Legal And Regulatory Issues

Question 1

Criminal Law

Answer 1

Society is the victim and proof must be beyond a reasonable doubt

Question 2

Consequences of criminal law

Answer 2

Incarceration, death and financial fines to punish and deter

Question 3

Civil Law

Answer 3

Individuals, groups or organizations are the victims and proof must be the majority of proof or preponderance of proof ( more likely than not)

Question 4

Consequences of civil law

Answer 4

Financial fines to compensate the victim(s)

Question 5

Administrative Law ( Regulatory Law)

Answer 5

Laws enacted by government agencies ( FDA, HIPPAA, FAA)

Question 6

Private Regulations

Answer 6

Compliance is required by contract
Example PCI-DSS

Question 7

Due Diligence

Answer 7

The research to build the IT Security architecture of your organization best practices and common protection mechanisms, research of new systems before implementing
Do detect DD you are detecting something is wrong and finding a way to fix it

Question 8

Due care

Answer 8

refers to the reasonable steps that an organization takes to protect its information assets from unauthorized access, use, disclosure, modification, or destruction. It involves implementing and maintaining appropriate policies, procedures, standards, and controls that align with the organization. DC do correct you’re fixing something

Question 9

Negligence

Answer 9

Opposite of due care
If a system under your control is compromised and you can prove you did your due care you most likely not liable. Or vice versa

Question 10

Real evidence

Answer 10

Tangible and physical objects in IT security
Examples hard disks, usb drives

Question 11

Direct evidence

Answer 11

Testimony from a firsthand witness, what they experienced with their 5 senses

Question 12

Circumstantial evidence

Answer 12

Evidence to support circumstances for a point or other evidence
Example: car accident with no witnesses and victim can’t identify you but there’s green paint on your bumper and the car is green.

Question 13

Collaborative evidence

Answer 13

Support facts or elements of the case not a fact on its own but support other facts

Question 14

Hearsay

Answer 14

Not first hand knowledge normally inadmissible in a case

Question 15

Entrapment

Answer 15

Illegal and unethical l; when someone is persuaded to commit a crime they had no intention of committing and is then charged with it.

Question 16

Enticement

Answer 16

Legal and ethical; making committing a crime more enticing but the person has already broken the law or at least has decided to do so

Question 17

Personally identifiable information (PII)

Answer 17

Any data about a human being that could be used to identify that person