Ch 12
Which act is a collection of statutes that regulates the interception of wire, electronic, and oral communications? a. The Electronic Communications Privacy Act of 1986 b. Federal Privacy Act of 1974 c. National Information Infrastructure Protection Act of 1996 d. The Telecommunications Deregulation and Competition Act of 1996
a
Which law extends protection to intellectual property, which includes words published in electronic formats? a. Freedom of Information Act b. U.S. Copyright Law c. Security and Freedom through Encryption Act d. Sarbanes-Oxley Act
b
Which of the following is compensation for a wrong committed by an employee acting with or without authorization? a. jurisdiction b. restitution c. liability d. due diligence
b
Which of the following is the best method for preventing an illegal or unethical activity? Examples include laws, policies and technical controls. a. remediation b. deterrence c. rehabilitation d. persecution
b
Which of the following organizations put forth a code of ethics designed primarily for InfoSec professionals who have earned their certifications? The code includes the canon: Provide diligent and competent service to principals. a. ISACA b. (ISC)2 c. SANS d. ACM
b
Which of the following ethical frameworks is the study of the choices that have been made by individuals in the past; attempting to answer the question, what do others think is right? a. Deontological ethics b. Descriptive ethics c. Normative ethics d. Applied ethics
bb
Which Amendment to the U.S. Constitution starts with: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated? a. First b. Second c. Third d. Fourth
d
Which act requires organizations that retain health care information to use InfoSec mechanisms to protect this information, as well as policies and procedures to maintain them? a. Gramm-Leach-Bliley b. HIPAA c. Sarbanes-Oxley d. ECPA
HIPAA
The current law regarding nationwide search warrants for e-mail requires the government to use a search warrant to compel a provider to disclose unopened e-mail that is more than six months old. True False
false
An organization increases its _____________ if it refuses to take measures—due care—to make sure that every employee knows what is acceptable and what is not, and the consequences of illegal or unethical actions.
liability
___________________ is a subset of civil law that allows individuals to seek redress in the event of personal, physical, or financial injury.
tort law
An item does not become evidence until it is formally admitted to evidence by a judge or other ruling official. True False
true
The penalties for offenses related to the National Information Infrastructure Protection Act of 1996 depend on whether the offense is judged to have been committed for one of the following reasons except which of the following? a. In furtherance of a criminal act b. For private financial gain c. For purposes of commercial advantage d. For political advantage
NOT A or C
Which type of document grants formal permission for an investigation to occur? a. search warrant b. affidavit c. evidentiary report d. forensic concurrence
NOT C try A
Any court can impose its authority over an individual or organization if it can establish which of the following? a. jurisdiction b. sovereignty c. liability d. jurisprudence
a
Which law requires mandatory periodic training in computer security awareness and accepted computer security practice for all employees who are involved with the management, use, or operation of each federal computer system? a. The Computer Security Act b. Computer Fraud and Abuse Act c. National Information Infrastructure Protection Act d. The Telecommunications Deregulation and Competition Act
a
Which two approaches are available to an organization when employing digital forensics? a. Pursue and prosecute; Identify and apprehend b. Protect and forget; Apprehend and prosecute c. Patch and proceed; Protect and forget d. Protect and defend; Apprehend and pursue
b
Which law addresses privacy and security concerns associated with the electronic transmission of PHI? a. USA Patriot Act of 2001 b. American Recovery and Reinvestment Act c. Health Information Technology for Economic and Clinical Health Act d. National Information Infrastructure Protection Act of 1996
c
Which of the following is the study of the rightness or wrongness of intentions and motives as opposed to the rightness or wrongness of the consequences and is also known as duty- or obligation-based ethics? a. Applied ethics b. Normative ethics c. Deontological ethics d. Meta-ethics
c
Ethics,are based on ___________________, which are the relatively fixed moral attitudes or customs of a societal group.
cultural mores
In digital forensics, all investigations follow the same basic methodology. Which of the following should be performed first in a digital forensics investigation? a. Analyze the data without risking modification or unauthorized access b. Report the findings to the proper authority c. Acquire (seize) the evidence without alteration or damage d. Identify relevant items of evidentiary value (EM)
d
The first component of the analysis phase is ___________, which allows the investigator to quickly and easily search for a specific type of file.
indexing
Which type of law regulates the relationships among individuals and among individuals and organizations? a. criminal b. private c. public d. tort
private
Ethics carry the sanction of a governing authority. True False
false
The Secret Service is charged with the detection and arrest of any person committing a U.S. federal offense relating to computer fraud, as well as false identification crimes. True False
true