ITE302 - FPT Final 3

28 To the detriment of all concerned, the importance of ethics and human values have been over emphasized in the midst of many IT breakthroughs in recent years.

*False

32 Professionals require advanced training and experience, they must exercise discretion and judgment in the course of their work; and their work can be easily standardized.

*False

35 There has been a lowering of expectations for the clients of professional service organizations. They are less aware of what they need from service providers and less willing to look outside their own organization to get the best possible services.

*False

37 The Business Software Alliance is a trade group that represents the world's largest software and hardware manufacturers and whose goal is to stop unauthorized software produced by its members. Each year it receives over 25,000 piracy reports.

*False

38 The cost of "getting legal" by acquiring the correct number of software licenses is many times more expensive than the cost of criminal or civil penalties to a corporation or the people involved in software piracy.

*False

39 The design of new software code and computer hardware cannot be treated as a trade secret.

*False

4 There is near universal opposition to the practice of illegally making copies of software or enabling others to access software to which they are not entitled.

*False

40 Whistle-blowing is an effort by an organization's marketing people to call attention to a new product or new feature in an existing product.

*False

41 The relationship between IT workers and clients is usually documented in a contract that specifies who does what, when the work begins, how long it will take, and how much the client will pay. However, decision making is solely the responsibility of the IT worker.

*False

43 Fraud is the misstatement or incomplete statement of a material fact.

*False

44 Bribery involves providing money, property, or favors to someone in business or government to obtain a business advantage.

*False

47 IT workers cannot be held responsible for creating an environment that supports the ethical behavior of IT users.

*False

48 IT workers have a duty to understand a user's needs and capabilities and to deliver products and services that best meet those needs without regard for the costs and time involved.

*False

5 An individual who exhibits few vices and many virtues is said to be a person of high integrity.

*False

51 Participation in an IT professional organization does little to help IT workers stay on top of the many new developments in their field.

*False

52 The Association of Information Technology Professionals (AITP) was founded in 1947 and has 24,000 student members and 68,000 professional members in more than 100 countries.

*False

53 Licensing applies to both people and products, and indicates that a professional possesses a particular set of skills, knowledge, or abilities.

*False

57 A breach of duty of care addresses only the failure to act as a reasonable person would act. It does not address the failure to act when there is a duty to do so.

*False

59 There is little organizations can do to stop employees who participate in chat rooms, view pornographic sites, and play computer games while at work.

*False

6 Ethics defines one's personal beliefs about right and wrong.

*False

60 Organizations must implement systems and procedures to provide access to all organizational data by all employees no matter where they are located.

*False

61 Societe Generale, France's second largest banking establishment, had long had a reputation for having poor internal controls. It is no wonder that a relatively inexperienced trader was able to take advantage of the bank's system of weak internal controls to exceed his trading limit and cause the bank to lose more than €4.9 billion.

*False

64 A zero-day attack is an attack on an information system that takes advantage of a particular system vulnerability before the security community or system developer knows about the vulnerability or has been able to repair it. Such attacks are quite common and occur nearly everyday.

*False

65 Unlike a computer worm, which requires users to spread infected files to other users, a virus is a harmful program that resides in the active memory of the computer and duplicates itself. A virus can propagate without human intervention.

*False

69 The cost of creating an e-mail campaign for a product or a service can easily exceed the cost of a direct-mail campaign. Such an e-mail campaign also typically takes longer to develop.

*False

70 Phishing frequently leads consumers to counterfeit Web sites designed to trick them into initiating a denial-of-service attack.

*False

71 A hacktivist is a person who wishes to destroy the infrastructure components of financial institutions, utilities, and emergency response units.

*False

74 Industrial espionage and competitive intelligence are the same thing.

*False

75 The use of smart cards which contain a memory chip that is updated with encrypted data every time the card is used, is much more popular in the United States than Europe.

*False

77 Individuals committed to trustworthy computing take a pledge to not send viruses and worms and to refrain from spamming others.

*False

78 The Computer Fraud and Abuse Act addresses identity theft.

*False

79 The security of any system or network is a combination of technology, policy, and people and requires a surprisingly narrow range of activities to be effective.

*False

8 The risks associated with inappropriate behavior have decreased, both in their likelihood and in their potential negative impact.

*False

81 A security policy details exactly what needs to be done and how it must be accomplished.

*False

83 While it is important that employees should be well aware of an organization's security policies, this information should not be shared with part-time workers and contractors.

*False

84 Installation of a corporate firewall is the most common security precaution taken by business. Once a good firewall is in place, the organization is safe from future attacks.

*False

85 Antivirus software works to prevent an attack by blocking viruses, malformed packets, and other threats from getting into the protected network.

*False

86 Organizations must define employee roles so that a single employee can input as well as approve purchase orders. Such action is needed to provide adequate redundancy in the event of a pandemic or other form of disaster.

*False

88 An intrusion prevention system is software and/or hardware that monitors system and network resources and activities, and notifies network security personnel when it identifies possible intrusions from outside the organization or misuse from within the organization.

*False

89 An organization can never be prepared for the worst—a successful attack that defeats all or some of a system's defenses and damages data and information systems.

*False

93 The right to personal privacy is explicitly spelled out in the Constitution.

*False

94 The right to privacy is closely associated with the Second Amendment to the Constitution.

*False

95 Roger Clark, director of the ACLU, first coined the term information privacy which is the combination of communications privacy and data privacy.

*False

98 The Children's Online Privacy Protection Act requires a Web site that caters to children to offer comprehensive privacy policies and to receive parental consent before collecting any personal information from children under 18 years of age.

*False

99 Title III of the Omnibus Crime Control and Safe Streets Act is also know as the Wiretap Act and authorizes wiretapping and electronic eavesdropping without the requirement of first obtaining a warrant from a judge.

*False

1 Pretexting involves the use of false pretenses to gain access to the personal records of individuals.

*True

10 Companies that are viewed as harmful to their community may find that negative publicity reduces sales, impedes relationships with some business partners, and attracts unwanted government attention.

*True

12 Employees may suppress their tendency to act in a manner that seems ethical to them and instead act in a manner that will protect them against anticipated punishment.

*True

15 A rapid increase in the appointment of corporate ethics officers typically follows the revelation of a major business scandal.

*True

18 The goal of the Sarbanes-Oxley Act was to renew investor's trust in corporate executives and their firm's financial reports following numerous financial scandals in the early 2000's.

*True

22 Most of us have developed a decision-making process we use almost automatically, without thinking about the steps we go through.

*True

23 The development of a good problem statement is the most critical step in the

*True

29 The general public does not understand the critical importance of ethics as they apply to IT, as too much emphasis has been placed on technical issues.

*True

3 Morality refers to social conventions about right and wrong that are so widely shared that they become the basis for an established consensus.

*True

30 In the business world, important IT decisions are too often left to the technical experts; general business managers must assume greater responsibility for these decisions.

*True

31 Dorothea Perry and Robert Gross were put on probation and subsequently fired for job-performance issues by their employer, Collegis, shortly after reporting that they found child pornography on the computer of a professor at New York Law School.

*True

33 Many professional roles carry special rights and responsibilities.

*True

34 From a legal perspective, IT workers are not recognized as professionals because they are not licensed by the state or federal government.

*True

36 Although end users often get the blame when it comes to using illegal copies of commercial software, software piracy in a corporate setting is sometimes directly traceable to IT staff members.

*True

42 Theft is the crime of obtaining goods, services, or property through deception or

*True

45 The key distinguishing factor between a gift and a bribe is that no gift should be hidden.

*True

46 Studies have shown that around 10 percent of all job applicants seriously misrepresent their backgrounds on their resumes.

*True

49 Most codes of ethics created by professional organizations have two main parts: one part outlines what the professional organization aspires to become, and the other part lists rules and principles by which members of the organization are expected to abide.

*True

50 Adherence to a code of ethics reminds professionals of the responsibilities and duties that they may be tempted to compromise to meet the pressures of day-to-day business.

*True

54 Certifications that are tied to a vendor's product are relevant for job roles with very specific requirements or certain aspects of broader roles. Sometimes, however, vendor certifications are too focused on technical details of the vendor's technology and do not address more general concepts.

*True

55 The requirements for certification generally require that the individual has the prerequisite education and experience, sits for and passes an exam, and commits to and abides by a code of ethics established by the organization providing the certification.

*True

56 The lack of agreement on the core body of knowledge for various IT roles is a primary reason for the lack of international or national licensing programs for IT professions.

*True

58 No policy can stop wrongdoers from taking inappropriate actions, but it can set forth the general rights and responsibilities of all IT users, establish boundaries of acceptable and unacceptable behavior and enable management to punish violators.

*True

62 Although the necessity of security is obvious, it must often be balanced against other business needs and issues. As a result, most organizations spend 5 percent or less of their overall IT budget on information security.

*True

63 According to the 2008 CSI Computer Crime and Security Survey, virus related incidents were the most common security incident.

*True

66 The cost to repair the worldwide damage done by a computer worm has exceeded $1 billion on more than one occasion.

*True

67 A distributed denial-of-service attack keeps the target so busy responding to a stream of automated requests that legitimate users cannot access the target.

*True

68 Rootkit is a set of programs that enables its users to gain administrator level access to a computer without the end user's consent or knowledge. Fortunately, rootkits are fairly easy to discover and remove from infected computers.

*True

7 The United States has one of the lowest software piracy rates in the world, along with Luxembourg and New Zealand.

*True

72 Crackers break into other people's networks and systems to cause harm—defacing Web pages, crashing computers, and spreading harmful programs or hateful messages.

*True

73 Fraud often involves some form of collusion, or cooperation, between an employee and an outsider.

*True

100 The Foreign Intelligence Surveillance Act allows the surveillance and collection of information about foreign governments or agents of foreign governments or organizations, only if a warrant is obtained from the FISA court within 72 hours after surveillance begins.

*False

11 Multinational and global organizations must not present a consistent face to their shareholders, customers, and suppliers but instead must operate with a different value system in each country they do business in.

*False

13 The United States Supreme Court has established that an employer cannot be held responsible for the acts of its employees if the employees act in a manner contrary to corporate policy and their employer's directions.

*False

14 The Department of Justice has established sentencing guidelines that suggest stiffer penalties for convicted executives if their companies have ethics programs.

*False

16 An organization's mission statement highlights its key ethical issues and identifies the overarching values and principles that are important to the organization and its decision making

*False

17 Apple was the highest rated U.S.-based, publicly held IT company by Business Ethics magazine based on its performance between 2000 and 2007.

*False

19 Lawrence Kohlberg found that many factors stimulate a person's moral development, but one of the most crucial is monetary reward for good behavior.

*False

2 The stock price of Hewlett-Packard dropped dramatically as a result of a scandal involving the leaking of information about HP's long term strategy to the news media.

*False

20 Well over half of all organizations include ethical conduct as part of an employee's performance appraisal.

*False

21 An individual's manager has very little impact on his/her ethical behavior.

*False

24 Problem stakeholders who stand to lose or gain from a situation should be kept out of the decision making process as they will simply introduce their personal biases.

*False

25 The utilitarian approach to ethical decision making treats everyone the same and shows no favoritism or discrimination.

*False

26 The virtue ethics approach to decision making states that you should choose the action or policy that has the best overall consequences for all people who are directly or indirectly affected.

*False

27 If the desired results are not achieved upon implementation of the solution, one should return to the "identify alternatives" step of the decision making process and rework the decision.

*False

76 The USA Patriot Act defines cyberterrorism as hacking attempts that cause $5,000 in aggregate damage in one year, damage to medical equipment, or injury to any person. Because the $5,000 threshold is easy to exceed, many young people who have been involved in what they consider to be "minor computer pranks" have found that they meet the criteria to be tried as cyberterrorists.

*True

80 A completed risk assessment identifies the most dangerous threats to a company and helps focus security efforts on the areas of highest payoff.

*True

82 Whenever possible, automated system rules should mirror an organization's written policies.

*True

87 It is not unusual for a security audit to reveal that too many people have access to critical data and that many people have capabilities beyond those needed to perform their jobs.

*True

9 A stakeholder is someone who stands to gain or lose, depending on how a situation is resolved.

*True

90 Discussing security attacks through public trials and the associated publicity has not only enormous potential costs in public relations but real monetary costs as well.

*True

91 The use of information technology in business requires balancing the needs of those who use the information that is collected against the rights and desires of the people whose information is being used.

*True

92 One of the key factors affecting the growth of e-commerce is the lack of Internet users' confidence in online privacy.

*True

96 The Gramm-Leach-Bliley Act repealed the prohibition of any one institution from offering investment, commercial banking, and insurance services. It also included three key rules that affect personal privacy: financial privacy rule, safeguards rule, and pretexting rule.

*True

97 HIPPA requires healthcare organizations to employ standardized electronic transactions, codes, and identifiers to enable them to fully digitize medical records thus making it possible to exchange medical records over the Internet.

*True