FINAL TEST EXAM

Question 1

a crime to bribe a foreign official, a foreign political party official, or a candidate for foreign political office. The act applies to any U.S. citizen or company and to any company with shares listed on any U.S. stock exchange.

Answer 1

FORIEGN CORRUPTION PRACTICE ACT

Question 2

TWO REASONS FOR VENDOR CERTIFICATION

Answer 2

SALARY
INCREASED HIRING DEMAND

Question 3

people are often aggressive in striving for what they want and are used to having privileged access to information, people, and other resources. Furthermore, their success often inflates their belief that they have the ability and the right to manipulate the outcome of any situation

Answer 3

CORRUPTION

Question 4

people in power, which is often facilitated by a tendency for people to look the other way when their leaders act inappropriately has been given the name

Answer 4

Bathsheba syndrome

Question 5

The process of sharing patient-level electronic health information between different organizations.

Answer 5

HIE - HEALTH INFORMATION EXCHANGE

Question 6

THE CIA INTEGRITY ENSURES THAT DATA WILL BE?
CONSISTENT AND TRUSTWORTHYNESS OF DATA GUARTEED

Answer 6

ACCURATE

Question 7

ELIMINATION OF BIAS IN PLATFORM

Answer 7

PREPROCESSING

Question 8

NAME SOME POTENTIAL RISK OF USING H-1B EMPLOYEES

Answer 8

LACK OF EMPLOYEE LOYALTY
LOSS OF EXPERTISE

Question 9

ENSURES DATA CAN BE ASSESSED WHEN AND WHERE NEEDED

Answer 9

AVAILABILITY

Question 10

HOW TO SECURE EMPLOYEE DATA MISUSE

Answer 10

LIMIT WHO CAN VIEW EMPLOYEE DATA

Question 11

HOW TO AVOID BIASS TESTING

Answer 11

EQUAL REPRESENTATION

Question 12

malware that stops you from using your computer or accessing your data until you meet certain demands

Answer 12

RANSOMEWEAR

Question 13

The key to prevention of a computer security incident is to implement a ? security solution to make computer break-ins so difficult that an attacker eventually gives up or is detected before much harm is inflicted. In THIS solution, if an attacker breaks through one AREA of security, another LEVEL must then be overcome.

Answer 13

LAYERED SOLUTION

Question 14

After the solution to the problem has been implemented, monitor the results to see if the desired effect was achieved and observe its impact on the organization and the various stakeholders. Were the success criteria fully met? Were there any unintended consequences?

Answer 14

EVALUATION BENCHMARK

Question 15

habit that inclines people to do what is acceptable CHOICE BETWEEN GOOD AND BAD TYPE OF FRAMEWORK

Answer 15

VIRTUE

Question 16

a theory that says whether something is good or bad depends on its outcomes. An action that brings about more benefit than harm is good, while an action that causes more harm than benefit is not.

Answer 16

CONSEQUENTIALISM

Question 17

The personal principles upon which an individual bases his or her decisions about what is right and what is wrong.

Answer 17

MORALS

Question 18

a code of behavior that is defined by the group to which an individual belongs.

Answer 18

ETHICS

Question 19

BYOD - BRING YOUR OWN DEVICE ISSUES

Answer 19

NO AUTHENTICATION
NON WORK RELATED INFO
MALEWARE

Question 20

business policy that permits, and in some cases encourages, employees to use their own mobile devices (smartphones, tablets, or laptops) to access company computing resources and applications, including email, corporate databases, the corporate intranet, and the Internet.

Answer 20

BYOD - BRING YOUR OWN DEVICE

Question 21

acts are acts that conform to the law.
A system of rules that tells us what we can and cannot do.

Answer 21

LEGAL

Question 22

bring about the most happiness for the greatest number of people.

Answer 22

UTILITARANISM

Question 23

A lawsuit filed by corporations, government officials, and others against citizens and community groups who oppose them on matters of concern. The lawsuit is typically without merit and is used to intimidate critics out of fear of the cost and effort associated with a major legal battle.

Answer 23

SLAPP -STRATIGIC LAWSUIT AGAINST PUBLIC PARTICIPATION

Question 24

Also known as the Lincoln Law, was enacted during the U.S. Civil War to combat fraud by companies that sold supplies to the Union Army. War profiteers sometimes shipped boxes of sawdust instead of guns, for instance, and some swindled the Union Army into purchasing the same cavalry horses several times. When it was enacted, the act’s goal was to entice whistle-blowers to come forward by offering them a share of the money recovered.

Answer 24

FALSE CLAIMS ACT

Question 25

, also known as the Wiretap Act, regulates the interception of wire (telephone) and oral communications. It allows state and federal law enforcement officials to use wiretapping and electronic eavesdropping, but only under strict limitations. Under this act, a warrant must be obtained from a judge to conduct a wiretap.

Answer 25

TITLE III - OMNIBUS CRIME CONTROL AND SAFE STREETS ACT

Question 26

An individual has the right to elect not to have his or her personal data collected. ONE OF THE ELEMENTS UNDER THE EUROPEAN UNION DATA PROTECTION DIRECTIVE

Answer 26

CHOICE

Question 27

Aimed at protecting children from pornography. imposed $250,000 fines and prison terms of up to two years for the transmission of “indecent” material over the Internet.

Answer 27

CDA - COMMUNICATION DECENCY ACT

Question 28

concept that an organization should act ethically by taking responsibility for the impact of its actions on its shareholders, consumers, employees, community, environment, and suppliers

Answer 28

CSR - CORPORATE SOCIAL RESPONSIBILITY

Question 29

The reduction in either the likelihood or the impact of the occurrence of a risk.

Answer 29

MITIGATION

Question 30

officially known as Regulation EU 2016/679) is designed to strengthen data protection for individuals within the EU by addressing the export of personal data outside the EU, enabling citizens to see and correct their personal data, and ensure data protection consistency across the EU. Organizations anywhere in the world that collect, store, or transfer personal data of EU citizens must work to ensure that their systems and procedures are compliant with this strict new framework

Answer 30

GDPR - GENERAL DATA PROTECTION REGULATION

Question 31

A type of lawsuit that organizations may file in order to gain subpoena power in an effort to learn the identity of anonymous Internet users who they believe have caused some form of harm to the organization through their postings.

Answer 31

JOHN DOE LAW

Question 32

(1) subscribing to a professional code of ethics, (2) joining and participating in professional organizations, (3) obtaining appropriate certifications, and (4) supporting government licensing where available.

Answer 32

PROFESSIONAL PRACTICES FOR ENGINEERS

Question 33

a comprehensive view of the patient’s complete medical history designed to be shared with authorized providers and staff from more than one organization. can include patient demographics, medical history, family history, immunization records, laboratory data, health problems, progress notes, medications, vital signs, and radiology reports. Healthcare professionals can use THIS to generate a complete electronic record of a clinical patient encounter, with the goal of ensuring that all information about a patient’s medical history and ongoing treatment is easily accessible to all healthcare professionals involved in that patient’s care—no matter where it occurs.

Answer 33

EHR - ELECTRONIC HEALTH RECORD

Question 34

a form of cyberabuse in which the abusive behavior, which involves the use of an electronic communications device, is degrading, humiliating, hurtful, insulting, intimidating, malicious, or otherwise offensive to an individual or group of individuals causing substantial emotional distress. Nearly three-quarters (72 percent) of U.S. Internet users have witnessed online harassment or abuse, and almost half (47 percent) have personally experienced cyberabuse

Answer 34

CYBERHARRASSMENT

Question 35

SOFTWARE ENGINEERING CODE OF ETHICS AND PROFESSIONAL PRACTICE

Answer 35

Public - Software engineers shall act consistently with the public interest. Client and Employer - Software engineers shall act in a manner that is in the best interests of their client and employer consistent with the public interest. Product - Software engineers shall ensure that their products and related modifications meet the highest professional standards possible. Judgment - Software engineers shall maintain integrity and independence in their professional judgment. Management - Software engineering managers and leaders shall subscribe to and promote an ethical approach to the management of software development and maintenance. Profession - Software engineers shall advance the integrity and reputation of the profession consistent with the public interest. Colleagues - Software engineers shall be fair to and supportive of their colleagues. Self - Software engineers shall participate in lifelong learning regarding the practice of their profession and shall promote an ethical approach to the practice of the profession.

Question 36

the highest-ranking person in a company or other institution, ultimately responsible for making managerial decisions. CORPORATE ETHICS OFFICER SHOULD REPORT DIRECTLY TO

Answer 36

CEO - CHIEF EXECUTIVE OFFICER

Question 37

WHAT ARE SOME ETHICAL DISADVANTAGES TO CONTINGENT WORKERS

Answer 37

NO BENEFITS EMPLOYEE FEELS DISCONNECTED TO COMPANY

Question 38

a term used to describe works of the mind—such as art, books, films, formulas, inventions, music, and processes—that are distinct and owned or created by a single person or group. It is protected through copyright, patent, and trade secret laws.

Answer 38

INTELLECTUAL PROPERTY

Answer 39

DATA BREACH NOTIFICATION

Question 40

occurs when one party fails to meet the terms of a contract.

Answer 40

BREACH OF CONTRACT

Question 41

Laying out plans for disaster recovery, setting security policies, conducting security audits, ensuring regulatory standards compliance, and creating a security dashboard. Completion of these tasks at the organizational level will set a sound foundation and clear direction for future CIA-related actions.

Answer 41

RISK ASSESSMENT

Question 42

is available for any invention—whether a product or process—in all fields of technology without discrimination, subject to the normal tests of novelty, inventiveness, and industrial applicability. It is also required that patents be available and patent rights enjoyable without discrimination as to the place of invention and whether products are imported or locally produced.

Answer 42

PATENT PROTECTION

Question 43

Computer programs are protected as literary works. Authors of computer programs and producers of sound recordings have the right to prohibit the commercial rental of their works to the public.

Answer 43

COPYRIGHT

Question 44

restricts the warranty to specific parts, certain types of defects, or has other limitations. Limited warranties, unlike full warranties, can include a provision that restricts implied warranties to the length of the limited warranty

Answer 44

LIMITED WARRANTY

Question 45

generally administered at the state level and often requires that the recipient pass a test of some kind.

Answer 45

LICENSE

Question 46

any information connected to a specific individual that can be used to uncover or steal that individual's identity

Answer 46

PII - PERSONAL IDENTIFIABLE INFORMATION

Question 47

the most widely used symmetric algorithm and is entrusted to protect classified U.S. government information. Wireless Protected Access 2 (WPA2), which is the most commonly used security protocol for wireless networks today, employsTHIS algorithm.

Answer 47

AES - ADVANCED ENCRYPTION STANDARD

Question 48

he concept that an organization should act ethically by taking responsibility for the impact of its actions on its shareholders, consumers, employees, community, environment, and suppliers

Answer 48

CSR - CORPORATE SOCIAL RESPONSIBILITY

Question 49

an effort to attract public attention to a negligent, illegal, unethical, abusive, or dangerous act by an individual or organization

Answer 49

WHISTLEBLOWER

Question 50

between the IT worker’s (or the IT firm’s) self-interest and the client’s interests. For example, an IT consulting firm might be hired to assess a firm’s IT strategic plan. After a few weeks of analysis, the consulting firm might provide a poor rating for the existing strategy and insist that its proprietary products and services are required to develop a new strategic plan. Such findings would raise questions about the vendor’s objectivity and the trustworthiness of its recommendations.

Answer 50

CONFLICT OF INTEREST

Question 51

Software and/or hardware that monitors system and network resources and activities and notifies network security personnel when it detects network traffic that attempts to circumvent the security measures of a networked computer environment (see Figure 3-7). Such activities usually signal an attempt to breach the integrity of the system or to limit the availability of network resources.

Answer 51

IDS - INTRUSION DETECTION SYSTEM