Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

xx. Udemy - CISM Domain 1 - Information Security Governance > 17. US Law, EU Law, International Treaties > Flashcards

17. US Law, EU Law, International Treaties Flashcards

1
Q

US Law, EU Law, International Treaties

PII

A

Personally Identifiable Information

  • your right for this data to be kept securely
  • US privacy - patchwork of laws, no real protection
  • EU law - very pro privacy
  • Data used to uniquely (in case of a single person);
    1. Identify
    2. Contact
    3. Locate
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

US Law, EU Law, International Treaties

HIPAA

US

A

Health Insurance Portability and Accountability Act

  • Strict privacy and security rules for handling PHI
  • PHI = Protected Health Information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

US Law, EU Law, International Treaties

Security Breach Notifications Laws

US

A

Not Federal Law

  • 50 states have individual laws
  • Encryption clause - if company lost PII records but data was encrypted, and assume strong enough to not break, company may not have to notify anyone
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

US Law, EU Law, International Treaties

ECPA

US

A

Electronic Communications Privacy Act

  • Protection against warrantless wiretapping
  • Weakened by Patriot act 2001
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

US Law, EU Law, International Treaties

PATRIOT Act 2001

US

A

Expands law enforcement electronic monitoring capabilities

  • Allows search and seizure without immediate disclosure
  • Allows ISPs to hand over private information voluntarily
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

US Law, EU Law, International Treaties

CFAA

US

A

Computer Fraud Abuse Act
Title 18 Section 1030

  • most commonly used law to prosecute computer crimes
  • 2008 - Identity Theft Enforcement and Restitution Act amendment was added
  • If individual or company is known to have violated 2008 amendment, can resul tin criminal penalties
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

US Law, EU Law, International Treaties

Gramm-Leach-Biley Act

US

GLBA

A

Financial Institutions

  • Driven by federal financial institutions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

US Law, EU Law, International Treaties

Sarbanes-Oxley Act of 2002

US

SOX

A

Accounting Scandals

  • mandatory standards for accounting
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

US Law, EU Law, International Treaties

PCI-DSS

US

A

Payment Card Industry Data Security Standard

  • Technically not a law. Created by payment card industry
  • Requires merchants to meet minimum set of security requirements
  • Mandates security policy, devices, control techniques and monitoring
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

US Law, EU Law, International Treaties

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

xx. Udemy - CISM Domain 1 - Information Security Governance (34 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions