-
web.groovymark@gmail.com
- November 19, 2024
Question 01
A car manufacturer decides to alter its emission testing to pass regulatory requirements. The emission reduction system is only used during tests, and not during normal driving conditions in order to improve fuel efficiency. Which step in the ethical decision-making process should have been used to evaluate the environmental impact of this decision?
- a) Define the problem
- b) Evaluate the results
- c) Choose alternatives
- d) Implement the decision
Correct Answer: c) Choose alternatives
Explanation: The decision-making process requires evaluating all possible alternatives before a decision is finalized. In this case, the environmental impact could have been mitigated by choosing a solution that reduces emissions consistently rather than just during tests. The other options, such as defining the problem, evaluating results, or implementing the decision, occur at different stages of the ethical decision-making process and do not directly address evaluating the environmental alternatives.
Question 02
Which two aspects of an IT worker’s responsibilities involve ethical issues that might arise in the relationship between IT workers and IT users?
- a) Discouraging software piracy
- b) Providing unlimited access to sensitive data
- c) Encouraging data sharing
- d) Controlling information sharing
Correct Answer: a) Discouraging software piracy, d) Controlling information sharing
Explanation: IT professionals must discourage unethical practices such as software piracy and ensure that information is shared responsibly. Providing unlimited access or encouraging unchecked data sharing could lead to serious ethical breaches.
Question 03
What is the primary goal for a supply chain relating to corporate social responsibility (CSR)?
- a) Cost reduction
- b) Innovation
- c) Sustainability
- d) Profit maximization
Correct Answer: c) Sustainability
Explanation: The CSR-related goal of a supply chain is to ensure sustainability, which involves meeting present needs without compromising the ability of future generations to meet their own needs. The other options, such as cost reduction, innovation, and profit maximization, may be important but are not the primary focus in the context of CSR.
Question 04
Which type of cyberattack uses text messages to trick victims into disclosing personal information for financial gain?
- a) Phishing
- b) Smishing
- c) Spear phishing
- d) Vishing
Correct Answer: b) Smishing
Explanation: Smishing involves the use of text messages to deceive individuals into revealing sensitive information, such as personal details or financial information, which can then be exploited.
Question 05
What is an objective of a professional code of ethics in IT?
- a) Provide benchmarks for self-assessment
- b) Ensure job security
- c) Establish financial guidelines
- d) Maximize productivity
Correct Answer: a) Provide benchmarks for self-assessment
Explanation: A professional code of ethics helps IT professionals evaluate their behavior and practices by providing benchmarks for self-assessment. It focuses on ethical behavior rather than job security, financial guidelines, or productivity.
Question 06
Which two intellectual property items are protected by a patent?
- a) Logos and brand names
- b) Inventions and tools
- c) Software and slogans
- d) Artwork and databases
Correct Answer: b) Inventions and tools
Explanation: A patent protects inventions and tools by granting exclusive rights to their creators. Other items, such as logos, brand names, artwork, and slogans, are typically covered by trademarks and copyrights.
Question 07
Which aspect of the computer security triad provides guidance when dealing with data accuracy in IT?
- a) Confidentiality
- b) Availability
- c) Integrity
- d) Access control
Correct Answer: c) Integrity
Explanation: Integrity ensures that data remains accurate and unaltered during storage and transmission. Confidentiality, availability, and access control relate to other security concerns but do not specifically focus on data accuracy.
Question 08
A consulting firm that provides security services is conducting an independent security audit for a company and recommends remediation methods. What ethical issue may arise in this scenario?
- a) Conflict of interest
- b) Intellectual property theft
- c) Misrepresentation
- d) Fraud
Correct Answer: a) Conflict of interest
Explanation: A conflict of interest occurs when the consulting firm stands to benefit from recommending additional services, which could compromise the objectivity of the audit.
Question 09
Which major U.S. regulation governs the collection, disclosure, and protection of consumers’ personally identifiable information (PII) data by companies that provide financial products and services?
- a) Health Insurance Portability and Accountability Act (HIPAA)
- b) Gramm-Leach-Bliley Act (GLBA)
- c) Fair Credit Reporting Act
- d) Children’s Online Privacy Protection Act (COPPA)
Correct Answer: b) Gramm-Leach-Bliley Act (GLBA)
Explanation: The GLBA governs how financial institutions handle consumers' PII, including requirements for privacy and data protection. HIPAA, the Fair Credit Reporting Act, and COPPA focus on other sectors.
Question 10
An IT professional discovers a security vulnerability in a product close to release. They are encouraged by a colleague to remain silent, but the professional believes they have a duty to report it. Which ethical theory supports their decision?
- a) Utilitarianism
- b) Virtue ethics
- c) Deontology
- d) Relativism
Correct Answer: c) Deontology
Explanation: Deontology emphasizes following one's moral duty regardless of the consequences. In this case, the professional feels obligated to report the vulnerability to uphold ethical standards.
Question 11
Which law was passed in 1998 and aimed at prohibiting the distribution of harmful material to minors via the internet?
- a) Communications Decency Act (CDA)
- b) Children’s Internet Protection Act (CIPA)
- c) Children’s Online Privacy Protection Act (COPPA)
- d) Digital Millennium Copyright Act (DMCA)
Correct Answer: c) Children’s Online Privacy Protection Act (COPPA)
Explanation: COPPA was enacted to protect children's privacy online and ensure that websites targeting children under 13 follow strict guidelines, including parental consent for data collection.
Question 12
A hospital is implementing an electronic bridge to improve the speed and security of data transfer between facilities. Which solution should they use?
- a) Electronic medical record (EMR)
- b) Health information exchange (HIE)
- c) Data warehouse
- d) Cloud storage
Correct Answer: b) Health information exchange (HIE)
Explanation: HIE enables the secure and efficient transfer of health-related information across different healthcare facilities, ensuring faster and more accurate communication.
Question 13
What is the goal of a white hat hacker in cyberattacks in IT?
- a) To steal sensitive data
- b) To sabotage systems
- c) To identify vulnerabilities
- d) To cause financial damage
Correct Answer: c) To identify vulnerabilities
Explanation: White hat hackers are ethical hackers whose goal is to identify security vulnerabilities so they can be fixed, preventing malicious attacks.
Question 14
A manager is preparing an employee for a sales trip and instructs them to give expensive gifts to clients to secure business. The employee expresses concern about the ethical implications of bribery. The manager responds by saying bribery is culturally acceptable in some regions. Which ethical theory does this reflect?
- a) Virtue ethics
- b) Utilitarianism
- c) Deontology
- d) Relativism
Correct Answer: d) Relativism
Explanation: Relativism suggests that ethical standards vary based on cultural norms. In this case, the manager is using cultural relativism to justify bribery.
Question 15
A company’s bring-your-own-device (BYOD) policy allows employees to use personal devices for work, resulting in increased productivity. What other impact might this policy have?
- a) Decreased employee morale
- b) Increased vulnerability to security breaches
- c) Reduced IT workload
- d) Improved network security
Correct Answer: b) Increased vulnerability to security breaches
Explanation: BYOD policies can improve productivity, but they also introduce security risks as personal devices may not have the same level of protection as company-owned equipment.
Question 16
A software engineer inflates their resume when applying for a new position. Which two ethical challenges might encourage this behavior?
- a) Lack of technical skills
- b) Prioritization of personal loyalty
- c) Disregard for the professional code of conduct
- d) Desire for higher compensation
Correct Answer: b) Prioritization of personal loyalty, c) Disregard for the professional code of conduct
Explanation: Personal loyalty and ignoring professional ethical standards can drive unethical behavior like resume inflation. Compensation may be a factor, but it's not an ethical challenge in this context.
Question 17
What is a primary consequence of allowing unrestricted access to public internet usage in a corporate environment?
- a) Increased productivity
- b) Decreased risk of security breaches
- c) Decreased potential for lawsuits
- d) Increased potential for inappropriate content access
Correct Answer: d) Increased potential for inappropriate content access
Explanation: Unrestricted internet access in a corporate environment increases the risk of employees accessing inappropriate or harmful content, which can lead to legal and reputational risks for the company.
Question 18
Which regulation is designed to strengthen data protection for individuals within the European Union, specifically addressing the export of personal data outside the EU?
- a) Gramm-Leach-Bliley Act (GLBA)
- b) Health Insurance Portability and Accountability Act (HIPAA)
- c) General Data Protection Regulation (GDPR)
- d) Children’s Online Privacy Protection Act (COPPA)
Correct Answer: c) General Data Protection Regulation (GDPR)
Explanation: The GDPR was implemented to ensure strong data protection for individuals within the EU and applies to companies that handle personal data both inside and outside the EU. The other laws focus on different sectors or regions.
Question 19
Which ethical framework suggests that actions are morally right or wrong based solely on their consequences?
- a) Deontology
- b) Virtue ethics
- c) Utilitarianism
- d) Relativism
Correct Answer: c) Utilitarianism
Explanation: Utilitarianism is based on the principle of maximizing positive outcomes for the greatest number of people. Deontology and virtue ethics focus on moral rules and character traits, respectively, while relativism is based on subjective viewpoints.
Question 20
A security company is found to have issued a root cause analysis that misses key details about remediating existing vulnerabilities due to insufficient expertise. What is the potential impact of this behavior?
- a) Fraud charges
- b) Misrepresentation charges
- c) Loss of business
- d) Intellectual property theft
Correct Answer: b) Misrepresentation charges
Explanation: Failing to provide accurate and complete information about vulnerabilities can result in misrepresentation charges, as the company has not fully disclosed the risks involved in its analysis.
