Shared Flashcard Set

Details

Chapter 3: Stuff he said we should know
Chapter 3. Questions + Stuff he said we need to know
23
Computer Science
12th Grade
02/11/2013

Additional Computer Science Flashcards

 


 

Cards

Term

The VP of IS wants to monitor user actions on the company’s intranet. What is the best method of obtaining the proper permissions?

 

A. A consent banner displayed upon login

 

B. Written permission from a company officer

 

C. Nothing, because the system belongs to the company

 

D. Written permission from the user

Definition

A. 

 

A consent banner consenting to monitoring resolves issues of monitoring with respect to the Electronic Communications Privacy Act (ECPA) of 1986.

Term

Your Social Security number and other associated facts kept by your bank are protected by what law against disclosure? 

 

A. The Social Security Act of 1934

 

B. The Patriot Act of 2001

 

C. The Gramm-Leach-Bliley Act

 

D. HIPAA

Definition

C. 

 

The Gramm-Leach-Bliley Act governs the sharing of privacy information with respect to financial institutions.

Term

Breaking into another computer system in the United States, even if you do not cause any damage, is regulated by what laws?

 

A. State law, as the damage is minimal

 

B. Federal law under the Identity Theft and Assumption Deterrence Act

 

C. Federal law under Electronic Communications Privacy Act (ECPA) of 1986

 

D. Federal law under the Patriot Act of 2001

Definition

D. 

 

The Patriot Act of 2001 made computer trespass a felony.

Term

Export of encryption programs is regulated by the

 

A. U.S. State Department

 

B. U.S. Commerce Department 

 

C. U.S. Department of Defense

 

D. National Security Agency

Definition

B. 

 

Export controls on commercial encryption products are administered by the Bureau of Industry and Security (BIS) in the U.S. Department of Commerce.

Term

For the FBI to install and operate Carnivore on an ISP’s network, what is required?

 

A. A court order specifying items being searched for

 

B. An official request from the FBI

 

C. An impact statement to assess recoverable costs to the ISP

 

D. A written request from an ISP to investigate a computer trespass incident

Definition

B,

 

An official request from the FBI. The Patriot Act of 2001 mandated ISP compliance with the FBI Carnivore program.

Term

True or false: Digital signatures are equivalent to notarized signatures for all transactions in the United States.

 

A. True for all transactions in which both parties agree to use digital signatures

 

B. True only for non-real property transactions

 

C. True only where governed by specific state statute

 

D. False, as the necessary laws have not yet passed

Definition

A. 

 

Electronic digital signatures are considered valid for transactions in the United States since the passing of the Electronic Signatures in Global and National Commerce Act (E-Sign) in 2001.

Term

The primary factor(s) behind data sharing compliance between U.S. and European companies is/are

 

A. Safe Harbor Provision

 

B. European Data Privacy Laws 

 

C. U.S. FTC enforcement actions

 

D. All of the above

Definition

D. 

 

All of the above. The primary driver is European data protection laws as enforced on U.S. firms by the FTC through the Safe Harbor provision mechanism.

Term

True or false: Writing viruses and releasing them across the Internet is a violation of law.

 

A. Always true. All countries have reciprocal agreements under international law.

 

B. Partially true. Depends on laws in country of origin.

 

C. False. Computer security laws do not cross international boundaries. 

 

D. Partially true. Depends on the specific countries involved, the author of the virus, and the recipient.

Definition

D. 

 

This is partially true, for not all countries share reciprocal laws. Some common laws and reciprocity issues exist in certain international communities—for example, the European Union—so some cross-border legal issues have been resolved.

Term

Publication of flaws in encryption used for copy protection is a potential violation of

 

A. HIPAA

 

B. U.S. Commerce Department regulations 

 

C. DMCA

 

D. National Security Agency regulations

Definition

C. 

 

This is a potential violation of the Digital Millennium Copyright Act of 1998 unless an exemption provision is met.

Term

Violation of DMCA can result in

 

A. Civil fine

 

B. Jail time

 

C. Activity subject to legal injunctions

 

D. All of the above

Definition

D. 

 

All of the above have been attributed to DMCA, including the jailing of a Russian programmer who came to the United States to speak at a security conference.

Term
What are the 3 types of laws that are commonly associated with cybercrime?
Definition

1. Statutory law

 

2. Administrative law

 

3. Common law

Term
List all of the common cyber/internet crimes...
Definition

- Auction Fraud

 

- Auction Fraud -- Romania

 

- Counterfeit Cashier's Check

 

- Credit Card Fraud

 

- Debt Elimination

 

- Parcel Courier E-mail Scheme

 

- Employment/Business Opportunities

 

- Escrow Services Fraud

 

- Identity Theft

 

- Internet Extortion

 

- Investment Fraud

 

- Lotteries

 

- Nigerian Letter or "419"

 

- Phishing/Spoofing

 

- Ponzi/Pyramid Scheme

 

- Reshipping

 

- Spam

 

- Third Party Receiver of Funds

 

Term
What is a "Computer Trespass?"
Definition
Computer trespass is the unauthorized entry into a computer system via any means possible.
Term
What is the Computer Fraud and Abuse Act?
Definition
The CFAA is the foundation for criminalizing unauthorized access to computer systems.
Term
What is the Carnivore pogram?
Definition
A program of the Patriot Act that permits governmental eavesdropping on the internet.
Term
What is the Patriot Act?
Definition

1) Its another check and ballance in laws related to privacy in the United States

 

2) It extends the tap and trace provissions of existing wiretap statutes to the Internet and mandates certain technological modification at the ISPs to facilitate electronic wiretaps on the Internet.

 

3) Mandates that ISPs cooperate and facilitate monitoring.

 

4) Permits federal law enforcement personnel to investigate computer trespass (intrusions) and enact civil penalties for trespassers

Term
What is the Gramm-Leach-Bliley Act (GLB)?
Definition
Requires all financial institutions to protect the privacy of customers' and their information and not share it with other third parties.
Term
What is Sarbanes-Oxley (SOX)?
Definition
Specifies that all processes associated with the financial reporting of a firm must be controlled and audited on a  regular basis.
Term
What is the "Payment Card Insudustry Data Security Standards (PCI DSS)"?
Definition
It's a series of standards that provide an actionable framework for developing a robust payment card data security process-- including prevention, detection and appropriate reaction to security incidents.

Visa and Mastercard both agreed to these security standards.
Term
Explain "Privacy"...
Definition

"Privacy can be defined as the power to control what others know about you and what they can do with this information."

 

"In the computer age, personal information forms the basis for many decisions, from credit card transactions to purchase goods, to the ability to buy an airplane ticket and fly domestically."

 

"Although it is theoretically possible to live an almost anonymous existence today, the price for doing so is high..."

Term
What is Health Insurance Portability & Accountability Act (HIPPA)?
Definition

- Calls for changes in the way health and medical data is stored, exchanged and used.

 

- Addresses the security and privacy of health data:

 

- Restrictions of data transfers ensure privacy.

 

- Electronic signatures are required.

 

- Mandates safeguards for physical storage, maintenance, transmission, and access to individuals' health information.

Term
What are "Ethics"....
Definition
It's the study of an appropriate code of conduct on the internet on a global scale.
Supporting users have an ad free experience!