CYBER LAW, ALL QUIZZES 1-5 +Q1 AND 2

¡Supera tus tareas y exámenes ahora con Quizwiz!

What situation would be an example of an exploit?

An art thief sneaks into a museum and steals a famous painting and then sneaks out of the museum without being caught by security because the thief identified and traveled through the museum via blind spots of the museum's security cameras. After the incident, the museum increases the number of security guards and cameras guarding the museum at all times.

Which of the following correctly summarizes an employer's right to monitor telephone conversations?

An employer has right to monitor telephone conversations in the ordinary course of business without a court order.

The term ______________ refers to large and complex data collections

Big Data

The ________________________ ensures minors can't accidentally view obscene or objectionable material from school or library computers.

Children's Internet Protection Act (CIPA)

Collection and use of a child's personal information, such as name, e-mail address, or social security number, by a Web site operate is governed by:

Children's Online Privacy Protection Act (COPPA)

The ________________________ protects the personal information of children online.

Children's Online Privacy Protection Act (COPPA)

means that only people with the right permission can access and use information.

Confidentiality

A customer is any individual who obtains a financial product or service from a financial institution, whereas a consumer is an individual who has a continuing relationship with a financial institution.

False

A security breach is the term used to describe when a person's personally identifiable information is used without permission to commit other crimes.

False

Citizens and members of the legal profession are all bound by the terms of the common law.

False

In order for a privacy policy to be COPPA-compliant, it needs to provide notice of how the information will be used in some cases and must offer a general description of possible methods used to collect information.

False

In the U.S. federal system, the U.S. Court of Appeals is the court of last resort.

False

It is not possible that a student record will contain additional information outside the scope of FERPA. FERPA requires schools to reveal this data when access to an educational record is requested. For example, a school will be expected to reveal parental financial records, confidential letters of recommendation, or statements of recommendation.

False

Local users have more privileges than power users but fewer privileges than administrators do. Local users may use and access many functions of the computer system.

False

Phishing is a form of Internet fraud in which attackers sift through trash to discover personal information. It's an issue because individuals and organizations dispose of personal information in unsecure ways.

False

RFID technology poses privacy concerns in that it can track a person's movements and daily habits. However, you can only be tracked by RFID technology if an RFID tag had been inserted under your skin.

False

Statutes or codes depend on principles developed from years of legal tradition and court decisions.

False

Supreme Court nominees are required to be highly respected state or federal judges or highly respected attorneys.

False

The COPPA is the same as the Child Online Protection Act (COPA), the purpose of which is to protect minors from access to harmful material on the Internet.

False

The Constitution specifies the basic lawmaking process. A bill is the initial draft of a potential law. Only one chamber of Congress needs to approve the bill, and the president must sign it before it becomes a law.

False

The DSS offers a single approach to safeguarding sensitive cardholder data for all credit card issuers. It recommends 12 basic categories of security requirements that should be followed in order to protect credit card data.

False

The Federal Reserve System and the FTC enforces the Red Flags Rule for all financial institutions, which makes sense because financial institutions are highly regulated.

False

The Supreme Court has exclusive original jurisdiction to decide cases about disputes between state governments and exercises this original jurisdiction with frequency.

False

There is no risk in clicking an e-mail link, as long as the link doesn't force you to enter personal information.

False

When a Red Flag is detected, it is necessary to conduct a thorough investigation no matter the circumstances of the situation.

False

The Family Policy Compliance Office (FPCO) provides oversight for the ____________________.

Family Educational Rights and Privacy Act (FERPA)

The _________________ requires schools to protect students' records.

Family Educational Rights and Privacy Act (FERPA)

The purpose of the ______________________ is to address financial uncertainty and provide the nation with a more stable economy.

Federal Reserve System

The mission of the _____________________ is to protect consumers and to make sure that business is competitive by eliminating practices harmful to business

Federal Trade Commission (FTC)

Some people believe that COPPA requirements violate freedom of speech without censorship guaranteed by the ______________ Amendment.

First

Which of the following U.S. Constitution amendments contribute to the right of privacy?

First, Third, and Fourth Amendments

Which Act established the public's right to request information from federal agencies?

Freedom of Information Act

What makes a distributed denial of service attack "distributed"?

It involves multiple systems to launch the attack.

Which of the following best defines a technology protection measure (TPM)?

It is any technology that can block or filter the objectionable content.

Which of the following statements summarizes why the window of vulnerability is shrinking?

More people are interested in information security, and have developed the skills to find new vulnerabilities.

The _____________________ established the national banking system in the United States.

National Bank Act of 1864

Based on the descriptions given, what film does NOT exemplify the concept of social engineering?

Office Space: Three friends and disgruntled coworkers at a tech company discover that the company's accounting system has a computer glitch that calculates certain financial information to six decimal points, but only records the first two decimal points in the accounting files and then regularly discards the remaining fractions of pennies. When the trio learns their jobs are in jeopardy, they create a computer program that diverts the discarded fractions of pennies into a bank account they share. They believe that the company will continue to pay them in installments small enough that the company will never notice but that will lead to a very large amount of money over time.

A merchant of an e-commerce Web site wants to accept credit cards as a form of payment. Which of the following must the merchant follow to ensure the safety of those payments?

PCI DSS

Which of the follow is not one of the rights that parents are guaranteed under COPPA?

Parents will be notified by a Web site if is collecting an e-mail address to respond to a one-time request from a child.

Which statement about privacy is NOT true?

Privacy means that a person can specify the collection, use, and sharing of their data.

Required by the Fair and Accurate Credit Transaction Act of 2003 (FACTA), which of the following is an anti-identity theft rule created by federal bank regulatory agencies (the Fed, FDIC, OTS, OCC, and NCUA) and the FTC?

Red Flags Rule

is the process of reviewing known vulnerabilities and threats.

Risk analysis

involves tricking other people into breaking security procedures and sharing sensitive information.

Social engineering

This domain refers to the equipment and data an organization uses to support its IT infrastructure. It includes hardware, operating system software, database software, and client-server applications.

System/Application Domain

The doctrine of precedent is one of the most important traditions in the American legal system. Which of the following statements accurately summarizes how the Plessy v. Ferguson (1896) and Brown v. Board of Education (1954) cases dramatically illustrated how precedent can change and how changing precedent can have a significant impact on society?

The Brown decision was remarkable because the Court departed from the precedent set in Plessy. In fact, the Court specifically rejected the reasoning that it had used to support its decision in Plessy. Brown established new legal precedent that separate but equal laws are unconstitutional.

What is the source of legal authority for the U.S. government?

The U.S. Constitution

To be COPPA-compliant, a privacy policy must provide "assurance that participation is not conditioned on data collection." Which of the following statements offer the best explanation of this criterion?

The Web site must state whether collected information is shared with a third party.

Which of the following is true about U.S. Supreme Court justices?

They are nominated by the president.

A major privacy concern of social networking includes information sharing.

True

Administrative safeguards usually take the form of organizational policies, which state the rules of the workplace.

True

An educational record includes any personal and education data on a student maintained by an educational agency or institution.

True

An employer can monitor computer or Internet use in a number of ways, including the following: by employing keystroke loggers to monitor keystrokes made in a certain period or the number of Web sites visited and by tracking how much time employees spend in software applications provided for work purposes to measure productivity.

True

Biometric data is considered personally identifiable information.

True

CIPA has two main requirements. The first is that schools and libraries that accept E-Rate funding must implement technologies that filter offensive visual content so that minors don't access it. The second requirement is that schools implement an Internet safety policy.

True

COPPA has several rules for getting parental consent. One of them is that the parent's consent is required to collect, use, or disclose the child's information. The notice must state that the operator will not collect, use, or disclose the child's information without parental consent

True

FERPA has four main requirements: Annual notification, access to education records, amendment of education records, and disclosure of education records.

True

Federal courts can hear only the following kinds of cases: 1) Disputes regarding federal laws or constitutional issues and 2) Disputes between residents of different states where the amount of money in controversy is greater than $75,000.

True

Identity Theft Prevention Programs are required to detect, prevent, and mitigate identity theft in covered accounts. The written program must address both new and existing covered accounts.

True

Integrity means that information systems and their data are accurate.

True

Nonpublic personal information (NPI) is personally identifiable financial information that a consumer gives to a financial institution. NPI also includes private information that an institution gets from other sources. It includes lists or descriptions of consumers that are prepared by using this kind of information.

True

Phishing, social engineering, shoulder surfing, and dumpster diving are all examples of people-based privacy concerns.

True

Physical safeguards are actions that an organization takes to protect its actual, tangible resources. They keep unauthorized individuals out of controlled areas.

True

Pretexting, which is also known as social engineering, is the act of trying to gain access to customer information without proper authority to do so.

True

Subject matter areas of law are areas in which an attorney might specialize, and procedural law deals with the processes that courts use to decide cases.

True

The Gramm-Leach-Bliley Act requires financial institutions to protect consumer financial information by complying with the Privacy Rule, the Safeguards Rule, and the Pretexting Rule

True

The PCI Council was formed in 2006 to create safeguards designed to protect credit card data. Any merchant or service provider who accepts credit cards must follow the safeguards.

True

The Red Flags Rule doesn't permit a private right of action, which means that individuals can't sue financial institutions or creditors if they violate the Red Flags Rule.

True

The Tenth Amendment says, "The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people."

True

The primary purpose of CIPA is to protect minors from accessing offensive content on the Internet. Offensive content includes any visual depictions that are any of the following: obscene, child pornography, or harmful to minors.

True

Types of information that most people consider private include financial information, health information, and criminal history data.

True

Under the Fair Credit Reporting Act of 1970 (FCRA), consumers can stop financial institutions from sharing their credit report or credit applications with affiliates.

True

Which of the following questions does not apply to an audit?

What are the rules?

How might the average person use cookies in a beneficial way?

You save an image of a relaxing, cloud-filled sky that appears every time you log-on to your Twitter account.

What is the ISO/IEC 27002?

a reference guide to help organizations choose safeguards

The role of the U.S. Cabinet is to:

advise the president

In the legal system, compliance is the action of following applicable laws and rules and regulations. Which of the following processes would not be used to demonstrate compliance:

allowing employees in an organization to create policies for self-governance documents to comply with legal or regulatory requirements at the employees' discretion

Which of the following must be protected per PCI DSS requirements?

an e-commerce Web server

A(n) _____________ is a formal request for a higher authority to review the decision of a lower court.

appeal

All of the following are examples of consumer financial information except:

biometric data

All of the following are eligibility requirements for the president of the United States except:

both A and B

The main goal of information security is to protect:

confidentiality, integrity, and availability

What is a small string of text that a Web site stores on a user's computer?

cookie

Which of following is not one of the steps in the data life cycle?

data accounting

Schools may make the following type of disclosure without obtaining parental or student consent:

disclosure of any information to any school official with a need to know

All of the following are true statements about the American legal system except:

each branch has a separate sphere of authority (checks)

In which of the following areas of the workplace is an employee most likely to have a reasonable expectation of privacy?

employee lounge

The three branches of the federal government are:

executive, legislative, and judicial

Because their employer is the government, public employees receive ___________ protections.

extra

In which of the following places would a person have "a reasonable expectation of privacy"?

in one's home

FERPA applies to any education agencies or institutions that receive funding from the U.S. Department of Education (ED). Which of the following in not an educational agency or institution?

non-profit organizations that offer educational programs

COPPA requires Web site operators collecting information from children to:

obtain parental consent

All of the following are true with respect to cryptography except

only used today by health care providers to protect health care data

In which of the following types of communication is phishing least likely to occur?

phone calls

Which of the following has the power to declare war, establish a post office, maintain an army, make money, and regulate commerce?

president

According to the federal Administrative Procedure Act, an agency is any governmental authority besides Congress and the courts. Which function does not fall under the category of what an agency does?

sets precedents

All of the following are examples of consumer financial institutions except:

the Federal Reserve System

The Federal Reserve reports directly to:

the U.S. Congress

A single point of failure is a piece of hardware or application that is key to

the functioning of the entire system

What is the window of vulnerability?

the time between exploit discovery and an installed security patch

A ______________ is some kind of wrongful act that harms or hurts a person.

tort


Conjuntos de estudio relacionados

NURS-5381-Healthcare Informatics for 21st Century

View Set

Psyc 426 Unit 11 Arranged Marriages

View Set

Intro To Computing - Python 3 Pt 1

View Set

Practice Cognitive Ability - Human Resource Selection & Staffing

View Set

AP Calc AB (Serrano) 2.1-2.5 Notes

View Set