LEP ISSUES

Question 1

1. The key difference between laws and ethics is that ethics carry the authority of a governing body and laws do not.

Answer 1

F

Question 2

2. Due care requires that an organization make a valid effort to protect others and continually maintain this level of effort.

Answer 2

F

Question 3

3. The Clipper Chip can be used to monitor or track private communications.

Answer 3

T

Question 4

4. HIPAA specifies particular security technologies for each of the security requirements to ensure the privacy of the health-care information.

Answer 4

F

Question 5

5. Every state has implemented uniform laws and regulations placed on organizational use of computer technology.

Answer 5

F

Question 6

6. Thirty-four countries have ratified the European Council Cyber-Crime Convention as of April 2010.

Answer 6

F

Question 7

7. The United States has implemented a version of the DMCA law called the Database Right, in order to comply with Directive 95/46/EC.

Answer 7

F

Question 8

8. The Association for Computing Machinery and the Information Systems Security Association have the authority to banish violators of their ethical standards from practicing their trade.

Answer 8

F

Question 9

9. Studies on ethics and computer use reveal that people of different nationalities have different perspectives; difficulties arise when one nationality’s ethical behavior violates the ethics of another national group.

Answer 9

T

Question 10

10. Cultural differences can make it easy to determine what is and is not ethical—especially when it comes to the use of computers.

Answer 10

F

Question 11

11. Studies have reported that the Pacific Rim countries of Singapore and Hong Kong are hotbeds of software piracy.

Answer 11

T

Question 12

12. The difference between a policy and a law is that ignorance of a law is an acceptable defense.

Answer 12

F

Question 13

13. There are four general causes of unethical and illegal behavior.

Answer 13

F

Question 14

14. Individuals with authorization and privileges to manage information within the organization are most likely to cause harm or damage by accident.

Answer 14

T

Question 15

15. The Information Systems Security Association (ISSA) is a nonprofit society of information security professionals whose primary mission is to bring together qualified information security practitioners for information exchange and educational development.

Answer 15

T

Question 16

16. The Department of Homeland Security is the only U.S. federal agency charged with the protection of American information resources and the investigation of threats to, or attacks on, the resources.

Answer 16

F

Question 17

17. DHS is made up of three directorates.

Answer 17

F

Question 18

18. Established in January 2001, the National InfraGard Program began as a cooperative effort between the FBI’s Cleveland Field Office and local technology professionals.

Answer 18

T

Question 19

19. The NSA is responsible for signal intelligence and information system security.

Answer 19

T

Question 20

20. The Secret Service is charged with the detection and arrest of any person committing a United States federal offense relating to computer fraud and false identification crimes.

Answer 20

T

Question 21

1. ____ law comprises a wide variety of laws that govern a nation or state.
   a. Criminal c. Public
   b. Civil d. Private

Answer 21

b. Civil

Question 22

2. ____ law regulates the structure and administration of government agencies and their relationships with citizens, employees, and other governments.
   a. Public c. Civil
   b. Private d. Criminal

Answer 22

a. Public

Question 23

3. The Computer ____ and Abuse Act of 1986 is the cornerstone of many computer-related federal laws and enforcement efforts.
   a. Violence c. Theft
   b. Fraud d. Usage

Answer 23

b. Fraud

Question 24

4. According to the National Information Infrastructure Protection Act of 1996, the severity of the penalty for computer crimes depends on the value of the information obtained and whether the offense is judged to have been committed for each of the following except ____.
   a. for purposes of commercial advantage c. to harass
   b. for private financial gain d. in furtherance of a criminal act

Answer 24

c. to harass

Question 25

5. The National Information Infrastructure Protection Act of 1996 modified which Act?
   a. USA PATRIOT Act
   b. USA PATRIOT Improvement and Reauthorization Act
   c. Computer Security Act
   d. Computer Fraud and Abuse Act

Answer 25

d. Computer Fraud and Abuse Act

Question 26

6. The Privacy of Customer Information Section of the common carrier regulation states that any proprietary information shall be used explicitly for providing services, and not for any ____ purposes.
   a. troubleshooting c. customer service
   b. billing d. marketing

Answer 26

d. marketing

Question 27

7. The ____ Portability and Accountability Act Of 1996, also known as the Kennedy-Kassebaum Act, protects the confidentiality and security of health care data by establishing and enforcing standards and by standardizing electronic data interchange.
   a. Customer c. Computer
   b. Health Insurance d. Telecommunications

Answer 27

b. Health Insurance

Question 28

8. Which of the following acts is a collection of statutes that regulate the interception of wire, electronic, and oral communications?
   a. Electronic Communications Privacy Act
   b. Financial Services Modernization Ac
   c. Sarbanes-Oxley Act
   d. Economic Espionage Act

Answer 28

a. Electronic Communications Privacy Act

Question 29

9. Which of the following acts is also widely known as the Gramm-Leach-Bliley Act?
   a. Financial Services Modernization Act
   b. Communications Act
   c. Computer Security Act
   d. Economic Espionage Act

Answer 29

a. Financial Services Modernization Act

Question 30

10. What is the subject of the Computer Security Act?
    a. Federal Agency Information Security
    b. Telecommunications Common Carriers
    c. Cryptography Software Vendors
    d. Banking Industry

Answer 30

a. Federal Agency Information Security

Question 31

11. Which of the following acts defines and formalizes laws to counter threats from computer related acts and offenses?
    a. Electronic Communications Privacy Act of 1986
    b. Freedom of Information Act (FOIA)
    c. Computer Fraud and Abuse Act
    d. Federal Privacy Act of 1974

Answer 31

c. Computer Fraud and Abuse Act

Question 32

12. ____ defines stiffer penalties for prosecution of terrorist crimes.
    a. USA Patriot Act c. Gramm-Leach-Bliley Act
    b. Sarbanes-Oxley Act d. Economic Espionage Act

Answer 32

a. USA Patriot Act

Question 33

13. ____ attempts to prevent trade secrets from being illegally shared.
    a. Electronic Communications Privacy Act
    b. Sarbanes-Oxley Act
    c. Financial Services Modernization Act
    d. Economic Espionage Act

Answer 33

d. Economic Espionage Act

Question 34

14. The ____ of 1999 provides guidance on the use of encryption and provides protection from government intervention.
    a. Sarbanes-Oxley Act
    b. Gramm-Leach-Bliley Act
    c. U.S.A. Patriot Act
    d. Security and Freedom through Encryption Act

Answer 34

d. Security and Freedom through Encryption Act

Question 35

15. What is the subject of the Sarbanes-Oxley Act?
    a. Banking c. Privacy
    b. Financial Reporting d. Trade secrets

Answer 35

b. Financial Reporting

Question 36

16. The Council of Europe adopted the Convention of CyberCrime in ____.
    a. 1976 c. 1998
    b. 1986 d. 2001

Answer 36

d. 2001

Question 37

17. Which of the following countries reported generally intolerant attitudes toward personal use of organizational computing resources?
    a. Australia c. Singapore
    b. United States d. Sweden

Answer 37

c. Singapore

Question 38

18. Individuals with authorization and privileges to manage information within the organization are most likely to cause harm or damage ____.
    a. with intent c. with malice
    b. by accident d. with negligence

Answer 38

b. by accident

Question 39

19. Criminal or unethical ____ goes to the state of mind of the individual performing the act.
    a. attitude c. accident
    b. intent d. ignorance

Answer 39

b. intent

Question 40

20. Laws and policies and their associated penalties only deter if which of the following conditions is present?
    a. Fear of penalty
    b. Probability of being caught
    c. Probability of penalty being administered
    d. All of the above

Answer 40

d. All of the above