comp ethics

during which step of the decision-making process should one be extremely careful not to make assumptions about the situation?

develop problem statement

a mission statement is a clear, concise description of the issue that needs to be addressed

false

in the business world, important decisions are too often left to the technical experts: general business managers must assume greater responsibility for these decisions

true

a statement that highlighted an organization's key ethical issues and identifies the overarching values and principles that are important to the organization and its decision making it known as

code of ethics

because an activity is defined as legal, the activity is also considered ethical

false

consistency means that shareholders, customers, suppliers, and the community know what they can expect of an organization that is will behave in the future much as it has in the past

true

employees may suppress their tendency to act in a manner that seems ethical to them and instead act in a manner that will protect them against antiquated punishment

true

ideally, the corporate ethics officer should be a well respected, senior-level manager who reports directly to the CEO

true

an organization's mission statement highlights its key ethical issues and identifies the overarching values and principles that are important to the organization and its decision among

false

companies that develop and maintain strong employee relations

enjoy lower turnover rates

which of the following actives describes when an organization reviews how well it is meeting its ethical and social responsibility goals, and communicates its new goals for the upcoming year

social audit

To extend to all people the same respect and consideration that you expect from them is considered which of the following character traits?

integrity

One's personal beliefs about right and wrong are known as which of the following?

morals

A discrepancy between employee's own values and an organization's actions:

fosters poor performance

the greater reliance of information systems in all aspects of life has decreased the risk that information technology will be used unethically

false

In a for-profit organization, the primary objective of which of the following is to oversee the organization's business activities and management for the benefit of shareholders, employees, customers, suppliers, and the community?

board of directors

the term morals refers to the personal principles upon which an individual bases his or her decisions about what is right and what is wrong

true

Which of the following helps ensure that employees abide by the law, follow necessary regulations, and behave in an ethical manner?

code of ethics

multinational and global organizations must not represent a consistent face to their shareholders, customers, and suppliers but instead must operate with a different value system in each country they do business in

false

legal acts conform to what an individual believes to be the right thing to do

false

what term refers to the obligation to protect people against any unreasonable harm or risk

duty of care

government licensing of IT workers is common within most of the states of the United States

false

which of the following is a trade group that is funded through dues based on members companies' software revenues and through settlements from companies that commit software piracy

Business Software Alliance (BSA)

vendor certifications require passing a written exam, which usually contains multiple-choice question because of legal concerns about whether other types of exams can be graded objectivity

true

Which term distinguishes the person who uses a hardware or software product from the IT workers who develop, install, service, and support the product?

IT user

Under what circumstance might a gift be considered a bribe?

when the gift has not been declared

The core body of knowledge for any profession outlines an agreed-upon code of ethics and practices for those who practice in that profession

false

software piracy in a corporate setting is rarely directly traceable to IT staff members

false

Which term is used to describe the failure to act as a reasonable person would act?

breach of the duty of care

the Business Software Alliance has a few dozen lawyers and investigator who prosecute only the the too or so most egregious cases of software piracy each year

false

One of the most common ethical problems for members of the IT profession when a potential employee lies on a resume and claims competence in an IT skill that is in high demand. This act is known as which of the following?

resume inflation

there are many industry association certifications in a variety of IT-related subject areas

true

at which level is licensing generally administered?

state

Which of the following is a trade group that represents the world's largest software and hardware manufacturers?

Business Software Alliance (BSA)

the internal audit department includes members of the board of directors who determine that the internal systems and controls of the organization are adequate and effective

false

the crime of obtaining goods, services, or property through deception or trickery is known as what?

fraud

penalties for violating the Foreign Corrupt Practices Act (FCPA) are severe-corporations face a fine of up to how much per violation?

20 million

To prove fraud in a court of law, prosecutors must demonstrate that:

the wrongdoer made a false representation of material fact.

The Foreign Corrupt Practices Act (FCPA) makes it a crime to do which of the following?

bribe a foreign official

Which of the following is defined as the misstatement or incomplete statement of a material fact?

misrepresentation

computer viruses differ from worms in that viruses can propagate without human intervention, often sending copies of themselves to other computers by email

false

which of the following is a form of trojan horse which executes when it is triggered by a specific event such as a change in a particular file, by typing a specific series of keystrokes, or by a specific time or date

logic bomb

which type of exploit is defined as the sending of fraudulent emails to an organization's employees designed to look like they came from high-level executives from within the organization?

spear phishing

which of the following enables remote users to securely access an organization's collection of computing and storage devices and share data remotely

virtual private network

a spear phishing attack typically employs a group of zombies to keep the target so busy responding to a stream of automated requests that legitimate users cannot access the target

false

what exploit is characterized as the abuse of email systems to send unsolicited email to large numbers of people?

spam

which of the following concepts recognizes that managers must use their judgement to ensure that the cost of control does not exceed the system;'s benefits or the risks involved ?

reasonable assurance

which term is defined as an exploit that takes place before the security community or software developer knows about the vulnerability or has been able to repair it?

zero-day attack

discussing security attacks through public trials and the associated publicity has not only enormous potential costs in public relations but real monetary cost as well

true

installation of a corporate firewall is the least common security precaution taken by businesses as it does not provide sufficient security

false

after virus eradication, you can use a previous backup to restore an infected computer

false

what type of viruses have become common and easily created form of malware that are created using applications such as Visual Basic or VBScript?

Macro viruses

the fifth amendment regulates the collection of the content of wire and electronic communications

false

Trojan horse has become an umbrella term for many types of malicious code

false

whenever possible, automated system rules should mirror an organization's written policies

true

many organizations sue software to provide a comprehensive display of all key performance indications related to an organization's security defenses, including threats, exposures, policy compliance, and incident alerts. What is this type of software known as?

security dashboard

vishing frequently leads consumers to counterfeit Web sites designed to trick them into initiating a denial-of-service attack

false

malware that stops you from using your computer or accessing your data until you meet certain demands is known as which of the following

ransomware

a business policy that permits employees to use their own mobile devices to access company computing resources and applications is known as which of the following

bring your own device (BYOD)

the intimidation of government or civilian population by using information technology to disable critical national infrastructure in order to achieve political, religious, or ideological goals is known as which of the following

cyberterrorism

the use of information technology in business requires balancing the needs of those who use the information that is collected against the rights and desires of the people whose information is being used

true

American citizens are protected by the Fourth Amendment even when there is no reasonable expectation of privacy.

false

a national Security Letter is subject to judicial review and oversight

false

which act bars the export of data to countries that do not have data privacy protection standards comparable to those of its member countries?

European Union Data Protection Directive

which act prohibits the government from concealing the existence of any personal data record-keeping systems?

privacy act

under the USA PATRIOT Act, the FBI can issue a National Security Letter to compel banks, Internet service providers, and credit reporting companies to turn over information about their customers without a court order simply on the basis that the information is needed for an ongoing investigation

true

the Foreign Intelligence Surveillance Act describes procedures for the electronic surveillance of communications between foreign powers and the agents of foreign powers

true

which of the following acts gave sweeping new powers both to domestic law enforcement international intelligence agencies, including increasing the ability of law enforcement agencies to search telephone, email, medical, financial, and other records?

USA PATRIOT Act

which of the following acts restricted the government;'s ability to intercept electronic communications such as email, fax, and text messages?

ECPA

the U.S. has a single, overarching national data privacy policy

false

information privacy is the combination of communications privacy and data privacy

true

a device that records the originating number of incoming calls for a particular phone number is known as which of the following?

trap and trace

Through the use of cookies, a Web site is able to identify visitors on subsequent visits.

true

which act enables the public to gain access to certain government records?

Freedom of Information
act

which of the following is an act that repealed a depression-era law known as Glass-Steagall?

Gramm-Leach-Bliley act

the Constitution does not contain the word privacy, but the Supreme Court has ruled that the concept of privacy is protected by the Bill of
Rights

true

which act included strong privacy provisions for electronic health records and bans the sale of health information, promotes the use of audit trials and encryption, and provides rights of access for patients?

American
Recovery and Reinvestment Act

the Privacy Act of 1974 extends to the actions of the CIA, U.S. law enforcement agencies, and the private industry

false

which act protects citizens from unreasonable government searches and is often invoked to protect the privacy of government employees?

Fourth Amendment

Title I of which of the following act extends the protections offered under the Wiretap Act to electronic communications, such as fax and messages sent over the Internet?

Electronic Communications Privacy Act

which of the following allows people to state their opinions without revealing their identity?

anonymous expression

which of the following statements is true of Communication Decency Act (CDA)?

the problem with the CDA was its broad language and vague definition of "indecent," a standard that was left to individual communities to determine

messages whose primary purpose is to communicate information about a specific transaction are subject to the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act.

false

over the years, a number of federal, state, and local laws have been found unconstitutional because they violated one of the tenets of the First Amendment

true

an oral defamatory statement is libel

false

a Strategic Lawsuit Against Public Participation (SLAPP) is typically without merit

true

the plaintiff in a strategic lawsuit against public participation (SLAPP) can present themselves to the court admitting that their intent is to censor their critics

false

the California State Court in Pre-paid Legal v. Sturtz et al. set a legal precedent that refined the criteria courts apply to which of the following

subpoenas requesting the identity of anonymous Web posters

which country has the largest online population in the world and also perhaps the most rigorous Internet censorship?

china

Anti-SLAPP laws are designed to protect children from pornography

false

the goal of the Child Online Protection Act (COPA) was to protect children from harmful material on the World Wide Web, however, it was ruled unconstitutional

true

which of the following can provide a virtually untraceable level of anonymity to email messages?

remailers

anonymity on the internet is practically guaranteed

false

if an employee sees a coworker viewing porn on workplace computer, that employee may be able to claim that the company has

created a hostile work environment

the Children's Internet Protection Act (CIPA) was an attempt to protect children from accessing pornography and other explicit material online

true

despite the importance of which of the following in early America, it took nearly 200 years for the Supreme Court to render rulings that addressed it as an aspect of the Bill of Rights?

anonymity

pornography purveyors are free to produce and publish whatever they want; however, if what they distribute is judged obscene, they are subject to prosecution under the obscenity laws

true

Anonymous policy expression played an important role in the early formation of the United States

true

with URL filtering, a particular URL or domain name is identified as an objectionable site and the user is not allowed access to it

true

which of the following involves the examination of Internet records in an attempt to reveal the identity of an anonymous poster?

doxing