Chapter 4– Laws, Regulations, and Compliance Flashcards
- Which criminal law was the first to implement penalties for the creators of viruses, worms, and other types of malicious code that cause harm to computer systems?
Computer Fraud and Abuse Act
Computer Fraud and Abuse Act
The Computer Fraud and Abuse Act, as amended, provides criminal and civil penalties for those individuals convicted of using viruses, worms, Trojan horses, and other types of malicious code to cause damage to computer system(s).
- Which law governs information security operations at federal agencies?
The Federal Information Security Management Act (FISMA)
The Federal Information Security Management Act (FISMA)
- What type of law does not require an act of Congress to implement at the federal level but rather is enacted by the executive branch in the form of regulations, policies, and procedures?
Administrative law
Administrative law
Administrative laws do not require an act of the legislative branch to implement at the federal level. Administrative laws consist of the policies, procedures, and regulations promulgated by agencies of the executive branch of government. Although they do not require an act of Congress, these laws are subject to judicial review and must comply with criminal and civil laws enacted by the legislative branch.
- Which federal government agency has responsibility for ensuring the security of government computer systems that are not used to process sensitive and/or classified information?
National Institute of Standards and Technology
National Institute of Standards and Technology
The National Institute of Standards and Technology (NIST) is charged with the security management of all federal government computer systems that are not used to process sensitive national security information. The National Security Agency (part of the Department of Defense) is responsible for managing those systems that do process classified and/or sensitive information.
- Which would an administrator do to classified media before reusing it in a less secure environment?
Systems used in interstate commerce
Systems used in interstate commerce
- What law protects the right of citizens to privacy by placing restrictions on the authority granted to government agencies to search private residences and facilities?
Fourth Amendment
Fourth Amendment
The Fourth Amendment to the U.S. Constitution sets the “probable cause” standard that law enforcement officers must follow when conducting searches and/or seizures of private property. It also states that those officers must obtain a warrant before gaining involuntary access to such property.
- Matthew recently authorized an innovative algorithm for solving a mathematical problem, and he wants to share it with the world. However, prior to publishing the software code in a technical journal, he wants to obtain some sort of intellectual property protection. Which type of protection is best suited to his needs?
Copyright
Copyright
Copyright law is the only type of intellectual property protection available to Matthew. It covers only the specific software code that Matthew used. It does not cover the process or ideas behind the software. Trademark protection is not appropriate for this type of situation. Patent protection does not apply to mathematical algorithms. Matthew can’t seek trade secret protection because he plans to publish the algorithm in a public technical journal.
- Mary is the cofounder of Acme Widgets, a manufacturing firm. Together with her partner, Joe, she has developed a special oil that will dramatically improve the widget manufacturing process. To keep the formula secret, Mary and Joe plan to make large quantities of the oil by themselves in the plant after the other workers have left. They want to protect this formula for as long as possible. What type of intellectual property protection best suits their needs?
Trade secret
Trade secret
Mary and Joe should treat their oil formula as a trade secret. As long as they do not publicly disclose the formula, they can keep it a company secret indefinitely.
- Richard recently developed a great name for a new product that he plans to begin using immediately. He spoke with his attorney and filed the appropriate application to protect his product name but has not yet received a response from the government regarding his application. He wants to begin using the name immediately. What symbol should be use next to the name to indicate its protected status?
™
™
Richard’s product name should be protected under trademark law. Until his registration is granted, he can use the ™ symbol next to it to inform others that it is protected under trademark law. Once his application is approved, the name becomes a registered trademark and Richard can begin using the ® symbol.
- What law prevents government agencies from disclosing personal information that an individual supplies to the government under protected circumstances?
Privacy Act
Privacy Act
The Privacy Act of 1974 limits the ways government agencies may use information that private citizens disclose to them under certain circumstances.
- What framework allows U.S. companies to certify compliance with EU privacy laws?
Privacy Shield
Privacy Shield
- The Children’s Online Privacy Protection Act (COPPA) was designed to protect the privacy of children using the internet. What is the minimum age a child must be before companies can collect personal identifying information from them without parental consent?
13
13
- Which one of the following data roles is not a requirement that Internet service providers must satisfy in order to gain protection under the “transitory activities” clause of the Digital Millennium Copyright Act?
The service provider and the originator of the message must be located in different states.
The Digital Millennium Copyright Act does not include any geographical location requirements for protection under the “transitory activities” exemption. The other options are three of the five mandatory requirements. The other two requirements are that the service provider must not determine the recipients of the material and the material must be transmitted with no modification to its content.
- Which of the following laws is not designed to protect the privacy rights of consumers and internet users?
USA PATRIOT Act
USA PATRIOT Act
- Which one of the following types of licensing agreements does not require that the user acknowledge that they have read the agreement prior to executing it?
Shrink-wrap agreement
Shrink-wrap agreement