Chapter 2 Test
Which of the following ethical frameworks is the study of the choices that have been made by individuals in the past? a.Normative ethicsb.Deontological ethicsc.Applied ethicsd.Descriptive ethics
. Descriptive ethics
Which law addresses privacy and security concerns associated with the electronic transmission of PHI? a.Health Information Technology for Economic and Clinical Health Actb.National Information Infrastructure Protection Act of 1996c.American Recovery and Reinvestment Actd.USA PATRIOT Act of 2001
Health Information Technology for Economic and Clinical Health Act
In digital forensics, all investigations follow the same basic methodology once permission to search and seize is received, beginning with _________. a.investigating allegations of digital malfeasanceb.acquiring (seizing) the evidence without alteration or damagec.identifying relevant items of evidentiary valued.analyzing the data without risking modification or unauthorized access
Identifying relevant items of evidentiary value.
Which law requires mandatory periodic training in computer security awareness and accepted computer security practice for all employees who are involved with the management, use, or operation of a federal computer system? a.The Computer Security Actb.National Information Infrastructure Protection Actc.Computer Fraud and Abuse Actd.The Telecommunications Deregulation and Competition Act
The Computer Security Act
Which act is a collection of statutes that regulates the interception of wire, electronic, and oral communications? a.National Information Infrastructure Protection Act of 1996b.The Electronic Communications Privacy Act of 1986c.Federal Privacy Act of 1974d.The Telecommunications Deregulation and Competition Act of 1996
The Electronic Communications Privacy Act of 1986
Which of the following is the study of the rightness or wrongness of intentions and motives as opposed to the rightness or wrongness of the consequences (also known as duty- or obligation-based ethics)? a.Deontological ethicsb.Applied ethicsc.Meta-ethicsd.Normative ethics
a.Deontological ethics
Investigations involving the preservation, identification, extraction, documentation, and interpretation of computer media for evidentiary and root cause analysis are known as _________. a.digital forensics b.crime scene investigationc.criminal investigationd.e-discovery
a.digital forensics
There are three general categories of unethical behavior that organizations and society should seek to eliminate. Which of the following is NOT one of them? a.maliceb.accidentc.ignoranced.intent
a.malice
Permission to search for evidentiary material at a specified location and/or to seize items to return to the investigator's lab for examination is known as a(n) _________. a.search warrant b.affidavitc.forensic clued.subpoena
a.search warrant
Digital forensics can be used for two key purposes: ________ or _________. a.to investigate allegations of digital malfeasance; to perform root cause analysisb.e-discovery; to perform root cause analysisc.to solicit testimony; to perform root cause analysisd.to investigate allegations of digital malfeasance; to solicit testimony
a.to investigate allegations of digital malfeasance; to perform root cause analysis
Which of the following organizations put forth a code of ethics designed primarily for InfoSec professionals who have earned their certifications? The code includes the canon: Provide diligent and competent service to principals. a.SANSb.(ISC)2c.ACMd.ISACA
b.(ISC)2
Which act requires organizations that retain health care information to use InfoSec mechanisms to protect this information, as well as policies and procedures to maintain them? a.ECPAb.HIPAAc.Sarbanes-Oxleyd.Gramm-Leach-Bliley
b.HIPAA
Sworn testimony that certain facts are in the possession of the investigating officer and that they warrant the examination of specific items located at a specific place is known as a(n) _________. a.forensic findingb.affidavitc.search warrant d.subpoena
b.affidavit
The penalties for offenses related to the National Information Infrastructure Protection Act of 1996 depend on whether the offense is judged to have been committed for several reasons. Which of the following is NOT one of those reasons? a.In furtherance of a criminal actb.For purposes of commercial advantagec.For political advantaged.For private financial gain
c.For political advantage
Which law extends protection to intellectual property, which includes words published in electronic formats? a.Security and Freedom through Encryption Actb.Freedom of Information Actc.U.S. Copyright Lawd.Sarbanes-Oxley Act
c.U.S. Copyright Law
The most complex part of an investigation is usually __________. a.preventing the destruction of potential EMb.protecting potential EMc.analysis for potential EMd.requesting potential EM
c.analysis for potential EM
Which ethical standard is based on the notion that life in community yields a positive outcome for the individual, requiring each individual to contribute to that community? a.virtueb.fairness or justicec.utilitariand.common good
common good
Which of the following is the result of a U.S. led international effort to reduce the impact of copyright, trademark, and privacy infringement, especially via the removal of technological copyright protection measures? a.U.S. Copyright Lawb.PCI DSSc.European Council Cybercrime Conventiond.DMCA
d.DMCA
Which of the following is NOT a requirement for laws and policies to deter illegal or unethical activity? a.fear of penaltyb.probability of being penalizedc.probability of being caughtd.fear of humiliation
d.fear of humiliation
The coherent application of methodical investigatory techniques to collect, preserve, and present evidence of crimes in a court or court-like setting is known as _________. a.crime scene investigationb.data imagingc.evidentiary materiald.forensics
d.forensics
Any court can impose its authority over an individual or organization if it can establish which of the following? a.jurisprudenceb.liabilityc.sovereigntyd.jurisdiction
d.jurisdiction
Which of the following is the best method for preventing an illegal or unethical activity? Examples include laws, policies, and technical controls. a.deterrenceb.rehabilitationc.persecutiond.remediation
deterrence
Which of the following is NOT used to categorize some types of law? a.internationalb.regulatoryc.constitutionald.statutory
international
Which subset of civil law regulates the relationships among individuals and among individuals and organizations? a.criminalb.privatec.publicd.tort
private
Which of the following is compensation for a wrong committed by an individual or organization ? a.due diligenceb.liabilityc.jurisdictiond.restitution
restitution
