Domain 1 - Chapter 4 - Laws, Regulations, and Compliance Flashcards
What is administrative law?
Used by government agencies to effectively carry out their day-to-day to do business.
Published in the Code of Federal Regulations (CFR).
What is criminal law?
Criminal law protects society against the basic principles we believe in (murder, rape, theft, arson..)
Preserve peace and keep society safe.
What is civil law?
Provides the framework for the transaction of business between people and organizations.
Usually no law enforcement involvement.
What is the CFAA?
Computer Fraud and Abuse Act
First major piece of cybercrime-specific legislation in the U.S.
Protects computers used by the government or in interstate commerce from a variety of abuses.
What is the ECPA?
Electronic Communications Privacy Act
Makes it a crime to invade the electronic privacy of an individual
When were Federal Sentencing Guidelines released?
1991
Provided punishment guidelines to help federal judges interpret computer crime laws.
What is FISMA?
Federal Information Security Management Act.
Requires federal agencies implement an information security program.
What is the Federal Information Systems Modernization Act
Centralized cybersecurity responsibility to the Department of Homeland Security.
NIST SP 800-53
Security and Privacy Controls for Federal Information Systems
NIST SP 800-171
Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations
NIST Cybersecurity Framework (CSF)
Voluntary risk-based framework
What is the DMCA?
Digital Millennium Copyright Act (DMCA)
Prohibits the circumvention of copy protection mechanism placed in digital media and limits the liability of internet service providers for activities of their users.
How long is copyright protected for?
by one or more authors - until 70 years after the death of the last surviving author
works for hire and anonymous works - 95 year from the date of the first publication
What is the Economic Espionage Act of 1996?
Provides penalties for individuals found guilty of the theft of trade secrets. Harsher penalties for benefiting a foreign government.
What is a contractual license?
Written agreements between a software vendor and a user.
What is shrink-wrap agreement?
License agreements are written on the outside of software packaging
What is a click-through agreenment?
Browser wrap agreements
Gramm-Leach-Bliley Act (GLBA)
A law passed in 1999 that eased the strict governmental barriers between financial institutions. Banks, insurance companies, and credit providers were severely limited in the services they could provide and the information they could share with each other. GLBA somewhat relaxed the regulations concerning the services each organization could provide.
USA PATRIOT ACT
Uniting and Strengthening America by Providing Appropriate Tools Require to Intercept and Obstruct Terrorism Act of 2001
Greatly broadened the powers of law enforcement organizations and intelligence agencies across a number of areas, including the monitoring electronic communications.
Identity Theft and Assumption Deterrence Act
Made identity theft a crime
What is GDPR?
General Data Protection Regulation
EU’s comprehensive privacy laws
What is the PIPEDA?
Personal Information Protection and Electronic Documents Act
Canada’s privacy law
What federal agency deals with export of encryption software?
BIS -Bureau of Industry and Security -Department of Commerce
What is CALEA?
Communications Assistance for Law Enforcement Act
Requires communication carriers assist law enforcement with the implementation of wiretaps when done under appropriate court order.
