Information Security

Question 1

Nonrepudiation

Answer 1

Nonrepudiation means to ensure that I transferred message has been sent and received by the parties claiming to have send and receive the message.

Question 2

Information security

Answer 2

Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction

Question 3

GLBA

Answer 3

Gramm-Leach-Bliley Act

All financial institutions are required to provide consumers with a notice and opt-out opportunity before they may disclose information to nonaffiliated third parties outside of what is permitted under the exceptions.

Question 4

CFPB

Answer 4

The Consumer Financial Protection Bureau, which has rulemaking authority for the privacy provisions of the Gramm-Leach-Bliley act, finalized a rule that allows financial institutions that limit their consumer data sharing to post their annual privacy notices online rather than delivering them individually if certain requirements are met.

Question 5

Pretexting

Answer 5

Individuals and companies that obtain their personal financial information under false pretenses.

Question 6

FACTA

Answer 6

Fair and accurate credit transactions act of 2003

Question 7

FCRA

Answer 7

The fair credit reporting act was in acted to promote accuracy, fairness, and the privacy of personal information assembled by credit reporting.

Question 8

CRAs

Answer 8

Credit reporting agencies - assemble reports on individuals for businesses, including credit card companies, financial institutions, employers, landlords, and others. The FCRA provides important protections for credit reports, consumer investigatory reports, and employment background checks.

Question 9

What is one improvement of the fair and accurate credit transactions act of 2003? (FACTA)

Answer 9

The act preempts some state privacy protections, but includes a number of improvements to credit reporting law, including free credit reports annually.

Question 10

FACTA (The fair and accurate credit transactions act) incorporates several provisions that require financial institutions, creditors, and other businesses that rely on consumer reports to detect and resolve fraud by identity theft. Name one way…

Answer 10

Each organization that is subject to the regulation must identify relevant patterns, practices, and specific forms of activity that are red flags signaling possible identity theft, and incorporate as red flags into their fraud detection and prevention program.

Question 11

ITPP

Answer 11

The identity theft prevention program requires each financial institution and creditor that holds any consumer account, or other account for which there is a reasonably foreseeable risk of identity theft, to develop and implement an identity theft prevention program (ITPP) for combating identity theft in connection with new and existing accounts.

Question 12

FTC

Answer 12

The federal trade commission is an independent agency of the US government with a principal mission of promoting consumer protection and the elimination and prevention of anti-competitive business practices.

The FTC act prohibits “unfair or deceptive acts or practices in or affecting commerce”.

Question 13

What does the FTC act consider an act or practice as unfair?

Answer 13

An act or practice is unfair where it:

Causes or is likely to cause substantial injury to consumers,

Cannot be reasonably avoided by consumers, and

Is not outweighed by countervailing benefit to consumers or to competition.

Question 14

According to the FTC act, when is a representation, omission or practice, considered to be deceptive?

Answer 14

A representation, omission, or practice is deceptive if:

It is likely to mislead consumers acting reasonably under the circumstances; and

It is material – likely to affect consumers’ conduct or decisions with respect to the product at issue.

Question 15

RFPA

Answer 15

The right to financial privacy act protects the confidentiality of personal financial records by creating a statutory fourth amendment protection for financial institution records.

Question 16

The RFPA states that “no government authority may have access to or obtain copies of, or the information contained in the financial records of any customer from a financial institution unless the financial records are reasonably described” and (what else?)

Answer 16

One. The customer authorized access;

Two. There is an appropriate administrative subpoena or summons;

Three. There is a qualified search warrant;

Four. There is an appropriate judicial subpoena; or

Five. There is an appropriate written request from an authorized government authority.

Question 17

COPPA

Answer 17

The children’s online privacy protection act, effective April 21, 2000, applies to the Online collection of personal information from children under 13.

Question 18

CAN-SPAM Act

Answer 18

Congress and acted the CAN-SPAM Act to protect the public from unwanted marketing email. The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to opt out of future emails, and spells out tough penalties for violations.

Question 19

TCPA

Answer 19

Congress first passed the telephone consumer protection act in 1991 in response to consumer concerns about the growing number of unsolicited telephone marketing calls to their homes and the increasing use of automated and pre-recorded messages.

Question 20

FCC

Answer 20

In response to the TCPA, the Federal Communications Commission adopted rules that require anyone making a telephone solicitation call to your home to provide his or her name, the name of the person or entity on whose behalf the call is being made, and a telephone number or address at which that person or entity can be contacted.

Question 21

Who established the national do-not-call list?

Answer 21

In June 2003, the FCC supplemented its original rules implementing the TCPA and established, together with the federal trade commission (FTC), the national do-not-call list.

Question 22

PCAOB

Answer 22

The Sarbane’s – Oxley act created the “public company accounting oversight board,” also known as the PCAOB, to oversee the activities of the auditing profession.

Question 23

The Sarbanes-Oxley act of 2002 (also known as SOX) was created for what reason? And by who?

Answer 23

On July 30, 2002, President Bush signed into law the Sarbanes-Oxley act of 2002. The act mandated a number of reforms to enhance corporate responsibility, and enhance financial disclosures and combat corporate and accounting fraud, and created the public accounting oversight board also known as the PCAOB, to oversee the activities of the auditing profession.

Question 24

FFIEC

Answer 24

The Federal Financial Institutions Examination Council

Question 25

What is the FFIEC (Federal Financial Institutions Examination Council)?

Answer 25

It is a formal interagency body empowered to prescribe uniform principles, standards, and report forms for the federal examination of financial institutions by the board of governors of the Federal Reserve system (FRB), the FDIC, national credit union administration (NCUA), the office of the Comptroller of the currency (OCC), and the consumer financial protection bureau (CFPB), and to make recommendations to promote uniformity in the supervision of financial institutions.