D333 Pre-assessment Ethic in Technology
A developer creates video games based on real war scenarios and designs characters that mimic real people from world events. The video game has content perceived as excessively violent and rewards players who inflict the most harm on other players' virtual characters. The developer knows that these are simulated acts that depict real war scenarios to create an immersive experience for players but is concerned about the impact on their moral character. Which ethical theory does this situation represent?
Virtue
Which method is commonly used to obtain personal information about consumers in e-commerce scenarios?
Cookies
Which factor is primarily used by deontology to evaluate morality of human actions?
Duty
Which challenge associated with data overload in IT is addressed with predictive coding?
Electronic discovery of a large volume of documents
What is the difference between ethics and morals?
Ethics reflect a societal code of behavior, whereas morals reflect personal principles.
How should an IT professional respond to a cyberattack prior to the incident eradication?
Preserve evidence and activity logs
Which ethical concept is related to the right to use a person's or an organization's intangible creative activities?
Property
What is a reason for organizations to pursue corporate social responsibility (CSR) goals?
Gain goodwill
A U.S. company launched an e-commerce platform in the European Union (EU). The board of directors raised concerns about compliance with applicable privacy regulations and the collection of customer information. Which regulation applies to this scenario?
General Data Protection Regulation
Which two stipulations dictate the obligations of an IT professional regarding data property of a former employer when transitioning from one job to another?
Nondisclosure clause/Noncompete agreement
What are the ethical challenges with an IT professional reverse engineering an in-house-developed software and a third party-developed software?
Only reverse engineering a third party-developed software would be in violation of a professional code of ethics in IT.
What are two reasons technical workers should become members of IT professional organizations? Choose 2 answers.
Peer networks/Skill building
Which threat is associated with John Doe lawsuits regarding anonymity in IT?
Silencing critical speech by using the subpoena power
What is the goal of a white hat hacker in cyberattacks in IT?
To identify vulnerabilities of a company's information system to remediate them
Which two factors contribute to internet censorship in IT?
Totalitarian governments/Dependency on regional providers
A computer science student downloads a pirated copy of a movie and shares it with friends. What has the student infringed upon?
Copyright
A software company wants to assign competitive intelligence tasks to a group of its analysts. Which two actions should be taken to address the potential ethical challenges associated with this scenario?
Implement safeguards that prevent industrial espionage/Obtain approval from the legal department for data-gathering methods
Which part of the decision-making process involves defining a transition plan?
Implementing the decision
Which two intellectual property items are protected by a patent?
Inventions/Tools
Which type of attack is a common cause of data-level breaches with global scope?
Phishing
A data analytics company introduces a new artificial intelligence (AI) platform to help amusement park operators understand visitor preferences for rides, shows, and other entertainment. The analytics company tries to reduce bias in the system by ensuring that any ingested data is transformed to remove correlations between the target and a protected attribute. Which stage of the data ingestion process is the company in?
Preprocessing
What is an objective of a professional code of ethics in IT?
Provide benchmarks for self-assessment
Which scenario may create a conflict of interest between IT workers and clients?
A consulting firm that provides security services is conducting an independent security audit for a company and is recommending remediation methods.
Two programmers disagree about which philosophical theory is best suited for their autonomous vehicles. One programmer suggests their vehicle should always choose the greatest good for the greatest number of people. Which philosophical theory encapsulates this stance?
Utilitarianism
What are two main elements of a professional code of ethics in IT?
Core values/Common beliefs
An IT company holds itself accountable for how its actions affect its shareholders, consumers, employees, community, the environment, and suppliers. What is this company demonstrating?
Corporate social responsibility
A police department employee has access to data related to an ongoing investigation. A local politician whom the employee supports has come under investigation. The employee accesses the data relating to the investigation and provides the file to the politician anonymously. How should this behavior be classified?
Corruption
Which type of guidance is provided by professional codes of ethics within IT?
Course of action in cases of conflict of interest
A social media user discovers that a former romantic partner posted humiliating photos of the two together without obtaining the social media user's permission. The social media user suffers severe emotional distress as a result.
Cyberharassment
In response to the pressure from its shareholders, a publicly owned software company plans to implement a strict, globally consistent approach to prevent software piracy of its products that help with implementing green energy solutions. Which impact should be considered from an ethical standpoint due to digital divide?
A negative impact on demographics in less-developed countries
A software development company develops a public website for the federal government. The website is dedicated to remediating threats of a pandemic based on detailed specifications provided by the customer. During final tests, the company discovers specification flaws that could potentially aggravate the effects of the pandemic. What should the company do to mitigate its risk associated with strict liability?
Disclose the test results to the government
Which two aspects of an IT worker's responsibilities involve ethical issues that might arise in the relationship between IT workers and IT users?
Discouraging software piracy/Controlling information sharing
Which ethics-related consideration is addressed by the California Online Privacy Protection Act of 2003 and its amendments?
Do Not Track signals
A government contractor is rebuilding a telecommunications network. One of the contractor's employees discovers that the company is participating in illegal and unethical acts to defraud the government. The employee considers filing a lawsuit against the company on behalf of the government. Which law protects the employee if the lawsuit is filed?
False Claims Act
An organization wants to take steps against an anonymous person who posts inaccurate negative reviews about the organization on its website. Which tactic can the organization employ?
File a John Doe lawsuit
An international organization based in a foreign country invites a U.S. ambassador to help promote its communications business. In exchange for the promotion, the president of the organization offers the ambassador a family trip package for 15 days as a thank-you gesture, with a bonus check of an undisclosed amount. Which law did the organization potentially violate?
Foreign Corrupt Practices Act
An employee of a large tech company notices that the company is not taking the proper steps to protect consumer information. The employee has raised concerns to management multiple times but has been ignored. The employee finds that the company is harming the public interest and takes steps to attract public attention. Which action is the employee demonstrating?
Whistleblowing
A Federal Bureau of Investigation (FBI) agent monitors a telephone conversation between a 12-year-old child and the child's stepfather. The monitoring is part of a criminal investigation. A warrant was not obtained prior to commencement of the monitoring. Which law or regulation did the agent violate?
Wiretap Act
A company hires an independent contractor to build a website for a product launch. In the contract, the contractor agrees to deliver the finished website within two months. The company promises more contracts if the contractor successfully completes the project. The company provides the contractor with a laptop and tablet with unrestricted access. The schedule requires the contractor to work around 60 hours per week with no overtime compensation or paid time off. The contractor delivers the website, meeting the contract terms. However, the company does not award the contractor more contracts. The contractor sues the company on the grounds that the company misclassified the contractor and treated them as an employee. What establishes the contractor's grounds for arguing for the misclassification?
Working on a company-provided laptop and tablet
Which two common sources of proxy-based bias introduce ethical challenges associated with artificial intelligence (AI) in IT?
Zip code/School district
A company provides machine learning software that helps judges make decisions in parole hearings by assigning each person up for parole a score estimating the probability that they will commit another crime if paroled. The model was trained on the profiles of incarcerated people and information on whether they were sent back to prison after release. Race was not a variable that was included in the training data. However, it was uncovered that the model gave higher probabilities to members of certain races. It was found that a proxy variable was inadvertently included. Which data point in the incarcerated peoples' profiles was likely the variable understood by the machine learning models as a proxy for race?
Zip code
A new startup tech company plans to provide secure wireless access within its office for employees and other trusted visitors. The company has concerns about competitors eavesdropping or compromising the connections and obtaining unauthorized access to the company's intellectual property. The company is considering using Wireless Protected Access 2 (WPA2) to secure data in transit. Which protocol does this wireless protection implement?
Advanced Encryption Standard (AES)
Which type of ethically dubious but legal approach is used by IT professionals working for marketing companies to profile their customers?
Aggregation of personal data volunteered by consumers
A project team at an animal welfare agency is using predictive analytics to help take animals out of abusive environments. The algorithm the team designed has a false positive rate that is higher than zero, which means that some animals could be removed erroneously if the algorithm's recommendations are followed. The project owner understands that pets may wrongfully be removed from loving healthy homes but decides to use the algorithm anyway because it will happen only a small percentage of the time. Which ethical theory does this represent?
Consequentialism
A store manager of a home service company hires a data entry clerk to process customer returns. The data entry clerk is trained to enter data in the system for every customer record. An internal audit shows typographical mistakes in customers' records for the last two weeks. Which data aspect does the home service company need to address to reduce errors?
Accuracy
An organization enters customer information in different formats, styles, and varieties into a database. Two customers placed an order on January 12, 2022, but one customer's purchase date is entered as 01/12/22, whereas the other's is entered as 12/01/22. Which aspect of data could be negatively impacted by the format issue?
Accuracy
A homeowners' association (HOA) installs license plate readers after an increase in reported crime in the neighborhood. Two domestic workers petition the HOA, requesting that their data be deleted to protect their privacy. The HOA considers this but denies their request, citing the greater need for security protection for residents. Which ethical theory does this represent?
Consequentialism
A financial services company hires a consultant to help build its data analytics capabilities. The company and consultant have a binding agreement for a list of deliverables and a delivery schedule. The consultant completes the work but delivers it six weeks late. Which ethical problem is this consultant engaged in?
Breach of contract
What is the cause of the rise in computer-related security issues, particularly among small- and medium-sized businesses?
Bring your own device policies
An IT professional wants the proper credentials and knowledge that is required to collect data from devices affected by cyberattacks to ensure such data would be admissible as evidence in a court of law.
Certified Computer Examiner/EnCase Certified Examiner
An IT company that specializes in software development has an organizational structure that consists of a chief executive officer, chief ethics officer, chief finance officer, and chief operating officer. Which of these executives provides the company with vision and leadership in business conduct?
Chief ethics officer
A social media website collected personal information about consumers when they subscribed to the service. Subscribers opted in or out before creating their online profiles. Which European Union Data Protection Directive did the website follow?
Choice
What are two components of the concept of information privacy?
Communication privacy/Data privacy
Which legislation protects social networking companies from defamation lawsuits in connection with user postings that appear on the companies' sites?
Communications Decency Act (CDA)
Individuals need to be given an opportunity to correct inaccurate information held about them in databases. Which societal impact drives this capability?
Companies make decisions based on accurate data
Which two ways may advances in technology affect common ethical assumptions?
Companies take advantage of their privileged access to personal user data to benefit their shareholders./Surveillance allows companies to increase productivity by closely watching their employees' behavior.
What are two reasons IT job seekers should invest in obtaining a vendor's product certification? Choose 2 answers.
Competitive salary offers/Increased hiring demand
Before an IT employee transfers to a new job, the chief information officer (CIO) asks the employee to review a business proposal from the employee's future company. Which situation does this place the employee in?
Conflict of interest
A car manufacturer decides to alter its emission testing to pass regulatory requirements. The emission reduction system is only used during tests. The system is not engaged during normal driving conditions in order to improve fuel efficiency, torque, and acceleration. Which step in the ethical decision-making process should have been used to evaluate the environmental impact of this decision?
Develop problem statement
A healthcare company decides to adopt an artificial intelligence (AI) solution to help identify which doctors and drugs will provide the greatest value to patients. The data team is feeding four years of data into the system, including pharmacy and insurance claims. Based on this data, the AI will make recommendations based on which doctors and drugs should result in the best healthcare outcomes for patients. A data scientist is concerned about the disparate data sources and the fact that all information about a patient's medical history and ongoing treatment will be easily accessible. What should the data scientist provide to the AI to ensure a comprehensive data set?
Electronic health record (EHR)
A newly founded IT startup has ambitious goals for the upcoming year and decides to rapidly onboard many contingent workers. What are two potential disadvantages of hiring contingent workers from the startup's perspective? Choose 2 answers.
Employees feeling disconnected from the company/Ethical dilemmas from employment with no benefits
An auditor tries to test the existence of bias within an artificial intelligence (AI) system. The auditor needs to determine if the model's predictions are equivalent across each protected class. What is the auditor testing for based on a fairness metric?
Equal representation
While on vacation, an IT leader leaves a manager in charge of a major client project. Because the IT leader's team abides by a strong code of ethics, the IT leader knows the manager has the tools to perform ethical self-assessment during and after any challenging situations that may arise. Which benefit of following a professional code of ethics do these self-assessment tools provide?
Evaluation benchmark
Which major U.S. regulation governs the collection, disclosure, and protection of consumers' personally identifiable information (PII) data by companies that provide financial products and services?
Gramm-Leach-Bliley Act
A hospital wants to improve patient outcomes while reducing the amount of time it takes to send and receive a patient's treatment records to and from a neighboring hospital. The hospital engages a technology organization to create an electronic bridge to better facilitate faster data transfer while minimizing the threat of external parties compromising the data. Which type of technology solution does the hospital implement?
Health information exchange
What are the consequences of more lenient bring your own devices (BYOD) policies for IT?
Increased productivity and increased vulnerability to data system breaches
A company is engaged as a third party to perform debt collection on behalf of a telecommunications provider. The company operates an outbound call center to contact debtors and set up payment arrangements. The company needs to ensure that the debtors' data privacy is not at risk. Which two areas should the company ensure are properly managed?
Insider access/Network security
A security company performs a superficial investigation of a data breach and issues a root cause analysis that unintentionally misses key details about the means to remediate the existing vulnerabilities. It is found that the security company has insufficient expertise. What is the potential impact of the behavior by the security company?
Misrepresentation charges
Which aspect of the computer security triad provides guidance when dealing with data accuracy in IT?
Integrity
The United Nations Security Council (UNSC) is briefed on a cyberattack in which hackers were able to breach system integrity, gain access to sensitive data, and manipulate the data without being noticed. What should the UNSC use to be alerted to these threats in the future?
Intrusion Detection System (IDS)
Why is fake news a threat in IT?
It is misrepresented as facts./It is driven by ulterior motives.
A new tech startup in the U.S. is considering hiring a large group of workers to complete a new project. It has considered the pros and cons of hiring temporary foreign workers versus training full-time employees for this project. To lower costs, the company decides to hire H-1B workers. What is a potential risk the new company faces by hiring these H1-B workers?
Lack of employee loyalty
An IT manager implements security measures at the organization, network, application, and employee levels. Which approach to security is the manager using?
Layered
A municipality decides to use the data it has on household water usage to build an algorithm that can identify welfare fraud. This would result in a list of potential fraudsters that could be used to make welfare decisions. Although the municipality is the rightful owner and processor of the data, citizens have raised privacy issues with the application. The citizens object that they have no way of knowing whether they are on the list and have no possibility of redress if they are. Which decision-making process did the municipality follow?
Legal but unethical
Which verification should a software engineer obtain from the state to serve as proof of professional ability?
License
A software engineering company offers its employees free technical training every year. Many of its software engineers are taking the training to further their knowledge in the design, development, and testing of software. Which concept of the Software Engineering Code of Ethics and Professional Practice are the engineers following?
Lifelong learning
A company is using software to track workforce operational activity. Management communicates that the data collected will be treated as sensitive. Administrative and technical security measures are put in place to protect employee data. These measures include periodically culling records that are no longer relevant. Which additional measure should be taken to safeguard employee data from misuse?
Limit who can view employee data
A company releases a new financial software package. Along with the installation program, the company includes a written assurance that the program meets appropriate levels of quality. It also provides for specific remedies in the case of malperformance. What did the company use to limit its legal liabilities?
Limited warranty
What is the primary goal for a supply chain relating to corporate social responsibility (CSR)?
Sustainability
A company is notified of a breach of its systems. An investigation reveals that although no financial information was taken, the customer records for all its customers, including names, email addresses, and passwords, may have been taken. Although it is uncertain whether the records were taken, evidence suggests that the intruders accessed the database containing the information. The investigation team indicates that, given six weeks, they will be able to identify what, if anything, has been taken. Which action should the company take?
Notify all customers that there may have been a data breach
An aircraft company has developed an updated model of one of its best-selling airliners. It has attempted to keep new systems to a minimum so that existing pilots do not require expensive simulator retraining. During development, the company authorized a new software system to keep the aircraft in balanced flight. In rare circumstances during testing, the system caused uncommanded nose-down inputs, which in the worst case could lead to a crash. Which two groups should the company inform to mitigate the potential liability? Choose 2 answers.
Operator airlines/Regulatory authority
A university is authoring a code of ethics for its professors to abide by to promote high standards of practice and ethical behavior. What are the two main parts of a code of ethics the university should include? Choose 2 answers.
Outline of the organization's aspirations/List of rules and principles to follow
What should be the primary ethical obligation of an IT professional regarding customer profiling data?
Preventing unauthorized data disclosure
A well-respected IT professional from a small software company uses resume inflation when searching for a new position. Which two ethical challenges may encourage this behavior?
Prioritization of personal loyalty/Disregard for the professional code of conduct
Which area of ethical concerns in IT deals directly with information ownership?
Property
A researcher develops a new model based on artificial intelligence (AI) to assist with tracking the movement of foreign nationals into and out of the United States. Due to ongoing civil unrest in Middle Eastern countries, the researcher wants to ensure that the nationality marker within the data set is not affected by AI bias. Which concept should be applied to the data set to reduce or eliminate AI bias?
Protected attribute
An attending physician at a local hospital receives an email with a link that appears to be from a neighboring clinic. When the physician clicks the link, computers throughout the hospital freeze, and patient information can no longer be accessed. A message appears demanding payment of five bitcoins within 48 hours to decrypt the hospital database and threatening that without payment, all information will be deleted. Which type of exploit is this?
Ransomware
A retail company experiences a data breach. Customer data is stolen, including credit card numbers, names, addresses, and account passwords. The attackers have amassed enough combinations of personally identifiable information (PII) to commit identity theft. Which adverse impacts, in addition to the loss of business, does the company face?
Reputational damage and the need to provide support for victims
An organization is evaluating potential harm to its networks to ensure data is stored accurately and securely from both internal and external threats. What is the process the organization is following?
Risk assessment
Which measure of the confidentiality, integrity, and availability (CIA) triad should be used by IT professionals at the organization level to supply validation of non-repudiation regarding data access in IT?
Security audit
Which type of cyberattack uses text messages to trick victims into disclosing personal information that can subsequently be exploited for a financial gain?
Smishing
A local community opposes the building of a new factory in its neighborhood and has organized on social media to run a posting campaign to shut down construction. To silence community members, the building corporation decides to go to court to intimidate them. Which threat is the corporation implementing?
Strategic lawsuits against public participation (SLAPP)
What is the meaning of ethics in the context of ethical judgment?
The code of behavior defined by a group an individual belongs to
A patient visited a primary care doctor for headaches and was referred to a specialist clinic that deals with neuroimaging. After visiting the specialist, the patient receives results that do not seem to match their symptoms. After calling the clinic, the patient discovers that their electronic health records (EHRs) from the primary care provider were mismatched with another patient's records when the patient visited the specialist. What is the cause of the mismatch?
The lack of a nationwide unique patient identifier impedes error-free matching of an individual's files.
What is the meaning of morals in the context of ethical judgment?
The personal principles that determine what an individual considers to be right or wrong
A patient received treatment at an urgent care facility. Prior to being seen, the patient completed the required Health Insurance Portability and Accountability Act (HIPAA) forms. The doctor recorded all relevant treatment data in the urgent care facility's electronic medical record (EMR) system. Which entity is responsible for ensuring the accuracy of the patient's medical information stored in the EMR?
The urgent care facility
Why is hate speech a threat in IT?
There are insufficient resources to prescreen online content./There is a lack of assumed responsibility for online content posted by others.
What are two reasons why professional codes of ethics in IT are important?
They identify the acceptable behaviors for interacting with customers./They identify the unacceptable behaviors for interacting with customers.
A software sales company is currently struggling with low sales. The company is aware that one of its competitor's senior sales managers is dissatisfied with the competitor due to having been overlooked for a promotion to the position of a vice president (VP). The company approaches the sales manager and offers them a position as VP for sales on the condition of bringing the manager's existing customer list and contacts to the new role. The sales manager is bound by a noncompete clause. Which type of decision-making process did the company follow?
Unethical and illegal
The marketing department of a financial services institution asks data scientists to build a consumer profile based on transaction data. Although company lawyers approve the request to explicitly signal customers with potential gambling addiction problems, the data scientists refuse to build the profiles. What describes this request?
Unethical and legal