Study guide Flashcards
1
Q
What is ethics?
A
Ethics is a code of behavior that is defined by the group to which an individual belongs.
2
Q
What are morals?
A
Morals are the personal principles upon which an individual bases decisions about what is right and what is wrong.
3
Q
What does it mean to act with integrity?
A
A person who acts with integrity acts in accordance with a personal code of principles.
4
Q
How is law defined?
A
Law is a system of rules that tells us what we can and cannot do.
5
Q
What is a code of ethics?
A
A code of ethics states the principles and core values that are essential to one’s work.
6
Q
True or False: Just because an activity is legal, it is ethical.
A
False
7
Q
What trend has increased the likelihood of unethical behavior?
A
Globalization has created a much more complex work environment.
8
Q
What is corporate social responsibility (CSR)?
A
Corporate social responsibility is the concept that an organization should act ethically by taking responsibility for the impact of its actions.
9
Q
What is supply chain sustainability?
A
Supply chain sustainability focuses on developing and maintaining a supply chain that meets the needs of the present without compromising future generations.
10
Q
List three reasons organizations pursue CSR goals.
A
- To gain the goodwill of the community
- To foster good business practices
- To avoid unfavorable publicity
11
Q
What actions can organizations take to improve business ethics?
A
- Appoint a corporate ethics officer
- Establish a corporate code of ethics
- Conduct social audits
- Require ethics training
12
Q
What is the simple decision-making model?
A
- Define the problem
- Identify alternatives
- Choose an alternative
- Implement the decision
- Monitor the results
13
Q
What has increased the risk of unethical use of information technology?
A
The growth of the Internet and social networks has increased the risk.
14
Q
What relationships must an IT worker manage?
A
An IT worker must manage relationships with employers, clients, suppliers, other professionals, IT users, and society.
15
Q
What is bribery?
A
Bribery is the act of providing money, property, or favors to obtain a business advantage.
16
Q
What is the Foreign Corrupt Practices Act (FCPA)?
A
The FCPA makes it a crime to bribe foreign officials or political party officials.
17
Q
What is a professional code of ethics?
A
A professional code of ethics states the principles and core values essential to the work of a particular occupational group.
18
Q
What are some common ethical issues faced by IT users?
A
- Software piracy
- Inappropriate use of computing resources
- Inappropriate sharing of information
19
Q
What is the role of the information security (infosec) group?
A
The infosec group manages processes, tools, and policies to counter threats to information.
20
Q
What is an exploit in cybersecurity?
A
An exploit is an attack that takes advantage of a specific system vulnerability.
21
Q
Who are black hat hackers?
A
Black hat hackers are individuals who exploit systems for malicious purposes.
22
Q
What does the CIA security triad stand for?
A
Confidentiality, Integrity, Availability.
23
Q
What should an organization’s response plan include in the event of a security intrusion?
A
- Notification
- Evidence protection
- Containment
- Follow-up
24
Q
What is the right of privacy?
A
The right of privacy is the right to be left alone.
25
What is information privacy?
Information privacy combines communications privacy and data privacy.
26
What is the right of privacy?
The right to be left alone—the most comprehensive of rights, and the right most valued by a free people.
27
What is information privacy?
The combination of communications privacy and data privacy.
28
What does communications privacy entail?
The ability to communicate with others without those communications being monitored.
29
What does data privacy entail?
The ability to limit access to one's personal data by others.
30
What is required to balance the use of information technology in business?
A combination of new laws, technical solutions, and privacy policies.
31
What does the Fourth Amendment protect?
The right of the people to be secure against unreasonable searches and seizures.
32
What is a reasonable expectation of privacy?
The courts have ruled that without this, there is no privacy right to protect.
33
What do people want protection from in addition to government intrusion?
Privacy protection from private industry.
34
What is the Fair Credit Reporting Act?
Regulates operations of credit reporting bureaus.
35
What does the Right to Financial Privacy Act protect?
The financial records of financial institution customers from unauthorized scrutiny.
36
What does the GLBA establish?
Mandatory guidelines for the collection and disclosure of personal financial information.
37
What rights does HIPAA provide?
Defines standards to improve health insurance portability and reduce fraud.
38
What does the American Recovery and Reinvestment Act include?
Strong privacy provisions for EHRs and mandates notification of data breaches.
39
What does FERPA provide?
Specific rights regarding the release of student records.
40
What does COPPA require from websites that cater to children?
To offer comprehensive privacy policies and obtain parental consent before data collection.
41
What does Title III of the Omnibus Crime Control and Safe Streets Act regulate?
The interception of wire and oral communications.
42
What does FISA describe?
Procedures for electronic surveillance and collection of foreign intelligence information.
43
What does Executive Order 12333 allow?
Tangential collection of U.S. citizen data by intelligence agencies.
44
What does the ECPA protect?
Communications while in transit and held in electronic storage.
45
What does CALEA require from telecommunications companies?
To build tools for investigators to eavesdrop on communications.
46
What powers did the USA PATRIOT Act grant?
Increased ability to eavesdrop and gather intelligence.
47
What did the Foreign Intelligence Surveillance Act Amendments Act of 2004 authorize?
Intelligence gathering on individuals not affiliated with known terrorist organizations.
48
What did the PATRIOT Sunsets Extension Act do?
Extended provisions of the USA PATRIOT Act, including roving wiretaps.
49
What does the USA Freedom Act require regarding telephone metadata?
Telecommunications carriers to hold the data and respond to NSA queries.
50
What are 'fair information practices'?
Guidelines that govern the collection and use of personal data.
51
What did the OECD for the Protection of Privacy create?
A set of fair information practices as a model for ethical treatment of consumer data.
52
What does the European Union Data Protection Directive require?
Protection of data transferred to non-EU countries.
53
What is the purpose of the GDPR?
Addresses export of personal data outside the EU and standardizes data privacy regulations.
54
What does the FOIA grant citizens?
The right to access certain information and records of the federal government.
55
What does the Privacy Act prohibit?
Concealing the existence of personal data record-keeping systems by U.S. government agencies.
56
What methods do companies use to collect personal data?
Depositing cookies on visitors' hard drives.
57
What is a data breach?
The unintended release of sensitive data or access by unauthorized individuals.
58
What is e-discovery?
The collection, preparation, review, and production of electronically stored information.
59
What is predictive coding?
A process that uses human intelligence and computer-driven concept searching in document review.
60
What percentage of U.S. firms monitor employee communications?
About 80 percent.
61
What is the role of surveillance cameras in cities?
To deter crime and terrorist activities.
62
What is an EDR?
A device that records vehicle and occupant data during a crash.
63
What is stalking software?
Apps that enable location tracking and monitoring of personal communications.
64
What does the First Amendment protect?
Freedom of religion, expression, and assembly.
65
What types of speech are not protected under the First Amendment?
* Obscene speech
* Defamation
* Incitement of panic
* Incitement to crime
* Fighting words
* Sedition
66
What is the Communications Decency Act (CDA)?
Aimed at protecting children from online pornography.
67
What does Section 230 of the CDA provide?
Immunity from defamation charges to ISPs publishing user-generated content.
68
What does the Children’s Internet Protection Act (CIPA) require?
Schools and libraries to use filters to block access to harmful material.
69
What is Internet censorship?
The control or suppression of information on the Internet.
70
What is a SLAPP?
A lawsuit against citizens or groups who oppose corporations or officials.
71
What is doxing?
Obtaining and posting someone's private information online without permission.
72
What is the legal status of annoying or critical speech in the U.S.?
It enjoys protection under the First Amendment.
73
What are anti-SLAPP laws designed to do?
Reduce frivolous lawsuits against public participation.
74
What is sexting?
Sending sexual messages or images over a cell phone.
75
What does the CAN-SPAM Act specify?
Requirements for commercial emailers when sending emails.
76
What does the term intellectual property encompass?
Intellectual property encompasses works of the mind such as art, books, films, formulas, inventions, music, and processes.
77
What are the main forms of intellectual property law?
Copyrights, patents, trademarks, and trade secrets.
78
What is a copyright?
The exclusive right to distribute, display, perform, or reproduce an original work in copies; to prepare derivative works based on the work.
79
What is copyright infringement?
A violation of the rights secured by the owner of a copyright, occurring when someone copies a substantial part of another’s copyrighted work without permission.
80
What are the four factors of the fair use doctrine?
* The purpose and character of the use
* The nature of the copyrighted work
* The portion of the copyrighted work used
* The effect of the use on the value of the copyrighted work
81
What is the purpose of the Prioritizing Resources and Organization for Intellectual Property (PRO-IP) Act of 2008?
To increase trademark and copyright enforcement and substantially increase penalties for infringement.
82
What is a patent?
A grant of property right issued by the U.S. Patent and Trademark Office to an inventor that permits excluding the public from making, using, or selling a protected invention.
83
What are the three statutory classes of items that can be patented?
* It must be useful
* It must be novel
* It must not be obvious to a person having ordinary skill in the same field
84
What is a utility patent?
Issued for the invention of a new and useful process, machine, manufacture, or composition of matter.
85
What is a trade secret?
Information that has economic value and is not readily ascertainable, where the owner has taken steps to maintain its secrecy.
86
What are the key advantages of trade secrets over patents and copyrights?
* No time limitations on protection
* No need to file any application
* No risk of being found invalid in court
87
What is the definition of plagiarism?
The act of stealing someone’s ideas or words and passing them off as one’s own.
88
What is reverse engineering?
The process of breaking something down to understand it, build a copy, or improve it.
89
What is competitive intelligence?
Legally obtained information gathered to help a company gain an advantage over its rivals.
90
What is a trademark?
A logo, package design, phrase, sound, or word that enables a consumer to differentiate one company’s products from another’s.
91
What are cybersquatters?
Individuals who register domain names for famous trademarks or company names to profit from the trademark’s owner.
92
What is software quality?
The degree to which a software product meets the needs of its users.
93
What is a software defect?
Any error that, if not removed, could cause a software system to fail to meet its users’ needs.
94
What is a business information system?
A set of interrelated components that collects and processes data and disseminates the output.
95
What is quality assurance (QA) in software development?
Methods within the development process designed to guarantee reliable operation of a product.
96
What is the waterfall system development model?
A sequential, multistage system development process where the next stage cannot begin until the current stage is approved.
97
What is the agile development methodology?
A system developed in iterations, focusing on maximizing the team's ability to deliver quickly and respond to evolving requirements.
98
What is Capability Maturity Model Integration (CMMI)?
Collections of best practices that help organizations improve their processes and assess software development practices.
99
What defines a safety-critical system?
A system whose failure may cause human injury or death.
100
What are the five levels of development maturity in CMMI?
initial, managed, defined, quantitatively managed, optimizing
101
What is a safety-critical system?
A system whose failure may cause human injury or death
102
What is a key assumption in the development of safety-critical systems?
Safety will not automatically result from following an organization’s standard software development methodology
103
What is the development and testing process for safety-critical software like?
Much more rigorous and time-consuming than other kinds of software
104
What is risk in the context of software development?
The potential of gaining or losing something of value
105
What are the three elements used to quantify risk?
* Risk event
* Probability of the event happening
* Impact on the business outcome
106
What does ARO stand for, and what does it estimate?
Annualized Rate of Occurrence; it estimates the probability that an event will occur over the course of a year
107
What is Single Loss Expectancy (SLE)?
The estimated loss that would be incurred if a risk event happens
108
How is Annualized Loss Expectancy (ALE) calculated?
ARO × SLE
109
What is risk management?
The process of identifying, monitoring, and limiting risks to an acceptable level
110
What does reliability measure in a system?
The rate of failure that would render it unusable over its expected lifetime
111
What did the ISO 9000 series of standards require from organizations?
To develop formal quality management systems focusing on customer needs
112
What is the purpose of the ISO 9001 family of standards?
To provide standardized requirements for a quality management system
113
What is Failure Mode and Effects Analysis (FMEA)?
A technique used to evaluate reliability and determine the effects of system and equipment failures
114
What is the most widely used measurement of the material standard of living?
Gross Domestic Product (GDP) per capita
115
What factors can affect the rate of change in the standard of living?
* Business cycles
* Prices
* Wages
* Employment levels
* Production of goods and services
116
What is labor productivity?
A measure comparing the amount of goods and services produced with the labor hours used
117
What role does innovation play in productivity improvement?
It is a key factor in enabling productivity improvements
118
Why can it be difficult to quantify IT investment benefits on productivity?
There can be a considerable lag between applying IT solutions and capturing productivity gains
119
What are advances in AI, machine learning, robotics, and NLP changing?
The way work gets done
120
What percentage of human work activities could potentially be automated?
45 percent
121
What is artificial intelligence (AI)?
Systems that simulate human intelligence processes, including learning and reasoning
122
What does machine learning involve?
Computer programs that learn tasks and improve with experience
123
What is robotics?
The development of mechanical or computer devices performing precise or hazardous tasks
124
What is natural language processing?
Technology that allows computers to understand and generate natural languages
125
What is the expected average annual increase in healthcare costs in the U.S. from 2016 to 2025?
5.6 percent
126
What is an Electronic Medical Record (EMR)?
A collection of health-related information created and managed within a single healthcare organization
127
What is an Electronic Health Record (EHR)?
A comprehensive view of a patient’s complete medical history designed to be shared across organizations
128
What is Health Information Exchange (HIE)?
The process of sharing patient-level electronic health information between different organizations
129
What does a Personal Health Record (PHR) include?
* Personal identifiers
* Health provider information
* Medication history
* Allergies
* Lab results
130
What is Clinical Decision Support (CDS)?
A process and set of tools designed to enhance health-related decision making
131
What is a Computerized Provider Order Entry (CPOE) system?
A system enabling physicians to place orders electronically
132
What does telehealth encompass?
Providing medical care via telecommunications and information technologies
133
What is telemedicine?
The component of telehealth providing medical care from a distance
134
What is store-and-forward telemedicine?
Acquiring patient data and transmitting it to a specialist for evaluation
135
What are social media?
Web-based communication channels enabling interaction and information sharing
136
What is a social networking platform?
An online community enabling members to share opinions and experiences
137
What percentage of employers used social media to research job candidates?
60 percent
138
What is cyberabuse?
Mistreatment based on the use of electronic communications causing harm
139
What is cyberharassment?
Abusive behavior using electronic communications that causes emotional distress
140
What is cyberstalking?
A long-term pattern of unwanted pursuit causing fear and distress
141
What is the gig economy?
A work environment where temporary positions are common and organizations contract with independent workers
142
What is an independent contractor?
An individual providing services according to a written or verbal contract
143
What is contingent work?
A job situation without an explicit or implicit contract for long-term employment
144
What is a PEO?
A PEO is a Professional Employer Organization that manages human resource activities for a client company.
145
What does the gig economy refer to?
The gig economy refers to a work environment where temporary positions are common and organizations contract independent workers for short-term engagements.
146
Define independent contractor.
An independent contractor is an individual who provides services to another individual or organization according to terms defined in a contract or verbal agreement.
147
What risk do organizations face when using contingent workers?
Organizations risk getting dragged into a class action lawsuit over misclassification of workers.
148
List three benefits of employing contingent workers.
* No benefits required
* Flexibility in adjusting the workforce
* No incurred training costs
149
What is an H-1B visa?
An H-1B is a temporary work visa granted for individuals working in specialty occupations requiring at least a four-year degree.
150
Why do employers hire H-1B workers?
To meet critical business needs or obtain essential skills that are not readily available in the U.S.
151
What does Congress do regarding H-1B visas?
Congress sets an annual cap on the number of H-1B visas granted.
152
What wage must companies offer when applying for H-1B visas?
Companies must offer a wage that is at least 95 percent of the average salary for the occupation.
153
True or False: Companies employing H-1B workers must declare they will not displace American workers.
True
154
What is outsourcing?
Outsourcing is a long-term business arrangement where a company contracts for services with an outside organization.
155
What is offshore outsourcing?
Offshore outsourcing is when services are provided by an organization with employees in a foreign country.
156
What are two benefits of outsourcing and offshore outsourcing?
* Meeting staffing needs
* Potentially reducing costs
157
What is whistle-blowing?
Whistle-blowing is an effort to attract public attention to negligent, illegal, or unethical acts by a company.
158
What do whistle-blower protection laws allow?
They allow employees to alert authorities to unethical, illegal, or unsafe employer actions.
159
Fill in the blank: An effective whistle-blowing process includes assessing the seriousness of the situation, beginning _______.
documentation
160
What is green computing?
Green computing is the efficient and environmentally responsible design, manufacture, operation, and disposal of IT-related products.
161
List the three goals of green computing.
* Reduce hazardous material use
* Lower power-related costs
* Enable safe disposal or recycling of equipment
162
What is EPEAT?
EPEAT is a system that enables purchasers to evaluate, compare, and select electronic products based on environmental criteria.
163
What directive did the European Union pass regarding hazardous substances?
The Restriction of Hazardous Substances Directive restricts the use of hazardous materials in computer manufacturing.
