employees, and continuous monitoring
______________________ created a comprehensive standard to help any organization create an information security governance program.
The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC)
The purpose of the ___________________ is to remove barriers to electronic commerce by validating electronic contracts.
Uniform Electronic Transactions Act (UETA)
Which of the following is not one of the events that that triggers a Form 8-K disclosure requirement? selling off significant assets acquiring an inheritance filing for bankruptcy getting a loan
acquiring an inheritance
The main goal of information security is to protect: non-public personally identifiable information financial data of public entities confidentiality, integrity, and availability personal health data and biometrics
confidentiality, integrity, and availability
All of the following are examples of protected health information (PHI) except: past, present, or future health information information regarding physical or mental health publicly available information regarding insurance companies information regarding different health insurance premium cost options
information regarding different health insurance premium cost options
Which of the following lack(s) contractual capacity to enter into a contract:
people who are mentally incompetent
PHI refers to: protected health information public health information private health insurance public health insurance
protected health information
A ____________________ is owned by many investors in the form of stock. public company closed corporation privately held company sole proprietorship
public company
Online Privacy Alliance (OPA) is an organization of companies dedicated to protecting online privacy. Members of OPA agree to create a privacy policy for a customer that is easy to read and understand. Which of the following provisions is not included in the policy? the option of choosing who sees the data how collected data is secured types of data collected how data is used
the option of choosing who sees the data
The U.S. Securities and Exchange Commission reviews a public company's Form 10-K at least once every ____________ years. four five three two
three
Which of the following statements best captures the function of the Federal Trade Commission (FTC)? to make frequent reports to the president on its actions to promote consumer protection and eliminate practices that are harmful to competitive business to be one of the most important regulatory authorities for consumer and some business practice issues to make frequent reports to the president on its actions
to promote consumer protection and eliminate practices that are harmful to competitive business
Courts are struggling with the privacy implications of GPS tracking. In 2009, New York's highest court held that police officers must have a ______________ in order to place a GPS tracking device on a suspect's car. tort RFID tag warrant injunction
warrant
Which of the following was enacted by Congress in response to growth in identity theft crime? Federal Trade Commission (FTC) Fair and Accurate Credit Transaction Act (FACTA) of 2003 Federal Reserve System Gramm-Leach-Bliley Act (GLBA)
Fair and Accurate Credit Transaction Act (FACTA) of 2003
A company that created virtual online gaming worlds agreed to pay $3 million in 2011 to settle charges with the FTC. The FTC alleged that the company improperly collected and disclosed the personal information of thousands of children without parental consent. This is the largest civil penalty so far in a Children's Internet Protection Act (CIPA) action. True False
False
Covered entities must keep records of how they disclose a person's PHI. Under the Privacy Rule, a person has the right to receive an accounting of how the covered entity has used or disclosed the person's PHI. True False
True
As defined by HIPAA, the term "covered entities" means: health care providers, health care clearinghouses, and health plans True False
True
Congress hoped that the Sarbanes-Oxley Act of 2002 (SOX) reforms would prevent another Enron scandal. The main goal of SOX is to protect shareholders and investors from financial fraud. SOX increased corporate disclosure requirements. True False
True
Copyright owners allow others to use their copyrighted material by using a special kind of contract called a license. True False
True
The primary goal of computer forensics is to:
Find evidence that helps investigators analyze an event or incident
One of the main goals of _______________ is to protect an organization's bottom line.
Risk management
Which of the following statements best fits the highest burden of proof? "clear and convincing evidence" "preponderance of the evidence" "preponderance of the evidence" "beyond a reasonable doubt"
"beyond a reasonable doubt"
You are analyzing a risk and have determined that the SLE is $1,200 and the ARO is 3. What is the ALE?
$3,600
HIPAA's _____________________ provisions are designed to encourage "the development of a health information system through the establishment of standards and requirements for the electronic transmission of certain health information." Genetic Information Non-Discrimination Act Privacy Rule Security Rule Administrative Simplification
Administrative Simplification
All of the following statements are true except: All evidence is admissible regardless of collection method as long as it is reproducible in a tangible form. Forensic examiners must use established practices and procedures when collecting evidence. Admissible evidence is good evidence. Inadmissible evidence is bad evidence. To be admissible, evidence must be collected in a lawful manner.
All evidence is admissible regardless of collection method as long as it is reproducible in a tangible form.
Which of the following is a true statement regarding COPPA and CIPA rules? COPPA defines a minor as anyone under the age of 17 years, while CIPA defines a minor as someone under the age of 13 years. COPPA defines a minor as anyone under the age of 13 years, while CIPA defines a minor as someone under the age of 17 years. Both define a minor as anyone under the age of 17 years. Both define a minor as anyone under the age of 13 years.
COPPA defines a minor as anyone under the age of 13 years, while CIPA defines a minor as someone under the age of 17 years.
In 2013, a social media company paid $800,000 to settle charges with the Federal Trade Commission (FTC). The company had an application that allowed children to create journals and share those journals online. Children could also post photos and share location information. The company collected the birth dates of 3,000 children before getting parental permission. The FTC alleged that the company violated which of the following? Family Educational Rights and Privacy Act (FERPA) Health Insurance Portability and Accountability Act (HIPAA) Children's Online Privacy Protection Act (COPPA) Children's Internet Protection Act (CIPA)
Children's Online Privacy Protection Act (COPPA)
___________________ are money awards that compensate the non-breaching party for the foreseeable damages that arise from circumstances outside of the contract and can't be mitigated.
Consequential damages
Which of the following is not a legal remedy in contract law?
Contract identification
_______________________ covers unsolicited commercial e-mail messages and requires commercial e-mail senders to meet certain requirements.
Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM)
______________________ law deals with crimes but ______________ law governs disputes between individuals.
Criminal, tort
The bad faith registration of a domain name that's a registered trademark or trade name of another entity is referred to as:
Cybersquatting
What is a test for measuring the reliability of a scientific methodology?
Daubert
In 1998, Congress passed the _________________________.This law helps protect copyrights in the multimedia world. It also contains provisions that help insulate Internet service providers from the actions of their customers.
Digital Millennium Copyright Act
Which of the following terms would not be incorporated into an AUP statement about mobile device usage?
Employees must store the organization's AUP on their devices and review the AUP on a weekly basis.
Computer forensic examiners secure the crime scene and any electronic devices and ensure no one tampers with or modifies evidence during the collection phase of an investigative process. True False
False
Medical identity thieves exclusively consist of computer hackers or members of organized crime rings. True False
False
Statutes or codes depend on principles developed from years of legal tradition and court decisions. True False
False
The C-I-A triad refers to the way that the Central Intelligence Agencies classifies sensitive information. True False
False
The FDIC insures deposit accounts in the event of bank failure. If a bank fails, the FDIC returns the money that a customer put in the bank, no matter how great or small the amount. True False
False
Which of the following U.S. Constitution amendments contribute to the right of privacy? First, Third, and Fourth Amendments First, Second, and Fourth Amendments First and Sixth Amendments First, Second, and Third Amendments
First, Third, and Fourth Amendments
Which Act established the public's right to request information from federal agencies? Privacy Act of 1974 Electronic Communications Privacy Act Freedom of Information Act Mail Privacy Statute
Freedom of Information Act
Following a disaster, what is the best kind of site if you need to resume operations in the shortest possible time?
Hot
Data destruction policies do not include which of the following?
How long the data should be retained
Which of the following is generally the first step in a computer crime investigative process?
Identification
Patents, trademarks, and copyrights are all types of _________________.
Intellectual property
_____________________ is the area of law that protects a person's creative ideas, inventions, and innovations.
Intellectual property law
________________ is the oldest computer forensic professional group. U.S. Federal Bureau of Investigations (FBI) American Bar Association Forensic Division International Organization on Computer Evidence (IOCE) International Association of Computer Investigative Specialists (IACIS)
International Association of Computer Investigative Specialists (IACIS)
Why is continuous monitoring an important activity in risk management?
It enables an organization to update policies and controls that aren't effective.
A(n) ___________ is an invitation to enter into a relationship or transaction of some kind.
Offer
A merchant of an e-commerce website wants to accept credit cards as a form of payment. Which of the following must the merchant follow to ensure safety of those payments? PCI DSS GLBA SOX FISMA
PCI DSS
Unlike ______________, trade secrets aren't registered. A person or business doesn't have to meet any registration or procedural formalities for protection.
Patents
The purpose of the Gramm-Leach-Bliley Act ___________________ is to fight identity theft. Safeguards Rule Privacy Rule Red Flags Rule Pretexting Rule
Pretexting Rule
_____________ is an individual's right to control the use and disclosure of his or her own personal data. Access Integrity Privacy Preference
Privacy
Data __________________ policies state how data is controlled throughout its life cycle.
Retention
The Enron scandal and similar corporate scandals led to the creation of which of the following? Sarbanes-Oxley Act Gramm-Leach-Bliley Act Securities and Exchange Commission Public Company Accounting Oversight Board
Sarbanes-Oxley Act
The main goal of ______________ is to protect shareholders and investors from financial fraud. Public Company Accounting Oversight Board Sarbanes-Oxley Act (SOX) Gramm-Leach-Bliley Act Securities and Exchange Commission
Sarbanes-Oxley Act (SOX)
The HIPAA ______________________ states how covered entities must protect the confidentiality, integrity, and availability of electronic personal health information. Security Rule Administrative Simplification Rule Red Flag Rule Privacy Rule
Security Rule
_____________________ refers to the purchase of application services over the Internet.
Software as a Service (SaaS)
Which of the following steps occurs before any of the others in a formal policy development process?
Stakeholder review
_____________________ is a legal concept that means people can be held responsible for their actions even when they didn't intend to cause harm to another person.
Strict liability
The power of a court to decide certain types of cases is ______________________ jurisdiction.
Subject matter
_______________________ criminal law defines the conduct that constitutes a crime and establishes penalties.
Substantive
What is the first piece of federal legislation that identified computer crimes as distinct offenses?
The Computer Fraud and Abuse Act of 1984
How does the U.S. Constitution refer to itself? The Federal Government blueprint The just Laws of the United States The supreme Law of the Land The first Law of the States
The supreme Law of the Land
What do you compare in a risk-level matrix when evaluating the elements of a risk?
Threat likelihood and impact
_____________ are used to protect words, logos, and symbols that identify a product or services.
Trademarks
Federal courts can hear only the following kinds of cases: 1) Disputes regarding federal laws or constitutional issues and 2) Disputes between residents of different states where the amount of money in controversy is greater than $75,000. True False
True
In the common law, courts decide cases by referring to established legal principles and the customs and values of society. They also look at decisions made in earlier cases to see if the cases are similar. If the cases are similar, a new case should reach a similar result. True False
True
Incident triage, investigation, containment or mitigation, recovery, and review are basic parts of an incident response plan. True False
True
Law enforcement may conduct inventory searches without a warrant when they arrest a suspect. These searches are allowed when they're made for a non-investigative purposes. True False
True
Public companies are required to file a number of financial disclosure statements with the SEC. These forms help investors understand the financial stability of a company. The most commonly filed forms are: 1) Form 10-K—Annual report, 2) Form 10-Q—Quarterly report, and 3) Form 8-K—Current report. True False
True
The Federal Financial Institutions Examination Council (FFIEC) promotes uniform practices among the federal financial institutions. Its purpose is to: 1) establish principles and standards for the examination of federal financial institutions; 2) develop a uniform reporting system for federal financial institutions; 3) conduct training for federal bank examiners; 4) make recommendations regarding bank supervision matters, and 5) encourage the adoption of uniform principles and standards by federal and state banks. True False
True
The law states that fair use of a copyrighted work isn't copyright infringement, and that fair use is permitted in the following situations in order to promote free speech: criticism, news reporting, and teaching (including multiple copies for classroom use). True False
True
The first state to enact anti-spyware legislation was: Texas California Michigan Utah
Utah
A _____________________ does not require the user to make an affirmative action to accept the terms of the contract. Agreement is assumed when the user visits the Web page or downloads a product.
browsewrap contract
Which of the following is not a condition of "obscenity" as defined by the U.S. Supreme Court? depicts or describes sexual conduct in a patently offensive way appeals predominantly to prurient interests depicts any type of sexual conduct lacks serious literary, artistic, political, or scientific value
depicts any type of sexual conduct
Schools may make the following type of disclosure without obtaining parental or student consent: disclosure of any information to any school official with a need to know disclosure of school disciplinary records disclosure of grades or test scores disclosure to press for purposes of article promotion
disclosure of any information to any school official with a need to know
A covered entity doesn't have to account for every PHI disclosure that it makes. The Privacy Rule states that some kinds of disclosures don't have to be included in an accounting. Any disclosure not specifically excluded must be included and tracked. Which of the following disclosures does not need to be tracked? disclosures made to carry out treatment, payment, and health care activities disclosures required by law disclosures required for public health activities disclosures to HHS for its compliance functions
disclosures made to carry out treatment, payment, and health care activities
Which of the following is not a valid court-recognized exception to search warrant requirements? exigent circumstances forensic examination of seized media plain view doctrine consent
forensic examination of seized media
SOX requires the SEC to review a public company's Form 10-K and Form 10-Q reports at least once every three years. It must do this to try to detect fraud and inaccurate financial statements that could harm the investing public. SOX states the factors that the SEC should consider when deciding to conduct a review. Which of the following is not one of the factors that SEC must consider? whether a company has amended its financial reports the difference between a company's stock price and its earnings how much stock the company has issued how long the company has been in existence
how long the company has been in existence
The Florida A&M case illustrates which of the following about safeguards? that routine security audits are not sufficient to detect unauthorized or harmful software on a system how safeguards can be used in an accidental integrity compromise how safeguards protect the integrity of computer systems that safeguards cannot be used to discover hackers' identities
how safeguards protect the integrity of computer systems
What are the four privacy torts that still exist today? ECPA, Privacy Act, E-Government Act, and Patriot Act intrusion into seclusion, portrayal in a false light, appropriation of likeness or identity, and public disclosure of private facts in the U.S. Constitution, the First Amendment, Third Amendment, Fourth Amendment, and Fifth Amendment
intrusion into seclusion, portrayal in a false light, appropriation of likeness or identity, and public disclosure of private facts
Under FERPA, which of the following may be disclosed in a school directory without consent? name, address, and telephone number grades earned social security number student ID number
name, address, and telephone number
All of the following are true with respect to cryptography except: were used by the military to protect confidential communications only used today by health care providers to protect health care data hides information so unauthorized persons can't access it preserves confidentiality
only used today by health care providers to protect health care data
All of the following are characteristics of HIPAA except: used to fight health insurance fraud and eliminate waste simplifies how health insurance is administered protects the privacy and security of personally identifiable health information requires that employers offer health coverage
requires that employers offer health coverage
Which of the follow is not a method that web site operators can use to distinguish children from adults? using parental controls requiring payment requiring a name and address requiring parental consent
requiring a name and address
All of the following are examples of consumer financial institutions except: the Federal Reserve System savings and loans associations credit unions insurance companies
the Federal Reserve System
In January 2007, TJX disclosed that hackers had breached its credit card systems. The company reported that the attackers might have accessed credit card data going back to 2002. It reported that 45.7 million credit and debit card numbers might have been disclosed. At the time, the breach was believed to be the largest ever. Banks and customers sued TJX in connection with the breach. State governments also sued the company for failing to protect the credit card information of state residents. Given the nature of this breach, which federal agency opened an investigation? the Federal Deposit Insurance Corporation the Consumer Financial Protection Bureau the Federal Trade Commission the Federal Reserve System
the Federal Trade Commission