Ch02 Quiz
A more recently created area of law related to information security specifies a requirement for organizations to notify affected parties when they have experienced a specified type of loss of information. This commonly known as a _______ law.
Breach
Which of the following is the result of a U.S. led international effort to reduce the impact of copyright, trademark, and privacy infringement, especially via the removal of technological copyright protection measures?
DMCA
Which of the following is the study of the rightness or wrongness of intentions and motives as opposed to the rightness or wrongness of the consequences and is also known as duty- or obligation-based ethics?
Deontological ethics
Which of the following ethical frameworks is the study of choices that have been made by individuals in the past; attempting to answer the question, what do others think is right?
Descriptive ethics
Which of the following ethical frameworks is the study of the choices that have been made by individuals in the past, attempting to answer the question, what do others think is right?
Descriptive ethics
The penalties for offenses related to the National Information Infrastructure Protection Act of 1996 depend on whether the offense is judged to have been committed for one of the following reasons except which of the following?
For political advantage
The penalties for offenses related to the National Information Infrastructure Protection act of 1996 depend on whether the offense is judged to have been committed for several reasons except which of the following?
For political advantage
Which act requires organizations that retain health care information to used InfoSec mechanisms to protect this information as well as policies and procedures to maintain them?
HIPPA
Which law addresses privacy and security concerns associated with the electronic transmission of PHI?
Health Information Technology for Economy and Clinical Health Act
In digital forensics, all investigations follow the same basic methodology once permission to search and seize is received, beginning with _______________.
Identifying relevant items of evidentiary value.
This collaborative support group began as a cooperative effort between FBI's Cleveland office and local technology professionals with a focus of protecting critical national infrastructure.
InfraGard
Another key U.S. federal agency is ____ which is responsible for coordinating, directing, and performing highly specialized activities to protect U.S. information systems and produce foreign intelligence information.
National Security Agency
Another key U.S. federal agency is _______, which is responsible for coordinating, directing, and performing highly specialized activities to protect U.S information systems and produce foreign intelligence information.
National Security Agency
_________ devices often pose special challenges to investigators because they can be configured to use advanced encryption and they can be wiped by the user even when the user is not present.
Portable
Which law requires mandatory periodic training in computer security awareness and accepted computer security practice for all employees who are involved with the management, use or operation of a federal computer system?
The Computer Security Act
Which law requires mandatory periodic training in computer security awareness and accepted computer security practice for all employees who are involved with the management, use, or operation of each federal computer system?
The Computer Security Act
Which act is a collection of statutes that regulates the interception of wire, electronic and oral communications?
The Electronic Communications Privacy Act of 1986
Which act is a collection of statutes that regulates the interception of wire, electronic, and oral communications?
The Electronic Communications Privacy Act of 1986
Which law extends protection to intellectual property, which includes words published in electronic formats?
U.S. Copyright Law
Sworn testimony that certain facts are in the possession of the investigating officer and that they warrant the examination of specific items located at a specific place is know as a(n) _____.
affidavit
The most complex part of an investigation is usually _______.
analysis for potential evidentiary material
A more recently created area of law related to information security specifies a requirement for organizations to notify affected parties when they have experienced a specified type of loss of information . This is commonly known as _______ law.
breach
Which ethical standard is based on the notion that life in community yields a positive outcome for the individual, requiring each individual to contribute to that community?
common good
Which of the following is the best method for preventing an illegal or unethical activity? Examples include law, policies and technical controls.
deterrence
Investigations involving the preservation, identification, extraction, documentation, and interpretation of computer media fro evidentiary root cause analysis is known as ______.
digital forensics
A process focused on the identification and location of potential evidence related to a specific legal action after it was collected through digital forensics is known as ______.
e-discovery
Also known as "items of potential evidentiary value," any information that could potentially support the organization's legal or policy-based case against a suspect is known as _________.
evidentiary material
Which of the following is NOT a requirement for laws and policies to deter illegal or unethical activity?
fear of humiliation
The coherent application of methodical investigatory techniques to collect, preserve and present evidence of crimes in a court or court-like setting is known as__________?
forensics
Which of the following is NOT an origin used to categorize types of law?
international
Digital forensics can be used for two key purposes:
investigate allegations of digital malfeasance; perform root cause analysis
Any court can impose its authority over an individual or organization if it can establish which of the following?
jurisdiction
There are three general categories of unethical behavior that organizations and society should seek to eliminate. Which of the following is NOT one of them?
malice
Which subset of civil law regulates the relationships among individuals and among individuals and organizations?
private
Which of the following is compensation for a wrong committed by an individual or organization?
restitution
Permission to search for evidentiary material at a specified location and/or to seize items to return to an investigator's lab for examination is known as a(n) ______.
search warrant
When an incident violates civil or criminal law, it is the organization's responsibility to notify the proper authorities; selecting the appropriate law enforcement agency depends on__________.
the type of crime committed
Which of the following organizations put forth a code of ethics designed primarily for infosec professionals who have earned their certifications? The code includes the canon: Provide diligent and competent service to principals.
(ISC)2
Which of the following organizations put forth a code of ethics designed primarily for InfoSec professionals who have earned their certifications? The code includes the canon: Provide diligent and competent service to principals.
(ISC)2
