-
web.groovymark@gmail.com
- November 19, 2024
Question 01
Which two certifications are essential for IT professionals who need to ensure data from cyberattacks is admissible as evidence in court?
a) Certified Information Systems Auditor (CISA)
b) EnCase Certified Examiner
c) Certified Computer Examiner
d) CompTIA Security+
Correct Answer: b) EnCase Certified Examiner, c) Certified Computer Examiner
Explanation: These certifications focus on digital forensics and ensure that data collected during cyberattacks can be used in legal proceedings.
Question 02
What is the primary ethical challenge associated with using data from social media platforms for marketing purposes?
a) Reduced data accuracy
b) Privacy concerns
c) Increased sales opportunities
d) Legal compliance
Correct Answer: b) Privacy concerns
Explanation: Using personal data from social media platforms without explicit consent raises significant ethical concerns about user privacy.
Question 03
What is the main purpose of an intrusion detection system (IDS) in IT security?
a) To block unauthorized access
b) To detect and alert on suspicious activities
c) To create system backups
d) To encrypt sensitive data
Correct Answer: b) To detect and alert on suspicious activities
Explanation: An IDS monitors network traffic for suspicious activity and alerts security personnel to potential threats.
Question 04
A consulting firm offers an ex-government employee a position to help win government contracts. Which ethical issue does this situation raise?
a) Bribery
b) Conflict of interest
c) Intellectual property theft
d) Data misrepresentation
Correct Answer: b) Conflict of interest
Explanation: Offering a position to a former government employee creates a conflict of interest, as it may appear that the firm is attempting to influence government decisions.
Question 05
What is the ethical concern when IT workers engage in reverse engineering of third-party software?
- a) Promotes fair competition
- b) Violates intellectual property rights
- c) Encourages rapid development
- d) Increases market share
Correct Answer: b) Violates intellectual property rights
Explanation: Reverse engineering without permission infringes on the intellectual property rights of the original creators of the software.
Question 06
Which step in the ethical decision-making process involves defining who will be affected by the decision?
a) Identifying alternatives
b) Gathering facts
c) Defining stakeholders
d) Choosing a solution
Correct Answer: c) Defining stakeholders
Explanation: Defining stakeholders helps determine who will be impacted by the decision and how they will be affected.
Question 07
A company decides to implement an artificial intelligence system to monitor employee productivity. Which two ethical challenges does this practice raise?
(Select two)
a) Reduced system performance
b) Invasion of employee privacy
c) Improved job satisfaction
d) Lack of informed consent
Correct Answer: b) Invasion of employee privacy, d) Lack of informed consent
Explanation: Monitoring employee productivity through AI raises privacy concerns and requires employees’ informed consent to avoid ethical breaches.
Question 08
A pharmaceutical company uses personal health data for research without obtaining explicit consent from patients. Which regulation is the company most likely violating?
a) Sarbanes-Oxley Act
b) General Data Protection Regulation (GDPR)
c) Health Insurance Portability and Accountability Act (HIPAA)
d) Gramm-Leach-Bliley Act
Correct Answer: c) Health Insurance Portability and Accountability Act (HIPAA)
Explanation: HIPAA regulates the protection and use of personal health information, requiring explicit consent from patients before data can be used for research.
Question 09
A software company decides to sell customer data to third-party advertisers without informing its customers. Which ethical principle is being violated?
a) Data integrity
b) Customer privacy
c) Consent to monitoring
d) Security practices
Correct Answer: b) Customer privacy
Explanation: Selling customer data without their consent violates their privacy rights and raises significant ethical concerns.
Question 10
What is the primary purpose of the General Data Protection Regulation (GDPR)?
a) To prevent cyberattacks
b) To protect personal data of EU citizens
c) To regulate corporate tax practices
d) To enforce copyright laws
Correct Answer: b) To protect personal data of EU citizens
Explanation: GDPR is designed to protect the personal data and privacy of individuals within the European Union and regulate how companies handle that data.
Question 11
A U.S.-based company transfers data to its European branch for processing. What regulation must the company comply with to ensure data protection?
a) USA PATRIOT Act
b) Gramm-Leach-Bliley Act (GLBA)
c) General Data Protection Regulation (GDPR)
d) Health Insurance Portability and Accountability Act (HIPAA)
Correct Answer: c) General Data Protection Regulation (GDPR)
Explanation: GDPR governs the protection of personal data in the EU, ensuring that data transferred across borders is handled securely.
Question 12
Which legal concept allows IT workers to whistleblow and report illegal activities within their organization?
a) Privacy Act
b) False Claims Act
c) Foreign Corrupt Practices Act
d) Freedom of Information Act
Correct Answer: b) False Claims Act
Explanation: The False Claims Act allows employees to report illegal or unethical activities within their organization, often protecting whistleblowers from retaliation.
Question 13
A company decides to implement a system that tracks employee online activities during work hours. What ethical issue does this raise?
a) Data integrity
b) Invasion of privacy
c) Misuse of company resources
d) Customer data security
Correct Answer: b) Invasion of privacy
Explanation: Tracking employee online activities raises concerns about privacy, as it may involve monitoring personal activities without informed consent.
Question 14
A security firm is hired to investigate a data breach but issues a superficial report that fails to address key vulnerabilities. What legal risk does this create?
a) Intellectual property theft
b) Misrepresentation charges
c) Fraud charges
d) Data breach liability
Correct Answer: b) Misrepresentation charges
Explanation: By issuing an incomplete report and failing to disclose critical details, the firm may be accused of misrepresentation, which could lead to legal consequences.
Question 15
Which ethical theory emphasizes that an action is morally right if it results in the greatest good for the greatest number of people?
a) Deontology
b) Relativism
c) Virtue ethics
d) Utilitarianism
Correct Answer: d) Utilitarianism
Explanation: Utilitarianism is a consequentialist theory that evaluates actions based on their outcomes, aiming for the greatest benefit for the majority.
Question 16
A developer uses machine learning algorithms to create a system that tracks customer preferences based on purchase history. Which ethical issue should the developer consider?
a) System security
b) Data privacy
c) Algorithm accuracy
d) Intellectual property rights
Correct Answer: b) Data privacy
Explanation: Using customer purchase history to track preferences raises privacy concerns, as personal data may be used without the customer’s explicit consent.
Question 17
A healthcare company wants to implement a system that allows remote doctors to diagnose and treat patients through video conferencing. What is the ethical concern associated with this practice?
a) Security risks
b) Employee productivity
c) Data ownership
d) Doctor-patient relationship
Correct Answer: d) Doctor-patient relationship
Explanation: Remote healthcare can affect the traditional doctor-patient relationship, raising concerns about trust, quality of care, and privacy in virtual consultations.
Question 18
What is the primary purpose of a security audit in IT?
a) To evaluate system performance
b) To validate compliance with security policies
c) To improve user experience
d) To test software functionality
Correct Answer: b) To validate compliance with security policies
Explanation: A security audit assesses whether an organization’s security measures are being followed and ensures compliance with established policies and standards.
Question 19
A software company decides to collect user data to improve its product, but it does not inform users about the data collection. Which ethical principle is being violated?
a) Consent
b) Security
c) Accuracy
d) Transparency
Correct Answer: a) Consent
Explanation: Collecting user data without informing or obtaining consent violates the ethical principle of user autonomy and informed consent.
Question 20
Which law regulates the interception of wire and oral communications in the United States?
a) Wiretap Act
b) General Data Protection Regulation (GDPR)
c) Communications Decency Act
d) USA PATRIOT Act
Correct Answer: a) Wiretap Act
Explanation: The Wiretap Act regulates the legal requirements for intercepting wire and oral communications in the U.S., requiring court approval in most cases.
