D333(C961): Ethics in Technology

Question 1

Bathsheba Syndrome

Answer 1

The moral corruption of people in power which is often facilitated by a tendency for people to look the other way when their leaders act inappropriately.

Question 2

Code Of Ethics

Answer 2

A statement that highlights an organization’s key ethical issues and identifies the overarching values and principles that are important to the organization and its decision-making.

Question 3

Corporate Compliance Officer Or Corporate Ethics Officer

Answer 3

A senior-level manager who provides an organization with vision and leadership in the area of business conduct.

Question 4

Corporate Social Responsibility (CSR)

Answer 4

The concept that an organization should act ethically by taking responsibility for the impact of its actions on its shareholders consumers employees community environment and suppliers.

Question 5

Ethics

Answer 5

A code of behavior that is defined by the group to which an individual belongs.

Question 6

Integrity

Answer 6

Adherence to a personal code of principles.

Question 7

Law

Answer 7

A system of rules that govern what we can and cannot do.

Question 8

Morals

Answer 8

The personal principles upon which an individual bases his or her decisions about what is right and what is wrong.

Question 9

Problem Statement

Answer 9

A clear concise description of the issue that needs to be addressed.

Question 10

Social Audit

Answer 10

A process whereby an organization reviews how well it is meeting its ethical and social responsibility goals and communicates its new goals for the upcoming year.

Question 11

Software Piracy

Answer 11

A form of copyright infringement that involves making copies of software or enabling others to access software to which they are not entitled.

Question 12

Supply Chain Sustainability

Answer 12

A component of corporate social responsibility (CSR) that focuses on developing and maintaining a supply chain that meets the needs of the present without compromising the ability of future generations to meet their needs.

Question 13

Stakeholder

Answer 13

Someone who stands to gain or lose depending on how a particular situation is resolved.

Question 14

Vice

Answer 14

A habit of unacceptable behavior.

Question 15

Virtue

Answer 15

A habit that inclines people to do what is acceptable.

Question 16

Advanced Persistent Threat (APT)

Answer 16

A network attack in which an intruder gains access to a network and stays there - undetected - with the intention of stealing data over a long period of time (weeks or even months).

Question 17

Antivirus Software

Answer 17

Software that scans for a specific sequence of bytes known as a virus signature that indicates the presence of a specific virus.

Question 18

Blended Threat

Answer 18

A sophisticated threat that combines the features of a virus worm Trojan horse and other malicious code into a single payload.

Question 19

Botnet

Answer 19

A large group of computers which are controlled from one or more remote locations by hackers without the knowledge or consent of their owners.

Question 20

Bring Your Own Device (BYOD)

Answer 20

A business policy that permits - and in some cases encourages - employees to use their own mobile devices (smartphones tablets or laptops) to access company resources and applications including email corporate databases the corporate intranet and the internet.

Question 21

Business Continuity Plan

Answer 21

A risk-based strategy that includes an occupant emergency evacuation plan a continuity of operations plan and an incident management plan with an active governance process to minimize the potential impact of any security incident and to ensure business continuity in the event of a cyberattack or some form of disaster.

Question 22

Captcha (Completely Automated Public Turing Test To Tell Computers And Humans Apart)

Answer 22

Software that generates and grades tests that humans can pass and all but the most sophisticated computer programs cannot.

Question 23

CIA Security Triad

Answer 23

Refers to confidentiality integrity and availability.

Question 24

Computer Forensics

Answer 24

A discipline that combines elements of law and computer science to identify collect examine and preserve data from computer systems networks and storage devices in a manner that preserves the integrity of the data gathered so that it is admissible as evidence in a court of law.

Question 25

Controlling The Assault Of Non-Solicited Pornography And Marketing (CAN-SPAM) Act

Answer 25

A law that specifies that it is legal to spam provided the messages meet a few basic requirements: spammers cannot disguise their identity by using a false return address the email must include a label specifying that it is an ad or a solicitation and the email must include a way for recipients to indicate that they do not want future mass mailings.

Question 26

Cost Per Thousand Impressions (CPM)

Answer 26

One of the two common methods of charging for paid media in which ads are billed at a flat rate per 1 000 impressions which is a measure of the number of times an ad is displayed whether it was actually clicked on or not.

Question 27

Cost Per Click (CPC)

Answer 27

One of the two common methods of charging for paid media in which ads are paid for only when someone actually clicks on them.

Question 28

Cyberabuse

Answer 28

Any form of mistreatment or lack of care both physical and mental using an electronic communications device that causes harm and distress to others.

Question 29

Cyberespionage

Answer 29

The deployment of malware that secretly steals data in the computer systems of organizations such as government agencies military contractors political organizations and manufacturing firms.

Question 30

Cyberharassment

Answer 30

A form of cyberabuse in which the abusive behavior which involves the use of an electronic communications device is degrading humiliating hurtful insulting intimidating malicious or otherwise offensive to an individual or group of individuals causing substantial emotional distress.

Question 31

Cyberstalking

Answer 31

Threatening behavior or unwanted advances directed at an adult using the internet or other forms of online and electronic communications; the adult version of cyberbullying.

Question 32

Cyberterrorism

Answer 32

The intimidation of the government or civilian population by using information technology to disable critical national infrastructure (e.g. energy transportation financial law enforcement and emergency response) to achieve political religious or ideological goals.

Question 33

Department Of Homeland Security (DHS)
Employees
Budget
Goal

Answer 33

A large federal agency with more than 240 000 employees and a budget of almost $65 billion whose goal is to provide for a “safer more secure America which is resilient against terrorism and other potential threats.”

Question 34

Disaster Recovery Plan

Answer 34

A documented process for recovering an organization’s business information system assets—including hardware software data networks and facilities—in the event of a disaster.

Question 35

Distributed Denial-Of-Service (DDOS) Attack

Answer 35

An attack in which a malicious hacker takes over computers via the internet and causes them to flood a target site with demands for data and other small tasks.

Question 36

Earned Media

Answer 36

Media exposure an organization gets through press and social media mentions positive online ratings reviews tweets and retweets reposts (or “shares”) recommendations and so on.

Question 37

Encryption

Answer 37

The process of scrambling messages or data in such a way that only authorized parties can read it.

Question 38

Encryption Key

Answer 38

A value that is applied (using an algorithm) to a set of unencrypted text (plaintext) to produce encrypted text that appears as a series of seemingly random characters (ciphertext) which is unreadable by those without the encryption key needed to decipher it.

Question 39

Exploit

Answer 39

An attack on an information system that takes advantage of a particular system vulnerability.

Question 40

Firewall

Answer 40

Hardware or software (or a combination of both) that serves as the first line of defense between an organization’s network and the internet; also limits access to the company’s network based on the organization’s internet-usage policy.

Question 41

Intrusion Detection System (IDS)

Answer 41

Software or hardware (or both) that monitors system and network resources and activities and notifies network security personnel when it detects network traffic that attempts to circumvent the security measures of a networked computer environment.

Question 42

Logic Bomb

Answer 42

A type of Trojan horse malware that executes when it is triggered by a specific event or at a predetermined time.

Logic Bomb: A logic bomb is a type of malicious code that is intentionally inserted into a computer system or software program. It remains dormant until a specific condition or trigger is met.

Trojan is a type of malware that disguises itself as legitimate software or files to deceive users into downloading or executing it.

Question 43

Managed Security Service Provider (MSSP)

Answer 43

A company that monitors manages and maintains computer and network security for other organizations.

Question 44

Mission-Critical Process

Answer 44

Business processes that are more pivotal to continued operations and goal attainment than others.

Question 45

Next-Generation Firewall (NGFW)

Answer 45

A hardware- or software-based network security system that is able to detect and block sophisticated attacks by filtering network traffic dependent on the packet contents.

Question 46

Organic Media Marketing

Answer 46

A form of marketing that employs tools provided by or tailored for a particular social media platform to build a social community and interact with it by sharing posts and responding to customer comments on the organization’s blog and social media accounts.

Question 47

Paid Media Marketing

Answer 47

A form of marketing that involves paying a third party to broadcast an organization’s display ads or sponsored messages to social media users.

Question 48

Phishing

Answer 48

The act of fraudulently using email to persuade the recipient to reveal personal data.

Question 49

Ransomware

Answer 49

Malware that stops you from using your computer or accessing your data until you meet certain demands such as paying a ransom or sending photos to the attacker.

Question 50

Reasonable Assurance

Answer 50

A concept in computer security that recognizes that managers must use their judgment to ensure that the cost of control does not exceed the system’s benefits or the risks involved.

Question 51

Risk Assessment

Answer 51

The process of assessing security-related risks to an organization’s computers and networks from both internal and external threats.

Question 52

Rootkit

Answer 52

A set of programs that enables its user to gain administrator-level access to a computer without the end user’s consent or knowledge.

A rootkit is a type of malicious software that is designed to gain privileged access and control over a computer system while remaining hidden from detection. It is often installed by an attacker or malware to maintain unauthorized access, manipulate system functions, and evade security measures.

Question 53

Security Audit

Answer 53

An evaluation of whether or not an organization has a well-considered security policy in place and whether or not it is being followed.

Question 54

Security Policy

Answer 54

An organization’s security requirements as well as the controls and sanctions needed to meet those requirements.

Question 55

Smishing

Answer 55

Another variation of phishing that involves the use of texting.

Question 56

Social Media

Answer 56

Web-based communication channels and tools that enable people to interact with each other by creating online communities where they can share information ideas messages and other content including images audio and video.

Question 57

Social Media Marketing

Answer 57

A form of marketing that involves the use of social networks to communicate and promote the benefits of products and services.

Question 58

Social Networking Platform

Answer 58

Technology that allows the creation of an online community of internet users that enables members to break down barriers created by time distance and cultural differences.

Question 59

Social Shopping Platform

Answer 59

A combination of shopping and social networking.

Question 60

Spam

Answer 60

The use of email systems to send unsolicited email to large numbers of people.

Question 61

Spear Phishing

Answer 61

A variation of phishing in which the phisher sends fraudulent emails to a certain organization’s employees.

Question 62

Transport Layer Security (TLS)

Answer 62

A communications protocol or system of rules that ensures privacy between communicating applications and their users on the internet.

Question 63

Trojan Horse

Answer 63

A seemingly harmless program in which malicious code is hidden.

Question 64

US-CERT
year and function

Answer 64

Established in 2003 to protect the nation’s internet infrastructure against cyberattacks and serves as a clearinghouse for information on new viruses worms and other computer security topics.

It is a division of the Department of Homeland Security (DHS) in the United States. US-CERT serves as the nation’s primary organization for coordinating defense against and responding to cyber incidents.

Question 65

Viral Marketing

Answer 65

An approach to advertising that encourages individuals to pass along a marketing message to others thus creating the potential for exponential growth in the message’s exposure and influence.

Question 66

Virus

Answer 66

A piece of programming code usually disguised as something else that causes a computer to behave in an unexpected and usually undesirable manner.

Question 67

Virus Signature

Answer 67

A specific sequence of bytes that indicates to antivirus software that a specific virus is present.

Question 68

Vishing

Answer 68

Similar to smishing except that the victims receive a voicemail message telling them to call a phone number or access a website.

Question 69

Worm

Answer 69

A harmful program that resides in the active memory of the computer and duplicates itself.

Question 70

Zero-Day Exploit

Answer 70

A cyberattack that takes place before the security community or software developers become aware of and fix a security vulnerability.