CIS227_HighYield_Flashcards

Question 1

What is the CFAA?

Answer 1

The Computer Fraud and Abuse Act; a U.S. law enacted in 1986 that criminalizes unauthorized access to computer systems.

Question 2

What does ‘unauthorized access’ mean under CFAA?

Answer 2

Accessing a computer system without permission or exceeding authorized access.

Question 3

What is the DMCA?

Answer 3

The Digital Millennium Copyright Act; a U.S. law that criminalizes the circumvention of DRM and protects online service providers from copyright infringement liability.

Question 4

What is the ECPA?

Answer 4

The Electronic Communications Privacy Act; regulates government and third-party access to wire, oral, and electronic communications.

Question 5

What is the PATRIOT Act?

Answer 5

Post-9/11 legislation that expanded surveillance capabilities of law enforcement, including roving wiretaps and monitoring internet activity.

Question 6

Define ‘ethical hacking.’

Answer 6

Ethical hacking is authorized testing of systems to find and fix security vulnerabilities.

Question 7

What is a ‘white hat’ hacker?

Answer 7

An ethical hacker who uses skills to protect systems and identify vulnerabilities.

Question 8

What is a ‘black hat’ hacker?

Answer 8

A malicious hacker who exploits systems for personal or financial gain.

Question 9

What is a ‘gray hat’ hacker?

Answer 9

A hacker who may violate laws or ethical standards but without malicious intent.

Question 10

What is social engineering?

Answer 10

Manipulating people into giving up confidential information, often via deception.

Question 11

Give an example of social engineering.

Answer 11

Phishing emails tricking users into providing login credentials.

Question 12

What is a phishing attack?

Answer 12

A form of social engineering where attackers impersonate legitimate entities to steal sensitive data.

Question 13

What is spear phishing?

Answer 13

Targeted phishing directed at specific individuals or organizations.

Question 14

What is cyberstalking?

Answer 14

Harassing someone via digital means, such as emails, messages, or social media.

Question 15

What is identity theft?

Answer 15

Using someone else’s personal information without consent, typically for fraud.

Question 16

What is intellectual property?

Answer 16

Creations of the mind, such as inventions, art, music, and software, protected by copyright, trademark, or patent.

Question 17

What is copyright infringement?

Answer 17

Using copyrighted material without permission.

Question 18

What is a trademark?

Answer 18

A recognizable sign or expression identifying products or services of a particular source.

Question 19

What is fair use?

Answer 19

Limited use of copyrighted materials without permission for purposes such as commentary, criticism, or education.

Question 20

What is digital forensics?

Answer 20

The practice of collecting, analyzing, and preserving digital evidence.

Question 21

What is chain of custody?

Answer 21

The documented and unbroken transfer of evidence.

Question 22

What is due diligence?

Answer 22

Taking reasonable steps to avoid harm to others or prevent a legal violation.

Question 23

What is due care?

Answer 23

Actively maintaining security controls and policies to protect assets.

Question 24

Define cybercrime.

Answer 24

Any criminal activity involving a computer or network.

Question 25

Define cyberterrorism.

Answer 25

Politically motivated attacks on information systems.

Question 26

What is malware?

Answer 26

Malicious software like viruses, worms, or ransomware.

Question 27

What is ransomware?

Answer 27

A type of malware that encrypts files and demands payment for decryption.

Question 28

What is a logic bomb?

Answer 28

Malicious code triggered by specific conditions or dates.

Question 29

What is a botnet?

Answer 29

A network of infected computers controlled remotely by an attacker.

Question 30

What is an insider threat?

Answer 30

Security risk posed by employees or contractors with legitimate access.

Question 31

What is GDPR?

Answer 31

General Data Protection Regulation; EU law regulating personal data and privacy.

Question 32

What are the penalties under CFAA?

Answer 32

Criminal charges, fines, and prison time depending on severity.

Question 33

What is ethical relativism?

Answer 33

Ethical standards are subjective and vary by culture or context.

Question 34

What is deontological ethics?

Answer 34

Ethics based on rules and duties, regardless of consequences.

Question 35

What is utilitarianism?

Answer 35

Ethical theory focused on outcomes; the best action maximizes overall happiness.

Question 36

What is the difference between law and ethics?

Answer 36

Law is enforceable by government; ethics is moral conduct, not always legally required.

Question 37

What is HIPAA?

Answer 37

Health Insurance Portability and Accountability Act; protects health data privacy.

Question 38

What is FERPA?

Answer 38

Family Educational Rights and Privacy Act; protects student education records.

Question 39

What is the role of ISC2 Code of Ethics?

Answer 39

Guidelines for professional conduct in cybersecurity roles.

Question 40

What is whistleblowing?

Answer 40

Reporting unethical or illegal activities within an organization.

Question 41

What is the Fourth Amendment’s relevance to cyber law?

Answer 41

Protects against unreasonable searches and seizures, including digital data.

Question 42

What is a warrant?

Answer 42

A legal document authorizing law enforcement to search or seize evidence.

Question 43

What is a subpoena?

Answer 43

A legal order to produce documents or testify in court.

Question 44

What is the difference between criminal and civil law?

Answer 44

Criminal law punishes offenses against the state; civil law resolves disputes between individuals.

Question 45

What is a tort?

Answer 45

A civil wrong causing harm, such as defamation or negligence.

Question 46

What is defamation?

Answer 46

A false statement that harms someone's reputation.

Question 47

What is negligence?

Answer 47

Failure to exercise reasonable care, resulting in damage or injury.

Question 48

What is the role of the FTC in cybersecurity?

Answer 48

Enforces consumer protection laws and penalizes companies for poor data practices.

Question 49

What is a clickwrap agreement?

Answer 49

A digital contract where users must click to agree to terms.

Question 50

What is a browsewrap agreement?

Answer 50

Terms are posted on a website, and use of the site implies agreement.

Question 51

What was U.S. v. Morris (1989)?

Answer 51

First conviction under CFAA; Morris released the first internet worm.

Question 52

What was U.S. v. Nosal?

Answer 52

Case about 'exceeding authorized access' under CFAA by using former employees' credentials.