IA 673 chapter 2

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which of the following organizations put forth a code of ethics designed primarily for InfoSec professionals who have earned their certifications? The code includes the canon: Provide diligent and competent service to principals. ACM ISACA (ISC)2 SANS

(ISC)2

Which of the following ethical frameworks is the study of the choices that have been made by individuals in the past? Normative ethics Deontological ethics Descriptive ethics Applied ethics

Descriptive ethics

The penalties for offenses related to the National Information Infrastructure Protection Act of 1996 depend on whether the offense is judged to have been committed for several reasons. Which of the following is NOT one of those reasons? For political advantage For purposes of commercial advantage In furtherance of a criminal act For private financial gain

For political advantage

​Due diligence requires that an organization make a valid and ongoing effort to protect others. ____________ True False

True

Which of the following is NOT used to categorize some types of law? regulatory statutory constitutional international

international

Which of the following is compensation for a wrong committed by an individual or organization? due diligence liability restitution jurisdiction

restitution

When an incident violates civil or criminal law, it is the organization's responsibility to notify the proper authorities; selecting the appropriate law enforcement agency depends on __________. how many perpetrators were involved the network provider the hacker used the type of crime committed what kind of computer the hacker used

the type of crime committed

Which ethical standard is based on the notion that life in community yields a positive outcome for the individual, requiring each individual to contribute to that community? fairness or justice utilitarian common good virtue

utilitarian

A more recently created area of law related to information security specifies a requirement for organizations to notify affected parties when they have experienced a specified type of information loss. This is commonly known as a __________ law. spill compromise breach notification

breach

Ethics carry the sanction of a governing authority. True False

False

Information ambiguation occurs when pieces of nonprivate data are combined to create information that violates privacy. _________________________ True False

False

Which law addresses privacy and security concerns associated with the electronic transmission of PHI? USA PATRIOT Act of 2001 National Information Infrastructure Protection Act of 1996 American Recovery and Reinvestment Act Health Information Technology for Economic and Clinical Health Act

Health Information Technology for Economic and Clinical Health Act

Any court can impose its authority over an individual or organization if it can establish which of the following? liability sovereignty jurisdiction jurisprudence

jurisdiction

Permission to search for evidentiary material at a specified location and/or to seize items to return to the investigator's lab for examination is known as a(n) _________. forensic clue subpoena affidavit search warrant

search warrant

Which of the following is NOT a requirement for laws and policies to deter illegal or unethical activity? fear of penalty probability of being penalized fear of humiliation probability of being caught

fear of humiliation

The coherent application of methodical investigatory techniques to collect, preserve, and present evidence of crimes in a court or court-like setting is known as _________. crime scene investigation data imaging evidentiary material forensics

forensics

In digital forensics, all investigations follow the same basic methodology once permission to search and seize is received, beginning with _________. acquiring (seizing) the evidence without alteration or damage investigating allegations of digital malfeasance identifying relevant items of evidentiary value analyzing the data without risking modification or unauthorized access

identifying relevant items of evidentiary value

_________ devices often pose special challenges to investigators because they can be configured to use advanced encryption and they can be wiped by the user even when the user is not present. Expansion Portable Desktop computer Satellite transceiver

Expansion Portable

A(n) compromise law specifies a requirement for organizations to notify affected parties when they have experienced a specified type of loss of information. ____________ True False

False

ISACA is a professional association with a focus on authorization, control, and security. ___________ True False

False

Which act requires organizations that retain health care information to use InfoSec mechanisms to protect this information, as well as policies and procedures to maintain them? HIPAA Sarbanes-Oxley ECPA Gramm-Leach-Bliley

HIPAA

This collaborative support group began as a cooperative effort between the FBI's Cleveland field office and local technology professionals with a focus of protecting critical national infrastructure. InfraGard CyberGard Homeland Security CyberWatch

InfraGard

A process focused on the identification and location of potential evidence related to a specific legal action after it was collected through digital forensics is known as _________. e-discovery indexing root cause analysis forensics

e-discovery

Which subset of civil law regulates the relationships among individuals and among individuals and organizations? private criminal public tort

private

Digital forensics can be used for two key purposes: ________ or _________. to investigate allegations of digital malfeasance; to solicit testimony to investigate allegations of digital malfeasance; to perform root cause analysis e-discovery; to perform root cause analysis to solicit testimony; to perform root cause analysis

to investigate allegations of digital malfeasance; to perform root cause analysis

Which act is a collection of statutes that regulates the interception of wire, electronic, and oral communications? Federal Privacy Act of 1974 The Telecommunications Deregulation and Competition Act of 1996 The Electronic Communications Privacy Act of 1986 National Information Infrastructure Protection Act of 1996

The Electronic Communications Privacy Act of 1986

​Deterrence is the best method for preventing an illegal or unethical activity. ____________ True False

True

Sworn testimony that certain facts are in the possession of the investigating officer and that they warrant the examination of specific items located at a specific place is known as a(n) _________. affidavit search warrant forensic finding subpoena

affidavit

Which of the following is the best method for preventing an illegal or unethical activity? Examples include laws, policies, and technical controls. rehabilitation persecution deterrence remediation

deterrence

Investigations involving the preservation, identification, extraction, documentation, and interpretation of computer media for evidentiary and root cause analysis are known as _________. crime scene investigation digital forensics criminal investigation e-discovery

digital forensics


Conjuntos de estudio relacionados

Managerial Accounting: Vocab Ch. 10

View Set

Unit 10 - Real Estate Agency - Terms and Definitions

View Set

Stat: Homework_Chapter 5 (5.1-5.4)

View Set

REG Chapter 16 (Quiz 3- Business Org)

View Set