-
web.groovymark@gmail.com
- November 19, 2024
Question 21
What is the primary role of encryption in IT security?
a) To ensure data integrity
b) To block unauthorized access
c) To scramble data for authorized users
d) To improve system performance
Correct Answer: c) To scramble data for authorized users
Explanation: Encryption scrambles data into unreadable formats that can only be deciphered by authorized users, helping to protect sensitive information from unauthorized access.
Question 22
Which regulation requires businesses to disclose their information-sharing practices and protect customers’ personal financial data?
a) Sarbanes-Oxley Act
b) Gramm-Leach-Bliley Act
c) HIPAA
d) CAN-SPAM Act
Correct Answer: b) Gramm-Leach-Bliley Act
Explanation: The Gramm-Leach-Bliley Act (GLBA) governs the collection, disclosure, and protection of consumers' personally identifiable financial information by companies.
Question 23
A hospital implements a health information exchange (HIE) to streamline the sharing of patient data with other healthcare providers. What is the primary ethical concern of this technology?
a) Unauthorized data modification
b) Accuracy of patient records
c) Protection of patient privacy
d) Accessibility of healthcare services
Correct Answer: c) Protection of patient privacy
Explanation: Health information exchanges (HIEs) raise concerns about patient privacy, as they involve the sharing of sensitive medical information between providers.
Question 24
Which type of malicious software is designed to replicate itself and spread across a network without requiring user action?
a) Virus
b) Worm
c) Trojan horse
d) Spyware
Correct Answer: b) Worm
Explanation: A worm is a type of malware that spreads autonomously across a network by exploiting security vulnerabilities, unlike viruses, which require user action to spread.
Question 25
What is the main goal of corporate social responsibility (CSR) programs that focus on sustainability in supply chains?
a) Increase profits
b) Reduce production costs
c) Ensure long-term environmental sustainability
d) Strengthen corporate governance
Correct Answer: c) Ensure long-term environmental sustainability
Explanation: CSR programs focused on supply chains aim to ensure that companies operate sustainably, meeting present needs without compromising future generations’ ability to do the same.
Question 26
An employee suspects a colleague is involved in fraudulent activity but hesitates to report it due to personal loyalty. What ethical issue is this employee facing?
a) Conflict of interest
b) Lack of transparency
c) Misrepresentation
d) Intellectual property theft
Correct Answer: a) Conflict of interest
Explanation: The employee is facing a conflict of interest between personal loyalty to the colleague and their responsibility to report unethical behavior, such as fraud.
Question 27
Which type of intellectual property protection is granted for the invention of a new and useful process or machine?
a) Copyright
b) Trademark
c) Design patent
d) Utility patent
Correct Answer: d) Utility patent
Explanation: A utility patent is granted for the invention of a new and useful process, machine, or composition of matter, providing exclusive rights to the inventor.
Question 28
A government organization uses metadata to monitor communications between foreign powers and their agents. Which law governs this type of surveillance?
a) Freedom of Information Act (FOIA)
b) USA PATRIOT Act
c) Foreign Intelligence Surveillance Act (FISA)
d) General Data Protection Regulation (GDPR)
Correct Answer: c) Foreign Intelligence Surveillance Act (FISA)
Explanation: FISA governs the collection of foreign intelligence information, including metadata surveillance, for the purpose of national security.
Question 29
A cybersecurity firm is developing a system to prevent unauthorized access to sensitive data. Which component of the CIA triad is being prioritized in this system?
a) Integrity
b) Confidentiality
c) Availability
d) Accountability
Correct Answer: b) Confidentiality
Explanation: The confidentiality component of the CIA triad ensures that sensitive data is protected from unauthorized access, which is the primary focus of cybersecurity measures.
Question 30
A social media company introduces a policy to curb cyberbullying but still allows users to post anonymously. What ethical challenge does this policy create?
a) Free speech violations
b) Proxy-based bias
c) Lack of accountability
d) Increased costs
Correct Answer: c) Lack of accountability
Explanation: Allowing anonymous posts on social media platforms can make it difficult to hold users accountable for harmful behaviors such as cyberbullying, raising ethical concerns.
Question 31
Which two intellectual property rights are most commonly associated with software development?
(Select two)
a) Patent
b) Trademark
c) Copyright
d) Trade secret
Correct Answer: c) Copyright, d) Trade secret
Explanation: Software is typically protected by copyright for its creative aspects, and trade secrets may protect algorithms and processes that are not publicly disclosed.
Question 32
What is the primary threat posed by doxing, a type of cyberattack?
a) Corruption of data
b) Unauthorized disclosure of personal information
c) Disruption of internet services
d) Creation of malicious software
Correct Answer: b) Unauthorized disclosure of personal information
Explanation: Doxing involves the unauthorized collection and release of someone’s personal information, often for malicious purposes like harassment or intimidation.
Question 33
A company decides to reverse engineer a competitor’s software to gain a competitive advantage. Which ethical concern does this practice raise?
a) Misrepresentation
b) Intellectual property infringement
c) Conflict of interest
d) Employee privacy
Correct Answer: b) Intellectual property infringement
Explanation: Reverse engineering a competitor’s software can violate intellectual property rights if done without permission or through unethical means.
Question 34
A security company implements a superficial investigation into a data breach and fails to identify the root cause. What is the potential legal consequence of this oversight?
a) Misrepresentation claims
b) Fraud charges
c) Product liability
d) Data integrity violations
Correct Answer: a) Misrepresentation claims
Explanation: Failure to properly investigate and report the root cause of a data breach can lead to misrepresentation claims, especially if clients are affected by further security issues.
Question 35
A software company develops an algorithm that discriminates against users from certain regions. What type of bias is this an example of?
a) Sampling bias
b) Proxy bias
c) Algorithmic bias
d) Temporal bias
Correct Answer: c) Algorithmic bias
Explanation: Algorithmic bias occurs when a software algorithm produces discriminatory results based on biased data or flawed logic, affecting specific groups or regions.
Question 36
A cybersecurity expert advises an organization to implement multi-factor authentication (MFA) for all employees. Which security principle does MFA help strengthen?
a) Integrity
b) Accountability
c) Availability
d) Confidentiality
Correct Answer: d) Confidentiality
Explanation: Multi-factor authentication enhances confidentiality by ensuring that only authorized individuals can access sensitive information, providing an additional layer of security.
Question 37
A hacker uses a phishing email to trick a victim into providing their bank account information. What type of attack is this?
a) Smishing
b) Spear phishing
c) Phishing
d) Vishing
Correct Answer: c) Phishing
Explanation: Phishing is a common cyberattack method in which a fraudulent email is used to deceive individuals into providing sensitive information like passwords or bank details.
Question 38
What is the primary function of a next-generation firewall (NGFW)?
a) Improve system performance
b) Block sophisticated network attacks
c) Detect hardware failures
d) Monitor employee productivity
Correct Answer: b) Block sophisticated network attacks
Explanation: Next-generation firewalls (NGFWs) are designed to detect and block more advanced and complex attacks, offering greater security than traditional firewalls.
Question 39
Which ethical issue is raised when a developer knowingly publishes software that contains hidden backdoors for future access?
a) Misrepresentation
b) Lack of transparency
c) Intellectual property theft
d) Conflict of interest
Correct Answer: b) Lack of transparency
Explanation: Including backdoors in software without disclosing them is an ethical violation of transparency, as it deceives users and compromises system security.
Question 40
A company promotes employees based on personal loyalty rather than their qualifications or performance. Which ethical challenge does this practice pose?
a) Conflict of interest
b) Misrepresentation
c) Breach of duty
d) Intellectual property theft
Correct Answer: a) Conflict of interest
Explanation: Promoting employees based on personal loyalty creates a conflict of interest, as decisions are not made in the best interest of the company or its goals.
