Ball State CIS 410 Hua Chapter 2
Which law requires mandatory periodic training in computer security awareness and accepted computer security practice for all employees who are involved with the management, use, or operation of a federal computer system?
The Computer Security Act
Describe the Freedom of Information Act. How does its application apply to federal vs. state agencies?
The Freedom of Information Act (FOIA) allows for the disclosure of previously undisclosed information and documents controlled by the US government. The FOIA applies only to federal agencies and does not affect local state agencies.
Describe the foundations and frameworks of ethics.
Traditional foundations and frameworks of ethics include: 1. Normative ethics- what makes actions right or wrong 2. Meta-ethics- the meaning of ethical judgements and properties 3. Descriptive ethics- the choices that have been made by individuals in the past 4. Applied ethics- applies moral codes to actions drawn from realistic situations 5. Deontological ethics- the rightness or wrongness of intentions and motives as opposed to the rightness or wrongness of the consequences
The Gramm-Leach-Bliley (GLB) Act, also known as the Financial Services Modernization Act of 1999, contains a number of provisions that affect banks, securities firms, and insurance companies.
True
An organization increases its liability if it refuses to take the measures a prudent organization should; this is known as the standard of _____________.
due care
A process focused on the identification and location of potential evidence related to a specific legal action after it was collected through digital forensics is known as _________.
e-discovery
The branch of philosophy that considers nature, criteria, sources, logic, and the validity of moral judgment is known as ___________.
ethics
Which of the following is NOT a requirement for laws and policies to deter illegal or unethical activity? fear of humiliation probability of being penalized probability of being caught fear of penalty
fear of humiliation
The coherent application of methodical investigatory techniques to collect, preserve, and present evidence of crimes in a court or court-like setting is known as _________.
forensics
In digital forensics, all investigations follow the same basic methodology once permission to search and seize is received, beginning with _________.
identifying relevant items of evidentiary value
There are three general categories of unethical behavior that organizations and society should seek to eliminate. Which of the following is NOT one of them? malice accident ignorance intent
malice
Which of the following is the study of the rightness or wrongness of intentions and motives as opposed to the rightness or wrongness of the consequences (also known as duty- or obligation-based ethics)? Applied ethics Meta-ethics Normative ethics Deontological ethics
Deontological ethics
Which of the following ethical frameworks is the study of the choices that have been made by individuals in the past? Deontological ethics Normative ethics Descriptive ethics Applied ethics
Descriptive ethics
ISACA is a professional association with a focus on authorization, control, and security.
False
Which law extends protection to intellectual property, which includes words published in electronic formats?
U.S. Copyright Law
Sworn testimony that certain facts are in the possession of the investigating officer and that they warrant the examination of specific items located at a specific place is known as a(n) _________.
affidavit
Which of the following is compensation for a wrong committed by an individual or organization? due diligence liability restitution jurisdiction
restitution
It is the responsibility of InfoSec professionals to understand state laws and bills.
False
To protect intellectual property and competitive advantage, Congress passed the Entrepreneur Espionage Act (EEA) in 1996.
False
The penalties for offenses related to the National Information Infrastructure Protection Act of 1996 depend on whether the offense is judged to have been committed for several reasons. Which of the following is NOT one of those reasons? For political advantage For private financial gain For purposes of commercial advantage In furtherance of a criminal act
For political advantage