Deck 10: Ethics, Privacy, and Security

A) "First, do no harm"
B) "Thou shalt not kill"
C) "The greatest good for the greatest number"
D) "The needs of the many outweigh the needs of the few"

A) Utilitarianism
B) Legal positivism
C) Natural laws and rights
D) Rationalism

A) the parasitic and unauthorized use of hundreds of computer systems owned by individuals for masking online identity
B) the lack of uniform and binding legislation across different countries, defining the legality of using proxy servers
C) the need to rely on the promise of the company that operates the proxy to protect its customers' identity
D) the inability to consistently ensure online anonymity, especially when government agencies are one of the parties involved

A) the right to be left alone
B) the right to view, correct, and edit private, protected information
C) the right to withhold information
D) the right to demand information

A) Immovable property
B) Freehold property
C) Intellectual property
D) Public property

A) It is most easily achieved online and is impossible to maintain on paper.
B) It is governed by laws which are universal in all countries.
C) It refers to the protection of data about individuals.
D) It emphasizes the importance of sharing data over protecting personally identifiable information.

A) Online identity management
B) Digital rights management
C) Internet resource management
D) Total quality management

A) online identity management
B) digital rights management
C) Internet resource management
D) inventory management

A) the intellectual property is used for commercial purposes
B) the protection of intellectual property involves immovable assets
C) the intellectual property is digitized
D) the intellectual property comprises of tangible assets

A) DRM systems prevent legitimate duplication of digital content in the event of hardware failure.
B) DRM systems do not function efficiently across geographical borders.
C) DRM systems often violate intellectual property rights of creators of IP.
D) DRM systems do not consistently manage the different formats of digital content.

A) captive portal
B) proxy
C) firewall
D) keylogger

A) protects whistleblowers and oppressive governments
B) increases inhibitions in online communication
C) increases accountability in users
D) protects spammers and imposters

A) It removes the fear of accountability that makes people feel responsible for their own actions.
B) It helps in the prosecution of spammers, astroturfers, and other cyber criminals.
C) It helps people participate in face-to-face meetings where they reveal personal details without fear of disclosure.
D) It protects corporate whistleblowers and political activists in oppressive regimes.

A) when information is stored on highly interconnected systems
B) when information is mainly on paper
C) when information maintained is maintained on isolated systems
D) when information is converted to code form using mathematical equations

A) online identity theft
B) private action
C) shadowing
D) plagiarism

A) Structuralism
B) Individualism
C) Utilitarianism
D) Libertarianism

A) Religion
B) Ethics
C) Creativity
D) Theology

A) Natural laws and rights do not consider the actual consequences of an action when judging its morality.
B) Natural laws and rights is an ethical framework that takes into account the effects of an action, weighing its good effects against its harmful ones.
C) Natural laws and rights involves judging what action would create the greatest good for the greatest number of people.
D) Natural laws and rights are based on the central tenet that states, "the needs of the many outweigh the needs of the few."

A) "First, do no harm"
B) "Thou shalt not kill"
C) "Protect free speech"
D) "Liberté, égalité, fraternité"

A) software code
B) real estate
C) office stationery
D) legal documents

A) preventing loss of critical organization data
B) collaborating online to create open source products
C) adding visual appeal to their digital products
D) offering technological protection for their products

A) Shadowing
B) Plagiarism
C) Private action
D) Embezzlement

A) to increase employee productivity
B) to enable efficient data mining
C) to prevent data redundancy
D) to facilitate faster communication

A) honeypot
B) botnet
C) Trojan horse
D) black swan

A) expert system
B) web crawler
C) honeypot
D) server farm

A) understanding which information assets need protection
B) evaluating controls and filling in security gaps
C) predicting future risks and devising strategies to prevent them
D) recovering existing systems from damage

A) spyware
B) web crawler
C) black swan
D) firewall

A) capturing Internet users' sensitive information
B) attracting different types of malware to track their origins
C) encrypting critical information to protect from loss or corruption
D) track and eliminate computer worms and viruses

A) lowered productivity of employees
B) compromised company security
C) increased levels of confidentiality
D) increased pressure on corporate e-mail systems

A) malware
B) middleware
C) application software
D) firmware

A) honeypot
B) Trojan horse
C) firewall
D) black swan

A) The program encodes all the information on the company's servers and other systems and renders it unreadable and useless.
B) A tabloid reporter who had planted the USB drive accesses scandalous information about celebrities and publishes stories about them.
C) The company's servers and individual computer systems are controlled by remotely located bots and are used to perform distributed denial of service attacks.
D) The spyware program replicates rapidly across the company network, clogs up the network speeds, and slows down the performance of the computers.

A) software for end-user applications such as word processors and ERP software
B) software for testing a hardware or software package
C) software used to track and prevent malicious attacks on systems
D) software designed to attack computer systems

A) Proxy servers
B) Surveillance technologies
C) Trojan horses
D) Subnetworks

A) a process which helps a user increase productivity by tracking the keys entered by him
B) a monitoring software that records a user's keystrokes
C) a software that prevents fraudsters from hacking into e-mail accounts
D) a program that controls permissions for web traffic into and out of a computer network

A) Distributed denial of service
B) Social engineering
C) Keylogging
D) Phishing

A) when it becomes immune to botnets
B) when it enters a secure site
C) when it is infected by malware
D) when it is hidden behind a firewall

A) distributed denial of service
B) keylogging
C) phishing
D) cache poisoning

A) They deny the entry or exit of specific IP addresses, products, Internet domains, and enforce other communication restrictions.
B) They are highly restrictive programs that permit communication only with approved entities and/or in an approved manner.
C) They traverse available web links in an attempt to discover documents for indexing and retrieval.
D) They have specific vulnerabilities that attract different varieties of malware in the wild, study their properties, and find out who started them.

A) e-mail program created not for communication, but to lure spam
B) software program that attracts malicious attacks in order to study their properties and origins
C) self-replicating program that sends copies to other nodes on a computer network
D) software tool used to inspect incoming and outgoing traffic to a computer network

A) It is a software program that can damage files or other programs.
B) It is a software program that attracts potentially malicious attacks to study their origin.
C) It is a software program that masks the browsing history and preferences of Internet users.
D) It is a software program that inspects incoming or outgoing traffic to a computer network.

A) determining the cause of damage
B) evaluating controls and filling in security gaps
C) understanding what information assets need protection
D) recovering the system from damage

A) intelligent character recognition
B) optical mark recognition
C) voice pattern recognition
D) blood group recognition

A) determination of the source of threats
B) assessment of threats
C) evaluation of controls that fill in security gaps
D) finalization of broadly defined goals

A) managing discussion forums efficiently
B) responding to customers' feedback
C) avoiding chaos and missteps
D) improvising communication modes

A) risk matrix
B) incidence response plan
C) vulnerability assessment scheme
D) total quality management program

A) Whitelisting
B) Keylogging
C) Egress filtering
D) Phishing

A) prohibiting downloading data to USB drives
B) restricting employee access to official mails
C) prohibiting public access to the company's website
D) prohibiting entry of employees in shared workspaces

A) honeypot
B) browser
C) black swan
D) spyware

A) user knowledge
B) voice pattern recognition
C) iris configuration
D) fingerprint recognition

A) Prosecuting the offender for security risk
B) Reevaluating the risk matrix
C) Restricting system access
D) Restoring from media known to be good

A) preserve evidence of damage done
B) reevaluate risk matrix
C) restrict systems access
D) investigate system logs for evidence

A) iris configuration
B) reliance on user knowledge
C) fingerprint analysis
D) voice pattern recognition

A) honeypot
B) worm
C) Trojan horse
D) cookie

A) passwords
B) RFID chips
C) biometric identifier
D) credit cards

A) risk matrix
B) incidence response plan
C) public key encryption scheme
D) social engineering plan

A) iris configuration
B) RFID chip
C) credit card
D) user ID-password combination

A) It is a process of stealing personal data from a victim by convincing him to disclose information.
B) It is useful in monitoring the web traffic into and out of an unsecured computer network.
C) It involves the use of several thousand computers to launch malicious attacks that can cripple websites.
D) It uses small pieces of code inserted into a browser that track an Internet user's activity and transmit the data to third parties.

A) a process of assessing authentication of reports and manuals to prevent duplication
B) a process of combining two or more authentication strategies
C) a process of assessing authentication of multiple groups using a single strategy
D) a process of assigning unique authentication information to copyrighted content to prevent resale

A) prosecute the offender for security risk
B) improve systems efficiency
C) communicate with crisis management team
D) preserve evidence of security breach

A) Reevaluating the risk matrix
B) Investigating system logs
C) Taking systems offline
D) Restricting system access

A) posting harmless videos on websites
B) monitoring a user's keystrokes
C) soliciting personal information through e-mail
D) infecting computers with self-replicating programs that slow down the system