moral + access control matrix

Question 1

name Four ethical ‘isms’

Answer 1

moral realism, subjectivism, emotivism, prescriptivism

Question 2

whys is it diffrent isms?

Answer 2

The different ‘isms’ regard the person uttering the statement as doing different things.

Question 3

what is moral realism

Answer 3

statement about an ethical fact, ex it is wrong to murder

Question 4

what is subjectivism

Answer 4

i make a staement about my own feeling

ex i disaprove for murder

Question 5

what is emotivism

Answer 5

i express my feelings( its about dissaprove or approve) ex murder is wrong

Question 6

what is prohibiation

Answer 6

i give instruktions or prohibitions, ex dont murder people

Question 7

ethic vs law

name 3 things diffrent from each other

Answer 7

Law: written as docuemnt, ethics :described by unwritted documents

law: interpreted by court, ethical: interpreted by people

law: applicable by everyone ethics: personal choice

Question 8

how to ethical reasoning? 4 step

Answer 8

1.understand situation
2. know ethical theories
3.list ethical principles
4. determine which princlie outweight others

Question 9

policy should support

Answer 9

-report missbehaviour, property and information, how to use your it environemnt

Question 10

ISACA principles

Answer 10

1. support implemtation of and encourage compliance with standats, procedures and controll for information systems.

2.perform their duites with objectivity, due diligence and professional care in accordance with proffessional standars and best practice

3. serve in the intrest of stakholders in a lawful and honest manner, while maintaing high standats of conduct and characters and not engage in acts discreditable to the profession
4. maintain the privacy and confidentality of information obstained in the course of their duties unless disclosure is required by legal authories. such info shall not be used for personal benefit or released to inappropied parites
5. Maintain competency in their respective fields and agree to undertake only those activities they can reasonably expect to complete with the necessary skills, knowledge and competence.

6.Inform appropriate parties of the results of work performed including the disclosure of all significant facts known to them that, if not disclosed, may distort the reporting of the results.

7.Support the professional education of stakeholders in enhancing their understanding of the governance and management of enterprise information systems and technology, including: audit, control, security and risk management.

Question 11

why do we use isaca?

Answer 11

ISACA guide the professional and personal conduct of members of the association and/or its certification holders.

Question 12

what is access control matrix describing?

Answer 12

describe protection state, rights of subjects, state transition

Question 13

protection state do what?

Answer 13

descirbe the state of protection

Question 14

what does acess control matrix model tell about rights

Answer 14

1)identify objects(file, subjects (ann) and actions(read, write, ececute)

Question 15

what is state transmission

Answer 15

protection state is changing of the system