security test ch 3

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

embodies a wide variety of laws pertaining to relationships between and among individuals and organizations

Civil law

Originates from a judicial branch or oversight board and involves the interpretation of law based on the actions of a previous and/or higher court or board.

Common Law, Case Law, and Precedent:

employee agreed to comply with the policy through act or affirmation. Common techniques include logon banners, which require a specific action (mouse click or keystroke) to acknowledge agreement, or a signed document clearly indicating the employee has read, understood, and agreed to comply with the policy.

Compliance (agreement

Originates with the U.S. Constitution, a state constitution, or local constitution, bylaws, or charter.

Constitutional Law

addresses violations harmful to society and is actively enforced and prosecuted by the state. Criminal law addresses statutes associated with traffic law, public order, property damage, and personal damage, where the state takes on the responsibility of seeking retribution on behalf of the plaintiff, or injured party.

Criminal law

What are the primary examples of public law?

Criminal, administrative and constitutional law.

the relevant policy has been made readily available for review by the employee: hardcopy/E-Distr.

Dissemination (distribution)

informally referred to as the wiretapping act, is a collection of statutes that regulates the interception of wire, electronic, and oral communications

Electronic Communications Privacy Act (ECPA)

The branch of philosophy that considers nature, criteria, sources, logic, and the validity of moral judgment.

Ethics

which mandates that all federal agencies establish information security programs to protect their information assets.

Federal Information Security Management Act (FISMA

Pieces of nonprivate data that, when combined, may create information that violates privacy. Not to be confused with aggregate information.

Information aggregatio

Rules that mandate or prohibit certain behavior and are enforced by the state

Laws

In the context of information security, the right of individuals or groups to protect themselves and their information from unauthorized access, providing confidentiality.

Privacy

What is privacy in an information security context?

Privacy is not absolute freedom from observation, but rather it is a more precise "State of being free from unsanctioned intrusion".

is considered a subset of civil law, and regulates the relationships among individuals as well as relationships between individuals and organizations; it encompasses family law, commercial law, and labor law.

Private law

regulates the structure and administration of government agencies and their relationships with citizens, employees, and other governments. Public law includes criminal law, administrative law, and constitutional law. important to understand which laws and regulations are relevant to your organization and what the organization needs to do to comply

Public lawPublic law

Originates from an executive branch or authorized regulatory agency, and includes executive orders and regulations.

Regulatory or Administrative Law:

disseminated the document in an intelligible form, including versions for employees who are illiterate, reading-impaired, and unable to read English. Engl and other lang.

Review (reading)

Originates from a legislative branch specifically tasked with the creation and publication of laws and statutes.

Statutory Law

protects the confidentiality and security of health-care data by establishing and enforcing standards and by standardizing electronic data interchange

The Health Insurance Portability and Accountability Act of 1996(HIPAA

This law attempts to prevent trade secrets from being illegally shared. provides guidance for the use of encryption and provides protection from government intervention.

The Security and Freedom through Encryption Act of 1999

is the subset of civil law that allows individuals to seek redress in the event of personal, physical, or financial injury. Perceived damages within civil law are pursued in civil court and are not prosecuted by the state.

Tort law

Collective data that relates to a group or category of people and that has been altered to remove characteristics or components that make it possible to identify individuals within the group. Not to be confused with information aggregation.

aggregate information

Measures that an organization takes to ensure every employee knows what is acceptable and what is not.

due care

Reasonable steps taken by people or organizations to meet the obligations imposed by laws or regulation

due diligence

The unauthorized taking of personally identifiable information with the intent of committing fraud and abuse of a person's financial and personal reputation, purchasing goods and services without authorization, and generally impersonating the victim for illegal or unethical purposes.

identity theft

The power to make legal decisions and judgments; typically an area within which an entity such as a court or law enforcement agency is empowered to make legal decisions.

jurisdiction

An entity's legal obligation or responsibility.

liability

The ability of a legal entity to exercise its influence beyond its normal boundaries by asserting a connection between an out-of-jurisdiction entity and a local legal case.

long-arm jurisdiction

Information about a person's history, background, and attributes that can be used to commit identity theft

personally identifiable information (PII

Guidelines that dictate certain behavior within the organization.

policy

A legal requirement to make compensation or payment resulting from a loss or injury.

restitution


Ensembles d'études connexes

Teamwork and Collaboration Prep U

View Set

NISSAN ROGUE VARIABLE COMPRESSION TURBO ENGINE

View Set

ITSW 1304 Excel Spreadsheet Ch. 5

View Set

Solving equations by graphing functions

View Set

Unit 3 Reformation and Wars of Religion//Morgan

View Set

CS 200: Exam 3 - Exam 1 & 2 Questions

View Set