Legal

Question 1

Common Law

Answer 1

Common Law- used in US, Canada, UK. Uses preceding cases and judicial precedence as determinants of law. Judicial interpretations can change as society changes.

Question 2

Civil Law

Answer 2

Civil Law- most common; judicial precedents and case rulings do not carry as much weight as in Common Law.

Question 3

Religious Law

Answer 3

Religious Law- based on religious doctrine. Islam (aka Sharia) uses Qur’an and Hadith for it foundation

Question 4

Customary Law

Answer 4

Customary Law- commonly accepted customs and practices are treated as law eg best practices

Question 5

US Common Law categories

Answer 5

US Common Law categories:
• Criminal – Crimes committed against society. Penalties include Jail time.
Proof must be: “Beyond a reasonable doubt”
• Civil (Tort) – Wrongful acts against another party. Penalties include financial restitution
Proof must be: “based upon the preponderance of evidence”
• Administrative (Regulatory) – Define standards of performance and conduct for major
industries. Penalties include both financial penalties and jail time. Eg FAA, HIPAA, FDA, FCC

Question 6

Civil Penalty Types

Answer 6

Civil Penalty Types:
o Compensatory – Based on actual damages to the victim
o Punitive – Intended as a punishment. Usually awarded by a jury
o Statutory – Mandatory damages determined by law

Question 7

Council on Europe Convention on Cybercrime

Answer 7

Council on Europe Convention on Cybercrime- computer crime council for international coorporations where systems as target and systems as a tool

Question 8

IP

Answer 8

Intellectual Property: Licensing is the most prevalent violation, followed by plagiarism, piracy and corporate espionage. Protected through:

• Patent
• Trademark
• Copyright
• Trade Secret

Question 9

Patents

Answer 9

Patents – A government granted property right given to an inventor. Good for 20 yrs

Question 10

Trademark

Answer 10

Trademark ™ – A name, logo or symbol used in commerce to identify a company’s goods. SM (service mark) brands a service offering. Attacks: counterfeiting, dilution (kleenex), cybersquatting, typosquatting

Question 11

Copyright

Answer 11

Copyright – Protection granted to authors of original works. US: 70 yrs after author death, 95-120yrs after corporation creation/publishing; Europe: 70 yrs after death of author
o First sale- permits purchaser of copyright material to sell it to another person
o Fair use- allows duplication of copyrighted material without consent of copyright holder if it does not reduce the value of the original work

Question 12

Trade Secret

Answer 12

Trade Secret – Proprietary information that a party has exclusive rights to.
To qualify as a trade secret information must meet the following requirements:
o Must be genuine and not obvious
o Must provide the owner with competitive or economic advantage
o Must be reasonably protected from disclosure

Question 13

WIPO

Answer 13

WIPO- Main international organization run by the UN is the World Intellectual Property Organization (WIPO)

Question 14

Import/Export restrictions

Answer 14

Import/Export restrictions- Cryptosystems import/export limited by many countries; WASSENAAR Agreement makes it illegal to export munitions to terrorist sponsored nations

Question 15

Internet crime problems

Answer 15

Problems associated with internet crime:
• Cross jurisdictional problems
• Lack of skill of investigators
• No laws for the crime in the location it was committed
• “Rules of Evidence” are not consistent
• Lack of tangible evidence

Question 16

Prudent Man Rule

Answer 16

Prudent Man Rule: To Perform duties that prudent people would do in similar circumstances

Question 17

Due care

Answer 17

Due care- is a minimum standard of protection; org will engage in practices that a prudent, right thinking person would consider appropriate

Question 18

Due Diligence

Answer 18

Due Diligence- requires that an org will continually scrutinize their practices to ensure that that are always meeting/exceeding protection requirements; means actively management and a formal process

Question 19

Proximate Causation

Answer 19

Proximate Causation: A natural, direct, uninterrupted consequence of an act from which an injury results and as without which the injury would not have occurred

Question 20

Culpable Negligence

Answer 20

Culpable Negligence: recklessly acting without reasonable caution and putting another person at risk of injury or harm (or failing to do something with the same consequences)

Question 21

Forensics

Answer 21

Forensics is evidence-centric relevant to crimes; must preserve the crime scene;
o	Identification
o	Preservation
o	Collection
o	Examination
o	Analysis- not using original media; use binary backup
o	Presentation
o	Decision

Question 22

Media Analysis

Answer 22

Media Analysis- binary images capture all data. 4 types of data:
o Allocated space- contains active data
o Unallocated space- no active data
o Slack space- leftover space in a cluster
o Bad blocks/cluster/sector- usually marked as unreadable due to physical defect; can be used to hide data

Question 23

Forensics SW Analysis

Answer 23

Forensics SW Analysis – comparing or reverse engineering SW; uses disassemblers; virtualization; debuggers

Question 24

Incident response

Answer 24

Incident response (vs Forensics) identifies, contains and recovers from incidents. Every action must be documented for legal proceedings

Question 25

Evidence should be…

Answer 25

Evidence should be relevant, authentic, accurate, complete, and convincing

Question 26

Direct evidence

Answer 26

Direct – An eyewitness account

Question 27

Real evidence

Answer 27

Real (Physical) – Tangible objects related to the crime like weapons, surveillance tapes

Question 28

Circumstantial evidence

Answer 28

Circumstantial- serves to establish the circumstances of other evidence

Question 29

Corroborative evidence

Answer 29

Corroborative- additional support for a fact; does not establish a fact on its own

Question 30

Hearsay evidence

Answer 30

Hearsay- second-hand evidence (business and computer generated records); normally inadmissible; Rule 803 (a record made near the time) & Rule 1001 (printouts, memory) make can make data admissable

Question 31

Demonstrative evidence

Answer 31

Demonstrative – Expert testimony, models or simulations

Question 32

Best Evidence Rule

Answer 32

Best Evidence Rule: Documentary evidence. Requires that writings, recordings or photographs should be the originals. It was established to prevent tampering.

Question 33

Secondary evidence

Answer 33

Secondary evidence- copies of documents or oral descriptions

Question 34

Dumpster Diving

Answer 34

Dumpster Diving: Going through another party’s trash looking for useful information. In many cases this is NOT considered illegal.

Question 35

Chain of Custody

Answer 35

Chain of Custody: Procedures that requires a history showing how evidence was Collected, Analyzed, stored, transported and preserved in order to be presented in court

Question 36

Reasonable Searches

Answer 36

Reasonable Searches- (companies should make aware about monitoring and search)
o if the property is in plainsight or at a public checkpoint
o exigent circumstances- immediate threat to human life or destruction of evidence
o private citizens not acting as agents of law enforcements

Question 37

Enticement

Answer 37

Enticement: When someone is provided with a favorable opportunity to commit a crime

Question 38

Entrapment

Answer 38

Entrapment: When someone is induced or persuaded to commit a crime that they had no previous intention to commit

Question 39

MOM

Answer 39

MOM- Why crimes are committed:
o Motivations- Who commits these crimes and why; What do they get out of these acts
o Opportunities- Where do opportunities exist for computer crimes; When would someone take advantage of these opportunities
o Means- Who has the capabilities to commit these types of crimes

Question 40

Opt-in

Answer 40

Opt-in (choose to do something)

Question 41

Opt-out

Answer 41

Opt-out (chosen for them by default)

Question 42

OECD

Answer 42

OECD guidelines (Org for Economic Cooperation and Development)- used by Europe, US, Japan and others. Has following principles:
o Collection Limitation- Collected fairly and lawfully
o Data Quality- Be accurate and kept up-to-date
o Purpose Specification- Used for the intended purpose
o Use Limitation- never be disclosed w/out consent or legal requirement
o Security Safeguards- protected against unauthorized use, disclosure, alteration
o Openness- readily available
o Individual Participation- find out if an entity holds their data; give reason for being held; challenge the content of data
o Accountability- accountable for adhering to above principles

Question 43

EU Data Protection Directive

Answer 43

EU Data Protection Directive
o Notify individuals how their personal data is collected and used
o Allow individuals to opt out of sharing
o Require that individuals to opt into sharing most personal data
o Provide reasonable protections for personal data

Question 44

EU-US Safe Harbor

Answer 44

EU-US Safe Harbor- US has less stringent privacy protections; Safe Harbor provides that EU data can be onward transfer to US companies by US company complying with EU Data Protection Directive.

Question 45

US Federal Privacy Act of 1974

Answer 45

US Federal Privacy Act of 1974: Protects records and information maintained by US government agencies about US citizens and lawfully permanent residents. Citizens have access to the data relative to them.

Question 46

HIPAA

Answer 46

US Health Insurance Portability and Accountability Act (HIPAA) addresses four key areas:
• Administrative Procedures – Requires formally documented security management practices
• Physical Safeguards – Requires physical protection for computing systems and media
• Technical Security Services – Requires technical access controls including authentication, authorization and auditing.
• Technical Security Mechanisms – Requires protection of data during transit

Question 47

US Computer Fraud and Abuse Act of 1986

Answer 47

US Computer Fraud and Abuse Act of 1986 covered government and financial computers resulting in $5000 damages for a year

Question 48

US Electronic Communications Privacy Act (ECPA) of 1986

Answer 48

US Electronic Communications Privacy Act (ECPA) of 1986:
• Prohibits eavesdropping and wire tapping
• Provides the legal basis for companies to monitor their own networks

Question 49

USA Patriot Act of 2001

Answer 49

USA Patriot Act of 2001- expanded law enforcement coverage for wiretaps, electronic monitoring, search & seizure w/out requiring immediate disclosure

Question 50

GLBA

Answer 50

Graham-Leach-Bliley Act (GLBA)- requires financial institutions to protect confidentiality and integrity of consumer financial info

Question 51

California Senate Bill 1386

Answer 51

California Senate Bill 1386- requires organization with breached personal data to notify them

Question 52

SOX

Answer 52

Sarbanes-Oxley Act 2002 (SOX)- regulatory compliance for publicly traded companies; ensures financial disclosure and auditor independence

Question 53

PCI-DSS

Answer 53

PCI-DSS- payment card security protection through policy, devices, control, and monitoring

Question 54

Attestation

Answer 54

Attestation- having a 3rd party review the practices of the service provider; use ISO 27001 or PCI-DSS

Question 55

(ISC)2 Ethics

Answer 55

(ISC)2 Ethics- most testable code on exam. Contains:
o	preamble (intro), 
o	canons (mandatory), 
o	guidance (advisory).  

Canons (in priority) are:
o Protect society, the commonwealth, and the infrastructure
o Act honorably, honestly, justly, responsibly, and legally
o Provide diligent and competent service to principles
o Advance and protect the organization

Question 56

Computer Ethics Institute

Answer 56

Computer Ethics Institute- ten commandments of Computer Ethics (Thou shalt not…)

Question 57

IAB Ethics

Answer 57

IAB (internet Activities Board) Ethics- 5 practices considered unethical:
o Unauthorized access to internet resources
o Disrupt intended use of internet
o Waste internet resources
o Destroys integrity of computer-based information
o Compromises the privacy of others