Ethics in Technology - C961: Pre-assessment (fixed)

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

The leader of an IT department is approached by one of her managers to ask for a salary increase. The manager does a fantastic job of presenting a solid rationale for the increase. At the end his presentation, he says he knows the salaries of all his colleagues because he accessed the payroll file on the company network. Which law may this leader's organization use against this manager?

Computer Fraud and Abuse Act

The leader of an information technology department is made aware of brute-force attacks on her organization. The attacks are being conducted from a remote site and are a threat to data access and accuracy. Which law may this leader's organization use against the attackers?

Computer Fraud and Abuse Act

The leader of an IT department is approached by one of her managers to ask for a salary increase. The manager does a fantastic job of presenting a solid rationale for the increase. At the end his presentation, he says he knows the salaries of all his colleagues because he accessed the payroll file on the company network. Which part of the security triad was violated?

Confidentiality

A remote U.S. programmer is hired by a foreign European video game company. He recently discovered that the company was secretly collecting images and videos (data) of U.S. users, including children, without their permission or parental consent. Assortments of images and videos were uploaded to a third-party social media website the company uses. Images and videos included children, 12 years and younger, and assigned names, home addresses, and reviews that were all fake. Which action should this programmer take to handle this situation?

Contact and inform the FBI and the social media site of the company's activities.

Kim owns a software development company. He regularly reviews new software releases. If he sees a software that interests him, he buys it so he can review the program and use the information to create the same software for his company to produce. What is the form of the intellectual property in this scenario?

Copyright

What must business leaders do to make sound decisions?

Follow established policies and procedures

A college president reads an article and really likes it. The president decides to take some of the information and use it in a graduation speech. The president does not attribute the information in the speech to the article that was read. What is the ethical issue in this scenario?

Fraud

What is the first step in investigating an ethical challenge?

Gather the facts

There is a news story about employees of a pharmacy at a local grocery store inadvertently releasing patient information. According to the story, the pharmacy employees printed patient records to review them and later threw them into the grocery store dumpster. Which privacy law was violated by these pharmacy employees?

HIPAA

The sandwich generation has increased. This generation compromises people who care for elderly parents and children simultaneously. In efforts to manage time effectively, this generation does the majority of work and communication electronically. What can organizations do to assist the sandwich generation in understanding the importance of protecting personal and financial information?

Have IT, financial, and medical professionals conduct information sessions for the community monthly

Which element states what actions will be taken against an individual who violates an acceptable use policy (AUP)?

Sanctions

What issue can be avoided when a well-defined problem statement and exceptional communication are present during an IT project?

Scope creep

There are eight cities that impose a sugary drink tax. The purpose of this tax is to provide revenue for the city for additional educational support while reducing consumption of sugary drinks. An algorithmic decision-making process is used to collect data from different sources for a research project. The goal of the research project is to explore behaviors of the people in those cities before and after the tax. What can a novice researcher use to ensure data is accurate?

Sites that promote information accuracy and objectivity

The leader of an IT department is approached by one of her managers to ask for a salary increase. The manager does a fantastic job of presenting a solid rationale for the increase. At the end his presentation, he says he knows the salaries of all his colleagues because he accessed the payroll file on the company network. Which method may have mitigated the threat posed by the manager?

Proper access control

There are eight cities that impose a sugary drink tax. The purpose of this tax is to provide revenue for the city for additional educational support while reducing consumption of sugary drinks. An algorithmic decision-making process is used to collect data from different sources for a research project. The goal of the research project is to explore behaviors of the people in those cities before and after the tax. Which best practice standard should be enforced to ensure IT personnel are properly trained?

Reasonable professional standard

A college president reads an article and really likes it. The president decides to take some of the information and use it in a graduation speech. The president does not attribute the information in the speech to the article that was read. How would you address the president's actions?

Report to the compliance office

A company registering pet microchips has collected substantial data about pets and their owners (age, gender, species, home address, etc.). A longtime employee, Jim, quits to launch a new business. Before leaving, he takes a copy of the program and its data to use when he launches his new business targeting pet owners. When starting his new company, he deconstructs the program to determine how it works. What is the source of the threat identified in this scenario?

Reverse engineering

There are eight cities that impose a sugary drink tax. The purpose of this tax is to provide revenue for the city for additional educational support while reducing consumption of sugary drinks. An algorithmic decision-making process is used to collect data from different sources for a research project. The goal of the research project is to explore behaviors of the people in those cities before and after the tax. The agency the researcher works for has many resources to mine data. What concerns should this researcher have about these resources?

Rights and ownership of the data

Why is it important for IT professionals to incorporate good ethical practices?

So that employees are prepared to handle situations that could lead to misconduct.

Protecting the information of customers and consumers is an essential concern for companies that collect and store such information. When a data breach occurs, the safety and accuracy of sensitive information are compromised. Businesses must adhere to ethical and legal obligations in the reporting and handling of these situations. In many cases, laws require businesses to report significant data breaches to specific regulatory bodies. For some instances, companies have faced sanctions for failing to report these events in a timely way. Safeguarding consumer data and ensuring compliance to all federal and local regulations for reporting data breaches are essential for corporations to protect the public. Which consequence may a corporation face for failing to adhere to these practices?

The company may be forced by the Federal Communications Commission (FCC) to close.

A student makes two copies of a software package that he just purchased and sells one to a friend. Which assessment describes this student's action?

Unethical and illegal

Data collection methods and processes continue to emerge into more industries, fields, and agencies. Meanwhile, the regulations governing the use and sharing of this data continue to evolve. However, data collection is still somewhat new, and there is a tangible gap in the legislation of ethical codes and guidelines to establish clear principles of collection and use. What may providing unrestricted access to consumers' data without protecting each individual's privacy or identity be to consumers?

Unethical and risky

A major online pet medical record supplier's information system is attacked, and data are stolen about recent pet deaths. The FBI determines that a mall pet store chain has taken the data and used it to send "buy a puppy" solicitations to the owners of the deceased pets. What is a description of the threat to the data?

Unintended release of sensitive data or the access of sensitive data by unauthorized individuals

What is an example of corporate social responsibility (CSR)?

A local IT firm invests in green energy by partnering with a small business to install solar panels in the office.

A cell phone company is conducting a survey to learn more about the demographic and preferences of its current customers. The IT professionals at the company design the survey to be accessible through the customer's mobile phone. Customers can return to the survey data multiple times to update or revise their responses until the survey closes. To access the previously entered data, the customer must enter a one-time log-in code provided by the cell phone company, as well as answer individualized security questions on a secure mobile server. What is this method of conducting a survey an example of?

A multistage process to prevent unauthorized access to sensitive data

Which entity provides a technology code of ethics to its constituents?

A professional organization

Most organizations with a published code of ethics have a provision for an employee to report expected wrongdoing by others within the organization. What is the person exercising this right known as?

A whistle-blower

The implementation deadline for a highly visible IT project that will improve global client services is going to be missed due to a data integrity issue. An IT team member from an international country is confident that he has the solution code, but he does not have the resources to the test code. The project leader is receiving a lot of pressure to complete the project. What should this project leader do?

Accept the code, test it, and implement the project late

During slow times at work, a bank teller browses through a checking account of someone she knows. She goes through the person's account, looking at where the person has shopped and how much was spent. The bank teller then shares the information with her supervisor, other employees, and friends. What is the legal or policy issue in the scenario?

Acceptable use policy

What is an example of an IT professional demonstrating a commitment to ethics?

An IT professional wants to do a side project for a local business. He checks his employer's company policy handbook first to avoid a conflict of interest.

A code of ethics is a set of principles and rules used by companies, professional organizations, and individuals to govern their decision making in choosing between right and wrong. Intellectual property covers protections that involve copyrights, trademarks, trade secrets, and patents. Which scenario is a violation of a code of conduct?

An employee makes a copy of company software and takes it home to share with his friends.

Many computer-enabled equipment including tablets, smartphones, and vehicles is used to track the location of users. Corporations issue these devices to their employees to help them perform their jobs more efficiently. IT personnel can work remotely to assist customers and clients with various technology issues and projects. Some professionals are also provided a company-owned vehicle with GPS capabilities, which gives the employer 24/7 access to the employee's movements. An IT worker uses a company-owned vehicle to transport illegal drugs. How does the use of auto-tracking devices explain the ethical issue in this scenario?

An employer can use GPS-tracking data as evidence for the investigation.

An avid software developer opens a software business and registers the company using SIC 7371 and NAICS 541511 codes. The product the firm produces dictates its viability, but the software has a reputation of being defective. To ensure the success of the firm, several developers were terminated for producing malicious software. What may these terminated employees be classified as?

Black hat hackers

Jan is a system administrator for an elite technology company. The company has a highly lucrative proprietary system. Jan is approached by an executive from a rival company. He offers Jan a significant sum of money if she will give him a username and log-in for remote access to the company's internal system. What is the ethical issue in this scenario?

Breach of contract

As part of a college's requirement for degree completion, a student is required to work in a team of three to create a business plan for a company of her choice. She has two good friends who started the program with her, and all have agreed to work together. After several brainstorming meetings, everyone agrees that the company would be a startup. The main focus of this business would be providing services for nonprofessional caregivers. The company defines nonprofessional caretakers as family members taking care of relatives in a private home environment. Three years after graduation, this individual invites friends and business leaders to the launch of her startup. Halfway through the celebration, her two friends from school realize she implemented the business plan without asking them for permission or inviting them to be partners. She offers to pay them a set amount to walk away. What are the two ethical issues violated?

Bribery, Piracy

What is a hacking method that finds passwords or encryption keys by trying every possible combination of characters until the correct one is found?

Brute-force attack

What is defined as a concept by which organizations assimilate social and environmental concerns in their business operations and interactions with their stakeholders?

CSR (Corporate Social Responsibility)

As part of a college's requirement for degree completion, a student is required to work in a team of three to create a business plan for a company of her choice. She has two good friends who started the program with her, and all have agreed to work together. After several brainstorming meetings, everyone agrees that the company would be a startup. The main focus of this business would be providing services for nonprofessional caregivers. The company defines nonprofessional caretakers as family members taking care of relatives in a private home environment. Which organization would offer more comprehensive training programs to support caregivers?

Centers for Medicare & Medicaid Services (CMS)

A remote U.S. programmer is hired by a foreign European video game company. He recently discovered that the company was secretly collecting images and videos (data) of U.S. users, including children, without their permission or parental consent. Assortments of images and videos were uploaded to a third-party social media website the company uses. Images and videos included children, 12 years and younger, and assigned names, home addresses, and reviews that were all fake. Which regulation would address this video game company's actions concerning the child user?

Children's Online Privacy Protection Act (COPPA)

As more aspects of communication and record keeping become digitized, the relationships between protecting consumer data and privacy grow increasingly complex. The interests of corporations and government agencies must be maintained as well. New questions emerge over how, when and to what extent consumer data are collected, retained, or shared. To mitigate these concerns, a variety of regulations have been passed in the United States to protect consumer privacy and ensure accuracy of the data which are harvested. What refers to a general set of guidelines to regulate the collection and use of personal data?

Fair information practices

To spy on his girlfriend, a man uses her social security number and her mother's maiden name to reset the online password for her cell phone account. He is then able to enter the account to review her text messages and phone records from the past month of usage. What is this action an example of?

Data piracy

What is the first step in an ethical decision-making process?

Develop a problem statement

There are eight cities that impose a sugary drink tax. The purpose of this tax is to provide revenue for the city for additional educational support while reducing consumption of sugary drinks. An algorithmic decision-making process is used to collect data from different sources for a research project. The goal of the research project is to explore behaviors of the people in those cities before and after the tax. The researcher is not familiar with IT and visits a data site outside of the resources provided by the organization. Within an hour of access, employees are having difficulties performing job duties because their computer is frozen. The IT department identified the DDoS source and eradicated it. What should this IT department do to avoid this happening again?

Develop and maintain a risk management plan

A remote U.S. programmer is hired by a foreign European video game company. He recently discovered that the company was secretly collecting images and videos (data) of U.S. users, including children, without their permission or parental consent. Assortments of images and videos were uploaded to a third-party social media website the company uses. Images and videos included children, 12 years and younger, and assigned names, home addresses, and reviews that were all fake. What is the IT issue concerning this videotaping of these unsuspecting users?

Electronic surveillance

What may be a representation of data that may be inappropriately shared by an IT professional?

Employee records

Which best practice should help reduce the different ethical problems IT professionals face on a daily basis?

Establishing and implementing an acceptable use policy

A person breaks a traffic law in order to get a critically injured man to a hospital. Which decision-making behavior describes this action?

Ethical and illegal

What does the Bathsheba syndrome refer to?

Ethical failure of people in power

As part of a college's requirement for degree completion, a student is required to work in a team of three to create a business plan for a company of her choice. She has two good friends who started the program with her, and all have agreed to work together. After several brainstorming meetings, everyone agrees that the company would be a startup. The main focus of this business would be providing services for nonprofessional caregivers. The company defines nonprofessional caretakers as family members taking care of relatives in a private home environment. During operating hours, caregivers come in to get information and use computers. Many of the websites that caregivers visit ask for personal information when filling out forms. When the caregiver leaves the facility, completed forms (including confidential patient information) are left on the computer for others to view. What should these caregivers be educated on to help reduce this practice?

Health Insurance Portability and Accountability Act (HIPAA)

Many computer-enabled equipment including tablets, smartphones, and vehicles is used to track the location of users. Corporations issue these devices to their employees to help them perform their jobs more efficiently. IT personnel can work remotely to assist customers and clients with various technology issues and projects. Some professionals are also provided a company-owned vehicle with GPS capabilities, which gives the employer 24/7 access to the employee's movements. An IT professional traveling for a work assignment decides to take a detour for personal business and due to excessive speed, causes an auto accident. Who is responsible for damages?

IT workers who breach the duty of care are accountable for injuries.

A remote U.S. programmer is hired by a foreign European video game company. He recently discovered that the company was secretly collecting images and videos (data) of U.S. users, including children, without their permission or parental consent. Assortments of images and videos were uploaded to a third-party social media website the company uses. Images and videos included children, 12 years and younger, and assigned names, home addresses, and reviews that were all fake. What is the ethical issue concerning these posted images or videos of unsuspecting users?

Identity theft

A company registering pet microchips has collected substantial data about pets and their owners (age, gender, species, home address, etc.). A longtime employee, Jim, quits to launch a new business. Before leaving, he takes a copy of the program and its data to use when he launches his new business targeting pet owners. When starting his new company, he deconstructs the program to determine how it works. How would Jim's actions be characterized?

Illegal and unethical

As part of a college's requirement for degree completion, a student is required to work in a team of three to create a business plan for a company of her choice. She has two good friends who started the program with her, and all have agreed to work together. After several brainstorming meetings, everyone agrees that the company would be a startup. The main focus of this business would be providing services for nonprofessional caregivers. The company defines nonprofessional caretakers as family members taking care of relatives in a private home environment. Three years after graduation, this individual invites friends and business leaders to the launch of her startup. Halfway through the celebration, her two friends from school realize she implemented the business plan without asking them for permission or inviting them to be partners. She offers to pay them a set amount to walk away. How may the actions of this business owner be described?

Illegal and unethical

In an effort to reduce costs, a start-up organization is running pirated software. How may the actions of these leaders be characterized?

Illegal and unethical

Jack works in the IT department of a major U.S. bank. The bank has created a mobile application for use by its customers. One of the permissions needed by the application is the location of the bank customer. Jack has decided to share the customer location information with his friend who works for a major hotel chain. The hotel chain will then reach out to the bank customers to offer them a discounted room in the customer's travel area. How should Jack's actions be characterized?

Illegal and unethical

Jan is a system administrator for an elite technology company. The company has a highly lucrative proprietary system. Jan is approached by an executive from a rival company. He offers Jan a significant sum of money if she will give him a username and log-in for remote access to the company's internal system. How would Jan's actions be characterized if she granted the executive's request?

Illegal and unethical

Michael, a mortgage lender, has an agreement with Charlotte, who works in a credit bureau. Charlotte will set up fictitious accounts for mortgage applicants, complete with a history of payments to help raise the applicant's credit score. How should Charlotte's actions be characterized?

Illegal and unethical

There is a news story about employees of a pharmacy at a local grocery store inadvertently releasing patient information. According to the story, the pharmacy employees printed patient records to review them and later threw them into the grocery store dumpster. How may the actions of these pharmacy employees be characterized?

Illegal and unethical

There is a news story about employees of a pharmacy at a local grocery store inadvertently releasing patient information. According to the story, the pharmacy employees printed patient records to review them and later threw them into the grocery store dumpster. What explains this ethical issue?

Inappropriate sharing

What is one outcome leaders should be aware of when making organizational decisions?

Increasing profits and revenues

A major online pet medical record supplier's information system is attacked, and data are stolen about recent pet deaths. The FBI determines that a mall pet store chain has taken the data and used it to send "buy a puppy" solicitations to the owners of the deceased pets. What is the source of the data threat in the scenario?

Industrial spy

Kim owns a software development company. He regularly reviews new software releases. If he sees a software that interests him, he buys it so he can review the program and use the information to create the same software for his company to produce. What is the source of the threat identified in this scenario?

Infringement

There is a news story about employees of a pharmacy at a local grocery store inadvertently releasing patient information. According to the story, the pharmacy employees printed patient records to review them and later threw them into the grocery store dumpster. How may the source of this IT issue be described?

Lack of internal controls

Many computer-enabled equipment including tablets, smartphones, and vehicles is used to track the location of users. Corporations issue these devices to their employees to help them perform their jobs more efficiently. IT personnel can work remotely to assist customers and clients with various technology issues and projects. Some professionals are also provided a company-owned vehicle with GPS capabilities, which gives the employer 24/7 access to the employee's movements. Many IT professionals feel their privacy is violated when employers use GPS-tracking devices. What describes the employer's point of view?

Legal and ethical

An avid software developer opens a software business and registers the company using SIC 7371 and NAICS 541511 codes. A software developer's code defines the business. An employee created a product to corrupt data every couple of weeks. During the testing phase, the code worked as planned, and the company and the end user accepted it. After one week, the end user's data were corrupted. How may this threat be described?

Malware

An avid software developer opens a software business and registers the company using SIC 7371 and NAICS 541511 codes. This business is contracted to create a resource management system to automate processes. The company modified an open source code and marketed it as proprietary software, charging other companies thousands of dollars to use it. What may this open source community obtain to avoid this practice?

Open source license

A college president reads an article and really likes it. The president decides to take some of the information and use it in a graduation speech. The president does not attribute the information in the speech to the article that was read. What is the source of the threat identified in this scenario?

Plagiarism

What does PAPA stand for?

Privacy, accuracy, property, access

As more aspects of communication and record keeping become digitized, the relationships between protecting consumer data and privacy grow increasingly complex. The interests of corporations and government agencies must be maintained as well. New questions emerge over how, when and to what extent consumer data are collected, retained, or shared. To mitigate these concerns, a variety of regulations have been passed in the United States to protect consumer privacy and ensure accuracy of the data which are harvested. What is a risk of saving sensitive consumer data without using encryption and other safe archiving methods?

The data could be accessed by hackers.

Many computer-enabled equipment including tablets, smartphones, and vehicles is used to track the location of users. Corporations issue these devices to their employees to help them perform their jobs more efficiently. IT personnel can work remotely to assist customers and clients with various technology issues and projects. Some professionals are also provided a company-owned vehicle with GPS capabilities, which gives the employer 24/7 access to the employee's movements. What describes an employee's legal rights when an employer is using an auto-tracking device to monitor the employee's whereabouts?

The employer must obtain employee consent before installing an auto-tracking device.

Which ethical framework tries to identify alternatives that will produce the most good and do the least harm?

The utilitarian framework

Why is it important for leaders to understand how technology affects their organization's daily practices?

To understand possible legal ramifications

According to Aristotle's virtue ethics, what should be the nature of a person who wants to donate something to an orphanage?

Tolerant

Jack works in the IT department of a major U.S. bank. The bank has created a mobile application for use by its customers. One of the permissions needed by the application is the location of the bank customer. Jack has decided to share the customer location information with his friend who works for a major hotel chain. The hotel chain will then reach out to the bank customers to offer them a discounted room in the customer's travel area. What is a description of the threat to the customer data?

Unintended release of sensitive data or the access of sensitive data by unauthorized individuals

An avid software developer opens a software business and registers the company using SIC 7371 and NAICS 541511 codes. Which type of ethics is absent when workers purposely defame their employer by demonstrating unethical behaviors without considering the impact on information systems?

Virtue ethics


Set pelajaran terkait

CH 5 - Competitive Advantage, Firm Performance, and Business Models

View Set

NCLEX Review Safety and Infection Control

View Set