CA4

Question 1

State:

Purpose of Health and Safety at Work Act

Answer 1

Provide guidance to employers and employees when working with computer systems and define actions employers should take to protect employees

Question 2

Fill The Blank:

Almost everyone has a …………. under the Health and Safety Act at Work to work and act safely

Answer 2

Duty

Question 3

Fill The Blank:

Employees must take reasonable ……….. of their own and ……….. safety under the Health and Safety at Work Act.

Answer 3

Care, Others

Question 4

State:

What the Health and Safety at Work act makes illegal

Answer 4

Act recklessly or intentionally act in such a way to endanger yourself or others

Question 5

State:

What the DSE regulations requires business/schools/colleges to do (four things)

Display Screen Regulations

Answer 5

• Analyse Workstations and assess and reduce risks
• Plan work so that there are breaks or changes of activity
• Arrange and pay for eye tests and glasses (if needed)
• Provide health and safety information and training

Question 6

Fill The Blank:

Employers need to check that the computer equipment and ………. is ……… and any risks that are found have actions taken to fix them.

DSE - Analyse workstations and assess and reduce risks

Answer 6

Area, Safe

Question 7

State:

What do employers and employees working from home have to complete

DSE - Analyse workstations and assess and reduce risks

Answer 7

DSE workstation assessment

Question 8

State:

3 examples of correct and safe arrangment of a workstation (related to posture/equipment positioning etc.)

DSE - Analyse workstations and assess and reduce risks

Answer 8

3 of:
* Forearms are close to horizontal and hands in a straight line
* Space in front of keyboard, keyboard titlts, mouse in suitable position
* Chair is adjustable inlcuding the height and backrest
* Thighs are horizontal
* Five point chair base for stability
* Screen can be moved into position, at or slightly below eye level
* Screen is placed where there is no glare or reflection
* Clearance under the desk for legs to not touch desk
* Space under desk
* Feet flat on the floor, or on footrest

Question 9

State:

3 minimum requirements for employers to ensure workstations comply to

DSE - Analyse workstations and assess and reduce risks

Answer 9

• Adjustable chairs and suitable lighting
• Tilt and swivel monitors
• Ensuring that the workstation has sufficient space for keyboard, monitor and any paperwork

Question 10

Fill The Blank:

Employees should not be expected to work at a DSE ….. …….. and regular ……………. or change in activity should be provided by an employer

DSE - Analyse workstations and assess and reduce risks

Answer 10

All day, Breaks

Question 11

State:

3 examples of what staring at working with DSE (Dispaly Screen Equipment) can lead to over a long period of time

DSE - Arrange and pay for eye tests and glasses (if special ones are nee

Answer 11

3 of:
* Tired eyes
* Discomfort
* Temporary short-sightedness
* Headaches

Question 12

State:

2 examples of responsibilities that lie with an employee

DSE

Answer 12

2 of:
* Check screen is well positioned and properly adjusted
* Make sure lighting conditions are suitable
* Take regular breaks from screen work

Question 13

Fill The Blank:

Employees of a business who work with DSE can ask for an employer to pay for …… appointments and to ……………. them

DSE

Answer 13

Eye, Arrange

Question 14

Fill The Blank

Employers must provide …………. to make sure that employees know how to use ………………… correctly

DSE - Provide Health and Safety Training Information

Answer 14

Training, Equipment

Question 15

State:

3 things that every general working environment should have/be

General Working Environment

Answer 15

• Have appropriate facilities (toilets, washbasins, drinking water, place to rest/eat)
• Healthy working environment
• Be a safe workplace

Question 16

State:

3 examples of making a healthy working environment from HSE

General Working Environment

Answer 16

3 of:
* Good ventilation
* Reasonable working temperature
* Lighting suitable for the work being carried out
* Enough room space, suitable for the work being carried out
* Enough room space for suitable workspaces and seating
* Appropriate waste containers

Question 17

State:

2 examples of making a safe workplace from HSE

General Working Environment

Answer 17

2 of:
* Maintained buildings and work equipment
* Floors and traffic routes kept free of obstructions
* Windows that can be opened and cleaned safely
* Any glass or transparent doors or walls protected or made of safety material

Question 18

Define:

HSE

General Working Environment

Answer 18

Health and Safety Executive

Question 19

State:

2 examples of areas a health and safety policy must cover

General Working Environment

Answer 19

2 of:
* Statement of intent
* Responsibilities for health and safety
* Arrangements for health and safety

Question 20

Fill The Blank:

Any employee is responsible for reporting ……………….. as soon as possible to rectify the issue. If an issue is identified an employer may use a ……………. ……….. to tell other employees of the issue

Possible risks and prevention

Answer 20

Accidents, Warning sign

Question 21

State:

What DPA and GDPR aim to do

Answer 21

Control how personal data and information is used by organisations, businesses and the UK Government as well as empower individuals to take control over their personal data

Question 22

Explain:

What DPA means in comparison to GDPR

Answer 22

DPA is the UK’s implementation of the EU’s General Data Protection Regulation after the UK left the EU

Question 23

State:

4 purposes of the DPA 2018

The principles of the act

Answer 23

4 of:
* Used fairly, lawfully and transparently
* Used for specified, explicit purposes
* Used in a way that is adequate, relevant and limited to only what is necessary
* Accurate and, where necessary, kept up to date
* Kept for no longer than necessary
* Kept appropriately secure

Question 24

State:

4 purposes of the GDPR

The principles of the act

Answer 24

4 of:
* Lawfullness, fairness, trainsparency
* Purpose limitation
* Data minimisation
* Accuracy
* Storage limitation
* Integrity and confidentiality

Question 25

State:

3 examples of characteristics DPA provides legal protection of

The principles of the act

Answer 25

3 of:
* Race
* Ethnic background
* Political opinions
* Religious beliefs
* Trade union membership
* Genetics
* Biometrics
* Health
* Sex life or orientation

Question 26

Fill The Blank:

Under DPA a data subject (User) has ……… such as beign able to find out what ……….. is being held about them

Data subject rights

Answer 26

Rights, Data

Question 27

State:

4 rights a data subject (user) has under DPA

Answer 27

3 of:
* Be informed about how the data is being used
* Access personal data
* Have incorrect data updated
* Have data erased
* Stop or restrict the processing of the data
* Data portability
* Object to how the data is processed in certain circumstances
* Automated decision making processes
* Profiling

Question 28

Fill The Blank:

DPA and GDPR both require …………… for a marketing ……………… to be sent

Marketing Consent

Answer 28

Consent, Message

Question 29

Fill The Blank:

Consent must be ………… and …………. given, clear and specific.

Marketing Consent

Answer 29

Knowingly, Freely

Question 30

Fill The Blank:

Giving consent for marketing material must be …………. and therefore must be an …….-…. method and not in ……… and ………………. because these are hard to understand and rarely read

Marketing Consent

Answer 30

Clear, Opt-in, Terms and Conditions

Question 31

Fill The Blank:

It must be made easy to opt-out of marketing material such as ‘……………’ at the bottom of an email because consent can be ……………. at any time

Marketing Consent

Answer 31

Unsubscribe, Withdrawn

Question 32

Fill The Blank:

GDPR makes it clear that pre-………….. boxes are not valid ……………

Marketing Consent

Answer 32

Ticked, Consent

Question 33

Explain:

Higher Maximum penalty that can be issued by ICO

Enforcement

Answer 33

Failure to comply with core data protection principles or individuals rights as in DPA
£17.5m or 4% of total annual worldwide turnover in preceding financial year (whichever is higher)

Question 34

Explain:

Standard penalty that can be issued by ICO

Enforcement

Answer 34

All other infringements other than what is covered in Higher max. penalty (breaching core data protection principles)
£8.7m or 2% of totalannual worldwide turnover in preceding financial year (whichever is higher)

Question 35

Fill The Blank:

The original focus of the CMA was to …………………. the act of accessing or ……………….. data stored on a computer system without appropriate consent or ……………….

Answer 35

Criminalise, Modifying, Permission

Question 36

FIll The Blank:

Over time where the use of computers and ways to access ……../systems has increased there has been many ………………… to the CMA

Answer 36

Data, Amendments

Question 37

State:

Why it is good that the CMA does not provide a definition of ‘computers’

Answer 37

Because a definition could quickly become outdated because of constant evolution

Question 38

State:

3 original sections of the CMA

Answer 38

• Unauthorised access to computer material
• Unaurhtorised access to computer materials with intent to commit a further crime
• Unauthorised modification of data

Question 39

State:

What 2 sections were added to the CMA later in 2006 and 2015

Answer 39

• Making supplying and obtaining any articles for use in a malicious act using a computer
• Unauthorised acts causing or creating risk of serious damage

Question 40

Define:

Hacking

Examples of Offences

Answer 40

Finding weaknesses in an established system and exploiting them - a computer hacker finds weaknesses in a computer system

Question 41

State:

3 examples of motivation for hackers

Examples of Offences

Answer 41

• Profit
• Protest
• Challenge

Question 42

Define:

White hat hackers

Examples of Offences

Answer 42

Where hacker is given permission to hack into systems to identify any loopholes or vulnerabilities and tell the system owner. Because this is done with permission, it is legal.

Question 43

Define:

Grey hat hackers

Examples of Offences

Answer 43

Where the hacker hacks into computer systems for fun or to troll but does not have malicious intent towards the computer systems - if they find a weakness, they may offer to fix the vulnerability for a fee

Question 44

Define:

Black hat hackers

Examples of Offences

Answer 44

Where the hacker hacks into a computer system with malicious intent - stealing, exploiting stolen or seen data or selling the data

Question 45

Fill The Blank:

British …………… suffered a hacking attack between ………………… and ……………………. in 20…. which led to a data breach with …… million customers affected - limited to the people who booked flights between these dates. This worked by redirected users to a ……….. site to enter the card details which were stolen by the attacker

Examples of Offences

Answer 45

Airways, August, September, [20]18, Fake

Question 46

State:

The three categories which threats can be divided into

Threats

Answer 46

• DDoS
• Malware (including viruses)
• Social engineering

Question 47

Explain:

DDoS attack

Threats

Answer 47

Attempt to make a computer or network system unavailable to users by flooding it with network traffic. A DDoS is usually focused on preventing internet website or service from either functioning efficiently, or at all. This may temporarily or indefinitely.

Question 48

Explain:

Why adware is used and how it works

Threats - Malware

Answer 48

• Generates revenue for its author
• Any software package which automatically shows adverts, such as a pop-up, or may also be in the UI of a software package

Question 49

Explain:

Why bot/botnets are used and how they work

Threats - Malware

Answer 49

• Bots take control of a computer system
• Type of malware that allows a cyber-security attacker to take control of a computer system that has been infected without the user’s knowledge and can result in a botnet which is an interconnected network of infected computer systems

Question 50

Explain:

Why bugs are used and how they work

Threats - Malware

Answer 50

• Bugs areconnected to software and are the flaws that produce an unwanted outcome
• Usually result of human error during coding and can be fixed by the software creator issuing fixes or patches; security patches are the most severe and can result in attackers bypassing security

Question 51

Explain:

Why ransomware is used and how it works

Threats - Malware

Answer 51

• Holds a system captive and demands a ransom to release it
• Restrict user access to the system by encrypting files or locking down the computer system; message usaully displayed to force user to give ransom
• Can be spread by a worm and can be started by downloading an infected file or by a vulnerability in the computer system

Question 52

Explain:

Why rootkits are used and how it works

Threats - Malware

Answer 52

• Designed to remotely access or control a computer system without being detected by the security software or the users
• When a rootkit has been installed, it can enable an attacker to remotely access files, access/steal data and information, modify software configs, control the computer system as part of a botnet

Question 53

Explain:

Why spyware is used and how it works

Threats - Malware

Answer 53

• Collect data from an infected computer (inc. personal info from websites)
• Usually hidden from user, and can be difficult to detect, and could be keyloggers or install additional software or redirect web browsers to different websites

Question 54

Explain:

Why trojan horses are used and how they work

Threats - Malware

Answer 54

• Standalone malicious program designed to give full control of an infected PC to another (attacker) PC
• Often appear to be something which is wanted or needed by a user and can be hidden in valid programs and software; make copies of themselves, steal information or harm host computer

Question 55

Explain:

Why viruses are used and how they work

Threats - Malware

Answer 55

• Virus attempts to make a computer system unreliable
• Computer program that replicates iteself and spreads from computer to computer; increase chances of spreading to other computers by infecting files on a network file system or file system that is accessed by other computers

Question 56

Explain:

Why worms are used and how they work

Threats - Malware

Answer 56

• Standalone computer program that replicates itself so it can spread to other computers
• Worm can use a computer network to spread, unlike a computer virus it does not need to attach iself to an existing program - almost always cause some harm to a network

Question 57

Explain:

Briefly, how to mitigate adware

Threats - Malware

Answer 57

• Install, run and keep updaed a security software package
• Do not open an files from an unkown source
• Do not click any links in an email

Question 58

Explain:

Briefly, how to mitigate bot/botnet

Threats - Malware

Answer 58

• Install run and keep updated a security softwae package
• Do not open any files from an unkown source
• Do not click any links in an email

Question 59

Explain:

Briefly, how to mitigate bugs

Threats - Malware

Answer 59

Check for and install any patches that are released from software vendors

Question 60

Explain:

Briefly, how to mitigate ransomware

Threats - Malware

Answer 60

• Do not open any files from an unkown source
• Do not click any links in an email
• Install, run and update security software

Question 61

Explain:

Briefly, how to mitigate rootkit

Threats - Malware

Answer 61

• Rootkits are difficult to detect as they are not usually detected by security software
• Software updates, keeping security software up to date and not downloading suspicious files are the only ways of trying to avoid a rootkit from being installed

Question 62

Explain:

Briefly, how to mitigate spyware

Threats - Malware

Answer 62

• Do not open any files form an unkown source
• Do not click any links in an email
• Install, run and update security software

Question 63

Explain:

Briefly, how to mitigate trojan horses

Threats - Malware

Answer 63

• Do not open any files from an unkown source
• Do not click any links in an email
• Install, run and update security software

Question 64

Explain:

Briefly, how to mitigate viruses

Threats - Malware

Answer 64

• Do not open any files from an unkown source
• Do not click any links in an email
• Install, run and update security software

Question 65

Explain:

Briefly, how to mitigate worms

Threats - Malware

Answer 65

• Do not open any files from an unkown source
• Do not click any links in an email
• Install, run and update security software

Question 66

Explain:

Why baiting is used and how it works

Threats - Social Engineering

Answer 66

• Triesto trick the victims to give the cyber criminals the information they need
• Very similar to phishing; Criminal will make a promise of an item or goods to get the information they need

Question 67

Explain:

Why phishing is used and how it works

Threats - Social Engineering

Answer 67

• Tries to get users to input their security details (e.g: credit card numbers) or log-in details to a fake website
• Uses a fake website which looks identical to the real one; most common targets for phishing are banks, insurance websites etc.
• Attackers send out emals or text messages which pretend to be from a reputable company (eg: bank) and the link in the email takes you to a fakewebsite

Question 68

Explain:

Why pharming is used and how it works

Threats - Social Engineering

Answer 68

• Tries to redirect users from a genuine website to a fake one - without the knowledge of the user
• Very similar to phishing in that both use fraudulent websites; difference is that a phishing attack will use fake or hoax emails while pharming attacks very rarely use this type of tactic

Question 69

Explain:

Why pretexting is used and how it works

Threats - Social Engineering

Answer 69

• When a cyber criminal lies to get data or information
• Usually involves a scam where the criminal pretends to need the information to confirm the identity of the person they are talking to

Question 70

Explain:

Why quid pro quo is used and how it works

Threats - Social Engineering

Answer 70

• Tries to disable the anti-virus software so that software updates, usually malware, can be installed to gain access to a computer system
• Similar to baiting, but promise is that of a service rather than goods, common method of quid pro quo is a telephone call from a fake IT service provider who offer to fix problems that do not exist

Question 71

Explain:

Why scareware is used and how it works

Threats - Social Engineering

Answer 71

• Malicious computer program
• Designed to trick a user into buying and downloading unnecessary and potentially dangerous software, such as fake anti-virus protection

Question 72

Explain:

Why shoulder surfing is used and how it works

Answer 72

• Aims to steal data and information
• When a person’s private and confidential information is seen - likely by standing close to someone while they enter their pin at a cash machine particularly in busy environments

Question 73

Explain:

Why smishing is used and how it works

Threats - Social Engineering

Answer 73

Form of phishing and is fraudulent practice of sending text messages

Question 74

Explain:

Why tailgating/piggybacking is used and how it works

Threats - Social Engineering

Answer 74

• Used to try and gain access to a secure building or room
• Takes form of someone who does not have authority to enter a building or room, following someone who does through the doors - most common type is acting as a delivery driver

Question 75

Explain:

Why vishing is used and how it works

Threats - Social Engineering

Answer 75

• Making phone calls or leaving voice messages to try and trick the recipient
• Calls and messages pretend to be from reputable companies to try and trick people into revealing personal information, such as bank details and credit card numbers

Question 76

State:

What year the equality act became law in

Answer 76

2010

Question 77

State:

The aim of the equality act

Answer 77

The act provides a legal framework to protect the rights of individuals and advance equality of opportunity for all

Question 78

State:

what the act protects people from

Answer 78

Any form of discrimination in society and the workplace

Question 79

State:

3 things that the equality act protects people against

Answer 79

• Discrimination
• Harassment
• Victimisation

Question 80

State:

The 9 protected characteristics

Answer 80

• Age
• Disability
• Gender Reassignment
• Marriage and civil partnership
• Pregnancy and maternity
• Race
• Religion or belief
• Sex
• Sexual Orientation

Question 81

Define:

Direct Discrimination in the equality act

Answer 81

Treating one person worse than another person because of a protected characteristic

Question 82

Define:

Indirect Discrimination in the equality act

Answer 82

When an organisation/someone puts a rule or policy in place that which has a worse impact on someone with a protected characteristic than without one

Question 83

Define:

Harassment in the equality act

Answer 83

People cannot treat you in a way that violates your dignity, or creates a hostile, degrading, humiliating or offensive environment

Question 84

Define:

Victimisation

Answer 84

People cannot treat you unfairly if you are compliant of discrimination under the equality act or if you are supporting someone else who is doing so

Question 85

Fill The Blank:

There is some situations where it is acceptable to ………….. against certain people if they …………. certain characteristics for a job role for example

Answer 85

Discriminate, Require

Question 86

Fill The Blank:

An individual should take action if they feel they have been ……………….. against

When to take action against discrimination

Answer 86

Discriminated

Question 87

State:

2 examples of actions that can be taken when reporting discrimination

When to take action against discrimination

Answer 87

2 of:
* Complain to your employer either informally or using a formal grievance process
* Ask for help and support - from a trade union or equality organisation etc.
* Begin employment tribunal proceedings

Question 88

State:

2 examples of companies that can help if an action against discrimination is being considered

When to take action against discrimination

Answer 88

2 of:
* Professional bodies
* Trade Unions
* Citizens advice
* Dedicated equality advisory support services (EASS)

Question 89

State:

The aim of the Intellectual Propery Act 2014

Answer 89

Streamline, simplify and strengthen design protection and patents

Question 90

Fill The Blank:

The level of protection from an ………………… design is lower than of a ………………… design

Unregistered and registered designs

Answer 90

Unregistered, Registered

Question 91

Fill The Blank:

If a person commisions a design then the law states that unless otherwise stated in a contract the ………….. owns the design - individuals only and not employees as the company will own any designs done while at work

Unregistered and registered designs

Answer 91

Designer

Question 92

Fill The Blank:

The act cannot be retroactively applied to designs created ………….. the act

Unregistered and registered designs

Answer 92

Before

Question 93

FIll The Blank:

It is …………. to copy a UK or EU registered design if the design owner is not in …………….. and the offender does not ………. the design is registered

Unregistered and registered designs

Answer 93

Illegal, Agreement, Know

Question 94

Define:

Patent

Patents

Answer 94

Granted to give the owner of a design the legal right to stop others from making, using or selling it for a specified number of years

Question 95

Fill The Blank:

Patents can be applied to all areas of technology as long as they are …….., involve an …………… step and can be applied to ……………….

Patents

Answer 95

New, Inventive, Industry

Question 96

Fill The Blank:

Patents can be applied to most designs including ……………… processes and ……………….

Patents

Answer 96

Software, Hardware

Question 97

Fill The Blank:

Workplace monitoring enables an …………….. to track employee ……………. and then monitor employee ………………… with work-related tasks.

Answer 97

Employer, Activities, Engagement

Question 98

State:

3 things an employer can measure about an employee

Answer 98

3 of:
* Productivity
* Track attendance
* Ensure security
* Collect proof of hours worked

Question 99

State:

2 ways employees can be monitored using electronic communcations

Answer 99

2 of:
* Computer screens
* Email
* Internet and app use
* Phone use

Question 100

Explain:

Telecommunications Regulations 2000 - what power does it give to employers

Answer 100

Allows employers to monitor employees without the employees having to give their consent first

Question 101

Fill The Blank:

Employers must clearly explain the amount of …………….. in the staff handbook or ……………. and possibly the AUP

Answer 101

Monitoring, Contract

Question 102

State:

3 details that must be explained to an employee about how they are being monitored/what they can do

Answer 102

• If/how they are being monitored
• If personal emails and calls are not allowed
• The acceptable number of personal of personal emails and phone calls

Question 103

State:

3 reasons that an employer may want to monitor electronic communications

Answer 103

3 of:
* identify criminal activity
* Check that employees are working to necessary standards
* Check that employees are following the correct procedures
* Investigate allegations of misconduct
* See if there has been any mishandling of confidential information
* See that employees are not abusing work systems

Question 104

Fill The Blank:

An employer may want to monitor what ……………….. employees access during work hours, which can be done using ………………. monitors.

Answer 104

Websites, Internet

Question 105

Fill The Blank:

Employers may ……… certain websites that are innapropriate or not for work, with exceptions when employees need these sites, such as ………… media, to carry out their job role - some websites like these may also instead be ………. limited

Answer 105

Block, Social, Time

Question 106

Fill The Blank:

…………… ……. can be ……………… - when a business number is called it is common to hear an automated message stating that the call may be recorded for training or monitoring purposes

Answer 106

Phone Calls, Monitored

Question 107

Fill The Blank:

Recording phone calls can cause a moral ……………… if employees are allowed to make ……………….. calls because these will also be recorded

Answer 107

Dilemna, Personal

Question 108

Fill The Blank:

Recording phone calls can be beneficial for understanding why an employee is receiving positive or negative feedback because you can listen back and then also ……….. new employees from these recordings

Answer 108

Train

Question 109

Explain:

If a business is only concerned about them misuse of phones, what can they do instead of recording calls themselves

Answer 109

Recording the numbers dialled and how much time is spent on calls

Question 110

State:

2 advantages to a business of using monitoring and monitoring software in the workplace

Answer 110

2 of:
* Employees can work flexible hours as monitoring can ensure all employees complete required tasks
* Most productive employees can be identified and rewarded
* Delivery drivers can be tracked to ensure safety of them and the vehicle and its contents

Question 111

State:

2 disadvantages to a business of using monitoring and monitoring software in the workplace

Answer 111

2 of:
* Employees can feel that they are not trusted and that the monitoring is an invasion of privacy
* Employee mroale may reduce due to continual monitoring and lack of trust
* Employee stress levels may increase which could lead to an increase in number of employees off sick

Question 112

Fill The Blank:

Although rarely legal in the UK, an employer may use …………… monitoring to (monitoring employees without telling them) using devices such as hidden ……………….. or …………… devices - Data protection laws make it legally rare unless when there is high suspicion of …………. activity

Answer 112

Secret, Cameras, Audio, Illegal

Question 113

Fill The Blank:

Employers’s monitoring …………….. will include details about the workplace monitoring that is carried out in the …………… of employment or the AUP - including the monitoring details in these documents it can be gauranteed that employees have full and working knowledge of the policy

Answer 113

Policies, Contracts

Question 114

Explain:

Key logging

Monitoring Systems

Answer 114

Software that runs in the background of a digital system and reocrds every key press and may also record every mouseclick - can record most information including screenshots and programs or apps open at any time, record live chats

Question 115

State:

4 monitoring systems that are used in the workplace

Monitoring Systems

Answer 115

• Key logging
• Video/audio surveillance
• Global Positioning System (GPS) vehicle tracking
• Location tracking by access badge

Question 116

Fill The Blank:

Video and audio surveillance is usually done with …………. but should not be installed in areas where people expect …………..

Monitoring Systems

Answer 116

CCTV, Privacy

Question 117

State:

3 requirements of signs for showing the use of CCTV

Monitoring Systems

Answer 117

• Clear, visible and readable
• Show details of the purpose of the CCTV surveillance and who to contact
• Include contact details (eg: web address, email etc.)

Question 118

Fill The Blank:

If using CCTV, an employer must provide a copy of any footage if a ……………. access ………………. (SAR) is made and legislation means CCTV cannot record …………… unless in specific circumstances

Monitoring Systems

Answer 118

Subject Access Request (SAR), Audio

Question 119

Fill The Blank:

A …….. tracking system allows an employer to see the exact location of any vehicles and the employee driving them and relies on transparency so that employees are aware of this and can be used for …………… of employees but is disadvantaged by a reliance on good line of ………… for the GPS to be reliable (like being in a tunnel or in trees)

Monitoring Systems

Answer 119

GPS, Monitoring, Sight

Question 120

Explain:

Briefly, how GPS works

Monitoring Systems

Answer 120

• Uses network of satellites that continually transmit time and location messages
• Device will use signals of four satellites to calculate its location
• Accuracy within 5m with just satellite data - can be improved with other sources such as mobile phone signal (1m acc.)

Question 121

Fill The Blank:

Employees often have access …………….. that contain personal identification and allow them in and out of the workplace. Employees can be tracked wherever they are in the workplace based off of their access badge use but can be beneficial in an emergency such as a ………

Answer 121

Badges, Fire

Question 122

Explain:

How access badges can be misused and what this means for an employer

Answer 122

• Left at home, broken or lost requiring replacement
• if lost there could be a security breach if it is found and used to carry out criminal activity
• Badges cost the company money if they are lost/damaged or former employees do not return them

Question 123

Fill The Blank:

Companies are starting to replace dedicated access badges with ……………….-based access apps. These provide the same access, but are more …………… - and provide better ………………… tracking services

Answer 123

Smartphone, Robust, Location

Question 124

Fill The Blanks:

Co-operation across country ……………… must be maintained and there are many pieces of …………………… that cross country borders such as how some amendment of ….. laws have been made to bring them to UK legislation

Answer 124

Boundaries, Legislation, EU

Question 125

Fill The Blank:

Design and development of digital systems is covered by the ………………… provided by organisations such as ……….. and …….. (and others) and these need to be considered at the ………… stage, even when they relate specifically to the use of digital systems

Answer 125

Organisations, WCAG/W3C/ISO/IETF, WCAG/W3C/ISO/IETF, Design

Question 126

State:

3 examples of international legislation relating to the use of digital systems

Answer 126

• European Convention on Human Rights (ECHR) - Article 8
• Electronic Communicatiosn Privacy Act (ECPA)
• Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM)

Question 127

Fill The Blank:

When designing digital systems it is very important to consider the specific ……….. legislation of the country or area in which a product will be used - because they tend to differ

Answer 127

Local

Question 128

Explain:

what ‘ECHR’ (Article 8) is

Answer 128

• Protects a person’s rights to respect for their correspondence, family life, home and private life
• Correspondence can be: emails, letters, phone calls
• Means a digital system cannot be used to ‘snoop’ on anyone

Question 129

Fill The Blank:

There are …………………. to ECHR (Article …) if there is a threat to national security or serious criminal activity suspected

Answer 129

Exceptions, 8

Question 130

Fill The Blank:

Although the internet is largely ……………… (a founding principle), its increased use has led to increased use of criminal activity which crosses country borders. Carrying out ………………….. can be seen as contravening the EHCR so: who decides what is an acceptable reason to carry out covert …………………..?

Answer 130

Unpoliced, Surveillance, Surveillance

Question 131

Explain:

ECPA and how it could affect a UK company

Answer 131

• Electronic Communications Privacy Act
• US legislaton which protects phone and electronic communications while those communications are being made, are in transit, and when they are stored on computers
• Exceptions like in ECHR if there is a threat to national security or criminal activity
• Not relevant in the UK but could affect a UK company if they have a US Presence - it is relevant to the international office

Question 132

Explain:

CAN-SPAM

Answer 132

• Controlling the Assault of Non-Solicited Pornography and Marketing
• Bans incorrect, deceptive or misleading subject information and lines
• Requires that unsolicited commerical email is identified as an advertising email - like DPA and GDPR requires an opt-out option
• Not relevant in the UK but could affect a UK company if they have a US Presence - it is relevant to the international office

Question 133

Fill The Blank:

CAN-SPAM directs the Federal Trade Commission (FTC) to issue rules about subject lines of emails containing ……………. explict contents

Answer 133

Sexually

Question 134

State:

3 main professional bodies that are connected to digital professionals in the digital industry

Answer 134

• British Computer Society (BCS)
• Institute of Analysts and Programmers (IAP)
• Assocation for Computer Machinery (ACM)

Question 135

Fill The Blank:

Professional bodies in digital have all made a ………….. of …………… for their members.

Answer 135

Code of Conduct

Question 136

State:

Purpose and role of a code of conduct

Answer 136

Role: Provide a set of guidelines which members abide by
Purpose: Uphold the philosophy of the professional body

Question 137

Fill The Blank:

Each of the professional bodies are ………………….. to different job ……… within the digital industry, but you can belong to more than one professional ………..

Answer 137

Relevant, Roles, Body

Question 138

State:

Who the British Computer Society represents

Answer 138

People working in IT and computer science

Question 139

State:

Who the Institute of Analysts and Programmers represents

Answer 139

Analysts and programmers

Question 140

Fill The Blank:

The Association of Computer Machinery represents a broad ………… of professionals

Answer 140

Range

Question 141

State:

3 things, other than communities, that these professional bodies do

Answer 141

• Training and qualifications to update member’s skills
• Updates in the advances in the digital industries
• Range of resources that can be used by members to enhance their own knowledge

Question 142

Define:

Code of Conduct

Answer 142

A document which defines rules, values, ethical principles and vision

Question 143

Fill The Blank:

All professional bodies include a statement that their members must act in the ……….. interest

Answer 143

Public

Question 144

Define:

Code of Practice

Answer 144

A code of conduct and standards of practice - practice standards, employers’ policies and procedures that must be met by employees

Question 145

Fill The Blank:

A code of conduct is a set of ……………………. that sets out actons members are advised to follow. A code of practice makes these guidelines ………………. and will usually cover ………………… too

Difference between a code of coduct and a code of product

Answer 145

Guidelines, Mandatory/Required, Legislation

Question 146

State:

3 examples of areas covered by a code of practice

Answer 146

3 of:
* Professional Responsibilities; eg: quality of work, meeting deadlines, communication
* Contribution to society; how actions have an impact on society
* Safety; dependent on sector and job role
* Security and Privacy; eg: wehre data is stored, processes used to maintain security
* Innovation

Question 147

Fill The Blank:

AN AUP is an ……………… between employers and employees which sets down rules that a user must ………… to for access to a network, email facilities or the internet. An AUP may also set down guidelines as to how a ……………. should be used.

Answer 147

Agreement, Agree, System

Question 148

Fill The Blanks:

An AUP may be created to set down points that ……………., …………………., employees and employers can adhere to and the AUP can be used where the rules included in the AUP have been breached where these breaches may lead to …………….. action

Answer 148

Staff, Students, Disciplinary

Question 149

State:

2 areas that may be covered in an AUP

Answer 149

• What monitoring may be carried out by the employer in the workplace
• Activities that are not allowed (eg: use of personal email)
• Non-acceptable use (eg: the internet, email)
• Procedures for the use of systems and removable storage devices
• Taking and using business digital devices off-site

Question 150

Fill The Blank:

An AUP must be tailored to the …………. and ……………………. of the business which is creating it. ……………………… may be used but should be adapted to meet the business’ needs.

Answer 150

Needs, Requirements, Templates