Chapter 12

Question 1

What is Identity Theft?

Answer 1

Vital info such as a person’s name, address, date of birth, social insurance number, and mothers maiden name are required to complete impersonation.

Question 2

With identity theft, what can the theifs access?

Answer 2

• Finanacial accounts
• Open new bank accounts
• transfer bank balances
• Apply for loans, credit cards, and other services

Question 3

What is PIPEDA?

Answer 3

Perosonal Information Protection & Electronic Documents Act.

Question 4

What is PIPEDA in place to do?

Answer 4

• To balance an inividuals right to the privacy of his or her personal information.
• Governs how data are collected and used.

Question 5

PIPEDA says that organizations can’t use personal info of their customers for anything other than what is agreed upon.

Question 6

PIPEDA does not facilitate individuals suing organizations.

Question 7

What are the 3 types of security threats organizations face?

Answer 7

1. Human Errors and Mistakes
2. Malicious Human Activity
3. Natural Events and Disasters

Question 8

Explain what types of problems cause Human Errors and Mistakes.

Answer 8

• Poorly written programs
• Poorly designed procedures
• Physical accidents
• Accidental problems

Question 9

What are some examples of Malicious Human Activity?

Answer 9

• Intentional destruction of data
• ​Destroying System components
• Hackers
• Virus & worm writers

Question 10

What are examples of Natural events and disasters?

Answer 10

• Fires, floods, hurricanes, eathquakes.
• Initial losses of capability and service

Question 11

What are the 5 Types of Security problems?

Answer 11

1. Unauthorized data disclosure
2. Incorrect data modification
3. Faulty service
4. Denial of service
5. Loss of infrastrucutre

Question 12

What are the 3 categories of security safeguards?

Answer 12

• Technical safeguards
• Data Safeguards
• Human Safeguards

Question 13

What are some examples of Technical Safeguards?

Answer 13

• Identification and authentication
• Encrytion
• Firewalls
• Malware Protection
• Design for secure applications

Question 14

What do data safeguards do?

Answer 14

Protect databases & other organizational data.

Question 15

What does data administration do?

Answer 15

• Develops data policies and enforces data standards.

Question 16

What are some examples of data safeguards?

Answer 16

• Encryption Keys
• Back-up copies
• Physical Security
• Third party contracts
  
  • Safeguards written into contracts which ives the right to inspect premises & interview personnel.

Question 17

Explain Human Safeguards.

Answer 17

• User access restriction requires authentication & account management.

Question 18

What are some examples of human safeguards for employees?

Answer 18

• User accounts with limited privileges
• Hiring and screening employees
• Employees are made aware of policies & procedures
• Create policies & procedures for employee termination.

Question 19

What are some examples of human safeguards for non-employee personnel?

Answer 19

• Contacts that include specific provisions and provide accounts with least privileges.
• Protect users from internal company security problems.