CISSP (Domain 9 - Legal, Regulations, Compliance, and Investigations) Flashcards
Civil Law (Tort)
No law broken, mostly monetary. Results in damage, loss, injury, or death.
Criminal Law
Crimes committed against society. Burden of proof is “Beyond a reasonable doubt”
Compensatory Damage - Civil Law
Paid for the actual damages which was suffered by a victim.
Punitive Damages - Civil Law
Punishment for the offender
Statutory Damages - Civil Law
Amount stipulated within the law rather than calculated based on the degree of harm to the plaintiff
Administrative (Regulatory) Law
- Defines standards of performance and regulates conduct for specific industries (Banking, HIPAA)
- Burden of proof is “More likely than not”
- Penalties consist of financial or imprisonment
Intellectual Property Law
Protects products of the mind
Trade Secrets - IP Protection
- Resource must provide competitive value
- Must be reasonably protected from unauthorized use or disclosure
- Proprietary to a company and import for survival
- Must be genuine and not obvious
Copyright - IP Protection
- Last lifetime of the author plus 70 years
- Pieces of work
Trademark - IP Protection
- Protect word, name, symbol used to identify a product to be distinguished from others
- My company look at feel
Patent - IP Protection
- Protection for those who have legal ownership of an invention
- Exclusive control for 20 years
4 International Boarder Issues for Data
- Each country treats computer crimes differently
- Evidence rules differ between legal systems
- Governments may not assist each other in international cases
- Jurisdiction issues
Trans-boarder Information Flow (4 Things)
- Movement and storage of data by automatic means across national/federal boundaries
- Many European countries have strong reactions on flow of personal and financial data
- Know laws before transmitting data through different areas
- Route data through other routes, if necessary
ISC^2 Code of Ethics (4 Things)
P/A/P/A
- Protect society, the commonwealth, and the infrastructure (nobody hurt)
- Act honorably, honestly, justly, responsibly, and legally (do the right thing)
- Provide diligent and competent service to principals
- Advance and protect the profession
Behavior to Encourage - ISC^2 Code of Ethics
- Research
- Teaching
- Identifying, mentoring, and sponsoring candidates for the profession
- Valuing the certificate