ITE
QN=31 Software manufacturers can file a civil suit against software pirates with penalties of up to ____ per copyrighted work.
$100,000
QN=41 An IT professional organization whose mission is to provide superior leadership and education in information technology and that has a goal to help its members make themselves more marketable within their industry is ____.
AITP
QN=75 A security policy outlines what needs to be done but not ____ to do it.
how
QN=48 IT workers have a key responsibility to establish an environment that supports ethical behavior by users. Such an environment discourages software piracy, minimizes the inappropriate use of corporate computing resources, and avoids the inappropriate sharing of ____.
information
QN=65 Edward Davidson ran a spamming operation out of his home that sent hundreds of thousands of spam e-mails. The header information of these e-mails concealed the actual sender from the recipient of the e-mail, a violation of the ____ Act.
CAN-SPAM
QN=52 ____ is a form of security incident that first registered on the CSI Computer Crime and Security Survey in 2007.
Instant messaging abuse
QN=51 The Societe Generale employee alleged to have committed fraud against the firm that resulted in a loss to the bank of some Ä4.9 billion was ____.
Jerome Kerviel
QN=8 ____ is a system of rules that tells us what we can and cannot do.
Laws
QN=58 ____ is a form of Trojan horse which executes when it is triggered by a specific event such as a change in a particular files, by typing a specific series of keystrokes, or by a specific time or date.
Logic bomb
QN=71 ____ has made a strong commitment to support trustworthy computing and defined four pillars of trustworthy computing.
Microsoft
QN=7 ____ describes standards or codes of behavior expected of an individual by a group (nation, organization, profession) to which an individual belongs.
Morals
QN=76 The ____ is a nonregulatory federal agency within the U.S. Department of Commerce whose Computer Security Division develops security standards and technology against threats to the confidentiality, integrity, and availability of information and services.
National Institute of Standards and Technology
QN=94 Under the PATRIOT Act, the FBI can issue a ____ to compel banks, Internet service providers, and credit reporting companies to turn over information about their customers without a court order simply on the basis that information is needed for an ongoing investigation.
National Security Letter
QN=79 A software and/or hardware device that monitors system and network resources and activities, and notifies network security personnel when it identifies possible intrusions from outside the organization or misuse from within the organization is a(n) ____.
intrusion detection system
QN=80 A(n) ____ works to prevent an attack by blocking viruses, malformed packets, and other threats from getting into the protected network.
intrusion prevention system
QN=38 The U.S. Foreign Corrupt Practices Act makes it a crime to bribe a foreign official unless the payment was ____.
lawful under the laws of the foreign country in which it was paid
QN=13 The Department of Justice established sentencing guidelines that suggest more ____ treatment for convicted executives if their companies have ethics programs.
lenient
QN=26 From a legal perspective, IT workers are not recognized as professionals because they are not ____ by the state or federal government.
licensed
QN=27 Many courts have ruled that IT workers are not liable for ____ because they do not meet the legal definition of a professional.
malpractice
QN=73 Part of a thorough security risk assessment is to determine how each threat can be ____ so that it becomes much less likely to occur or, if it does occur, has less of an impact on the organizations.
mitigated
QN=29 As a result of improved ____, clients are able to break down their business processes into their fundamental steps and decide which they will perform themselves and which they will outsource to service providers.
modularization
QN=39 The Foreign Corrupt Practices Act permits facilitating payments so that an official performs or makes a(n) ____.
official function faster
QN=19 Ethical conduct criteria that could be used in an employeeís performance evaluation includes ____.
operating effectively in a multicultural environment
QN=21 The step in the five-step decision-making process during which the decision maker (s) consider laws, guidelines, policies, and principles that might apply to the decision is the ____ step.
evaluate and choose alternative
QN=53 A(n) ____ is a term for any sort of general attack on an information system that takes advantage of a particular system vulnerability.
exploit
QN=55 Some IT security experts warn that is will not be long before we see ____ aimed at smartphones to steal userís data or turn them into remote-controlled bots.
exploits
QN=46 A device that limits access to the companyís network based on the organizationís Internet usage policy is called a(n) ____.
firewall
QN=77 Installation of a(n) ____ is the most common computer security precaution taken by businesses.
firewall
QN=60 It is estimated that about one in ____ personal computers in the United States is part of a botnet.
four
QN=54 Often a successful attack on an information system is due to poor system design or implementation. Once such a vulnerability is discovered, software developers quickly create and issue a ____ to eliminate the problem.
patch
QN=81 The concept of privacy is ____.
protected by a number of amendments in the Bill of Rights
QN=33 Whistle-blowing is an effort by an employee to attract attention to a negligent, illegal, unethical, abusive, or dangerous act by a company that threatens the ____.
public interest
QN=74 The concept of ____ recognizes that managers must use their judgment to ensure that the cost of control does not exceed the systemís benefits or the risks involved.
reasonable assurance
QN=93 A ____ allows the FBI to intercept any communications to or by an intelligence target without specifying the telephone line, computer, or other facility to be monitored.
roving wiretap
QN=18 In a(n) ____, an organization reviews how well it is meeting its ethical and social responsibility goals, and communications its new goals for the upcoming year.
social audit
QN=10 Someone who stands to gain or lose, depending on how a situation is resolved is called a(n) ____.
stakeholder
QN=43 A government license grants permission for an individual to engage in an activity or to operate a business. It is generally administered at the ____ level and often requires that the recipient pass a test of some kind.
state
QN=30 The mission of the Business Software Alliance is to ____.
stop the unauthorized copying of software
QN=11 Companies that develop and maintain strong employee relations ____.
suffer lower turnover rates
QN=96 A(n) ____ terminates or repeals a law or portions of it after a specific date unless further legislative action is taken to extend the law.
sunset provision
QN=35 To prove fraud in a court of law, prosecutors must demonstrate that ____.
the accused made a false representation of a material fact
QN=34 Before becoming a whistle-blower, an employee would normally call attention to a problem and try to correct it by first working with appropriate resources within ____.
the company
QN=15 A rapid increase in the appointment of corporate ethics officers typically follows
the revelation of a major business scandal.
QN=32 A ____ is information, generally unknown to the public, that a company has taken strong measures to keep confidential.
trade secret
QN=45 Because there are no ____ against which to compare a software engineerís professional behavior, he or she cannot be subject to malpractice lawsuits.
uniform standards
QN=40 Studies have shown that around ____ of all job applicants exaggerate their accomplishments on their resume.
30%
QN=17 While nearly half of all employees surveyed saw some form of ethical misconduct in 2007, less than ____ of those employees reported the misconduct to management.
60%
QN=88 The Foreign Intelligence Surveillance Act ____.
Allows surveillance, without court order, within the United States for up to a year unless the surveillance will acquire the contents of any communications to which a U.S. person is a party
QN=99 The ____ seal program identifies online businesses that honor their own stated privacy protection policies.
BBBOnLine
QN=16 In a for-profit organization, it is the primary objective of the ____ to oversee the organizationís business activities and management for the benefit of shareholders, employees, customers, suppliers, and the community.
Board of Directors
QN=66 ____ have become the primary means for distributing spam, malware, and phishing scams.
Botnets
QN=91 Under the ____, the Federal Communications Commission responded to appeals from the Justice Department by requiring providers of Internet phone services and broadband services to ensure that their equipment accommodated the use of law enforcement wiretaps.
Communications Assistance for Law Enforcement Act
QN=68 ____ is an annual gathering in Las Vegas of computer hackers.
DEFCON
QN=12 A judge found ____ guilty of not providing timely on-site technical support that customers were entitled to and, as a result, lost its place as the worldís largest computer manufacturer.
Dell
QN=63 ____ is (are) the abuse of e-mail systems to send unsolicited e-mail to large numbers of people.
E-mail spam
QN=84 The ____ is an act that repealed a depression-era law known as Glass-Steagell. Some place partial blame for the financial crises that began in 2008 on the passage of this act and the loosening of banking restrictions.
Gramm-Leach-Bliley Act
QN=85 Under the ____, financial institutions must provide a privacy notice to each consumer that explains what data about the consumer is gathered, with whom that data is shared, how the data is used, and how the data is protected.
Gramm-Leach-Bliley Act
QN=89 The ____, passed as an amendment to Title III of the Omnibus Crime Control and Safe Streets Act establishes a requirement for court-approved law enforcement use of a pen register or trap and trace.
Electronic Communications Privacy Act
QN=90 The ____ prohibits unauthorized access to stored wire and electronic communications, such as the contents of e-mail in-boxes, instant messages, message boards, and social networking sites that are not readily accessible to the general public.
Electronic Communications Privacy Act
QN=98 The ____ requires member countries to ensure that data transferred to non-European Union countries is protected, and bars the export of data to countries that do not have data privacy protection standards comparable to the European Unionís.
European Union Data Protection Directive
QN=83 The ____ is a 1970 federal act that outlines who may access your credit information, how you can find out what is in your file, how to dispute inaccurate data, and how long data is retained.
Fair Credit Reporting Act
QN=97 The 1980 privacy guidelines set by the Organisation for Economic Co-operation and Development are also known as the ____ and are often held up as the model of ethical treatment of consumer data for organizations to adopt.
Fair Information Practices
QN=95 In Doe v. Holder, the courts ruled that the NSL gag rule (prohibits NSL recipients from informing anyone that the government has secretly requested his or her records) violates the ____.
First Amendment
QN=101 The ____ enables the public to gain access to certain government records.
Freedom of Information Act
QN=9 ____ hired private investigators to identify members of its board of directors who were responsible for leaking confidential company information to the press.
Hewlett-Packard
QN=56 ____ viruses have become a common and easily created form of virus. Attackers use an application macro language to create these programs that infect documents and templates.
Macro
QN=20 ____ is a likely cause of employees feeling ìNo one will ever know the difference, and if they do, so what?î
Management failing to hold people accountable for unethical actions
QN=36 ____ occurs when a party fails to perform certain express or implied obligation, which impairs or destroys the essence of a contract.
Material breach of contract
QN=72 A strong security program begins by ____.
assessing the threats to an organizationís computers and network
QN=14 One characteristic of an organization that has a successful ethics program is that ____.
employees are rewarded for ethical behavior.
Which of the following observations is true of ethics? a. It is descriptive in nature. b. It deals with our reasoning about how we should act. c. It provides an account of how and why people act the way they do. d. It is equivalent to law-abiding behavior.
b
QN=64 Spammers can defeat the registration process of free e-mail services by launching a coordinated ____ attack that can sign up for thousands of untraceable e-mail accounts.
bot
QN=50 If misrepresentation causes a party to enter into a contract, that party may have the legal right to ____.
cancel the contract and seek reimbursement for damages
QN=102 The ____ prohibits the government from concealing the existence of any personal data record-keeping systems.
Privacy Act
QN=42 Certification indicates that a professional possesses a particular set of skills, knowledge, or abilities, in the opinion of the ____.
certifying organization
QN=24 An approach to ethical decision making that is based on a vision of society as a community whose members work together to achieve a common set of values and goals is the ____ approach.
common good
QN=49 A feature that is associated with a bribe is that a bribe ____.
encourages an obligation for the recipient
QN=28 As a result of increased ____, clients and service providers have built their working relationships on the expectation that they can communicate easily and instantly around the globe through electronic teleconferences, audio conferences, e-mail, and wireless devices.
connectivity
QN=47 Adherence to a professional code of ethics means that practitioners use a common set of ____ as a guideline for ethical decision making.
core values and beliefs
QN=37 Accepting payment of entry fees for a golf tournament from a supplier is ____.
could be perceived as a bribe
QN=57 ____ was a worm that was released in 2007 and caused billions of dollars in damages.
Storm
QN=67 The ____ is a type of computer crime perpetrator whose primary motive is to achieve a financial gain.
cybercriminal
QN=69 Chinese hackers have repeatedly hacked into systems to intercept e-mails between U.S. and UK officials. This is an example of ____.
cyberterrorism
. Which of the following is an approach advocated while teaching ethics? a. Teachers should teach ethical dogma to a passive audience. b. Teachers should consider acceptance of customary norms as an adequate ethical perspective. c. Teachers should understand that their role is only to tell the right answers to their students. d. Teachers should challenge students to think for themselves.
d
QN=23 Part of developing a good problem statement includes ____.
determining who is directly affected by the problem
QN=22 The step of the five-step decision process during which those who will be affected by the decision are identified is the ____ step.
develop problem statement
QN=100 For a Web site to receive the ____ seal, its operators must demonstrate that it adheres to established privacy principles. The Web site must also agree to comply with that organizationís oversight and consumer resolution process, and pay an annual fee.
TRUSTe
QN=59 A ____ attack keeps the target so busy responding to a stream of automated requests that legitimate users cannot get in.
distributed denial-of-service
QN=87 The Childrenís Online Privacy Protection Act ____.
does not cover the dissemination of information to children
QN=78 The ____ is a partnership between the Department of Homeland Security and the public and private sectors, established in 2003 to protect the nationís Internet infrastructure against cyberattacks.
U.S. Computer Emergency Readiness Team
QN=70 The ____ is a Federal law that primarily addresses unlawful access to stored electronic communications.
US Code Title 18, Part I, Chapter 121
QN=92 The ____ gave sweeping new powers both to domestic law enforcement and international intelligence agencies, including increasing the ability of law enforcement agencies to search telephone, e-mail, medical, financial, and other records.
USA PATRIOT Act
QN=61 The ____ code portion of a rootkit gets the rootkit installation started and can be easily activated by clicking on a link to a malicious Website in an e-mail or opening an infected .pdf file.
dropper
QN=44 The obligation to protect people against any unreasonable harm or risk is called ____.
duty of care
Philosophers often emphasize that ethics is _____, which means that it deals with a personís reasoning about how he or she should act. a. normative b. descriptive c. stipulative d. persuasive
a
QN=25 An approach to ethical decision making that states you should choose the action or policy that has the best overall consequences for all people who are directly or indirectly affected is the ____ approach.
utilitarian
QN=62 Rootkits are designed so cleverly that it is difficult to even discover if they are installed on a computer. The fundamental problem with trying to detect a rootkit is that the operating system cannot be trusted to provide ____.
valid test results
QN=6 Habits that incline people to do what is acceptable are called ____.
virtues
QN=82 The Supreme Court has ruled that ____.
without a reasonable expectation of privacy, there is no privacy right
QN=86 Under the HIPAA provisions, healthcare providers must obtain ____ from patients prior to disclosing any information in their medical records.
written consent
