-
web.groovymark@gmail.com
- November 19, 2024
Question 01
Which act requires financial institutions to explain their information-sharing practices to customers and safeguard sensitive data?
a) USA PATRIOT Act
b) Gramm-Leach-Bliley Act
c) Fair Credit Reporting Act
d) Health Insurance Portability and Accountability Act (HIPAA)
Correct Answer: b) Gramm-Leach-Bliley Act
Explanation: The Gramm-Leach-Bliley Act mandates financial institutions to disclose their information-sharing practices and take measures to safeguard consumers' personal data.
Question 02
Which ethical theory emphasizes following moral rules regardless of the outcome?
a) Utilitarianism
b) Deontology
c) Consequentialism
d) Relativism
Correct Answer: b) Deontology
Explanation: Deontology is a duty-based ethical theory that stresses following moral rules or obligations, regardless of the consequences.
Question 03
A company experiences a data breach and fails to notify affected customers immediately. Which regulation might the company have violated?
a) General Data Protection Regulation (GDPR)
b) Sarbanes-Oxley Act
c) CAN-SPAM Act
d) USA Freedom Act
Correct Answer: a) General Data Protection Regulation (GDPR)
Explanation: GDPR requires that companies notify affected individuals and regulatory authorities in a timely manner following a data breach.
Question 04
What is the primary objective of the American Recovery and Reinvestment Act (ARRA) with respect to healthcare?
a) Strengthening data encryption standards
b) Protecting electronic health records (EHR)
c) Increasing software patent protections
d) Enforcing stricter online privacy laws
Correct Answer: b) Protecting electronic health records (EHR)
Explanation: The ARRA, through its HITECH provisions, aims to enhance privacy and security for electronic health records and promotes the adoption of health IT systems.
Question 05
Which law was enacted to prevent the interception of wire and oral communications without a court order?
a) Communications Assistance for Law Enforcement Act (CALEA)
b) Wiretap Act
c) USA PATRIOT Act
d) FISA Amendments Act
Correct Answer: b) Wiretap Act
Explanation: The Wiretap Act regulates the interception of wire, oral, and electronic communications and establishes legal procedures for obtaining court approval for wiretapping.
Question 06
A company refuses to share how it uses customer data. Which ethical issue does this create?
a) Conflict of interest
b) Data accuracy
c) Lack of transparency
d) Misrepresentation
Correct Answer: c) Lack of transparency
Explanation: Lack of transparency occurs when a company withholds information about how it collects, uses, or shares customer data, creating ethical concerns regarding privacy.
Question 07
What is the primary function of the Electronic Communications Privacy Act (ECPA)?
a) To protect communications while they are being transferred
b) To enforce intellectual property rights
c) To regulate internet censorship
d) To require data encryption for all online transactions
Correct Answer: a) To protect communications while they are being transferred
Explanation: The ECPA protects electronic communications while they are being transmitted, ensuring that personal messages and data remain private during transmission.
Question 08
A company is developing software using third-party code without a license. What ethical concern does this raise?
a) Breach of duty
b) Intellectual property infringement
c) Lack of transparency
d) Data integrity
Correct Answer: b) Intellectual property infringement
Explanation: Using third-party code without a license constitutes intellectual property infringement and can lead to legal consequences for violating the rights of the code's owner.
Question 09
Which regulation is primarily concerned with protecting consumer credit information in the U.S.?
a) Fair Credit Reporting Act
b) General Data Protection Regulation (GDPR)
c) Communications Decency Act
d) USA PATRIOT Act
Correct Answer: a) Fair Credit Reporting Act
Explanation: The Fair Credit Reporting Act regulates how consumer credit information is collected, stored, and used, and ensures that consumers can access their credit reports.
Question 10
A software company implements strong data encryption to ensure unauthorized individuals cannot access sensitive information. Which element of the CIA triad is the company prioritizing?
a) Availability
b) Integrity
c) Confidentiality
d) Accountability
Correct Answer: c) Confidentiality
Explanation: Encryption protects data from unauthorized access, ensuring its confidentiality, which is a critical component of the CIA triad.
Question 11
What is the primary goal of implementing a bring-your-own-device (BYOD) policy in an organization?
a) To increase employee engagement
b) To improve system security
c) To boost employee productivity
d) To reduce system maintenance costs
Correct Answer: c) To boost employee productivity
Explanation: A BYOD policy allows employees to use their personal devices for work purposes, which can lead to increased productivity and flexibility but also introduces security challenges.
Question 12
What is the main consequence of relying on outdated or incomplete training data for an AI system?
a) Improved system performance
b) Algorithmic bias
c) Enhanced security features
d) Increased transparency
Correct Answer: b) Algorithmic bias
Explanation: AI systems trained on outdated or incomplete data are prone to algorithmic bias, resulting in unfair or inaccurate decisions based on flawed data.
Question 13
Which action should an IT professional take if they encounter evidence of a data breach while conducting a security audit?
a) Notify law enforcement immediately
b) Preserve evidence and activity logs
c) Delete all compromised data
d) Report the breach to the media
Correct Answer: b) Preserve evidence and activity logs
Explanation: IT professionals must preserve all evidence and activity logs to ensure an accurate investigation and avoid tampering with critical information.
Question 14
Which law ensures that U.S. citizens have access to information and records from federal agencies?
a) Privacy Act
b) Freedom of Information Act (FOIA)
c) General Data Protection Regulation (GDPR)
d) USA PATRIOT Act
Correct Answer: b) Freedom of Information Act (FOIA)
Explanation: FOIA grants U.S. citizens the right to request and access information held by federal agencies, promoting transparency and accountability.
Question 15
A company allows users to opt out of data collection but continues to collect personal data after users exercise this right. Which ethical principle is being violated?
a) Transparency
b) Consent
c) Data accuracy
d) System security
Correct Answer: b) Consent
Explanation: Continuing to collect data after users have opted out violates the principle of informed consent, as users are not agreeing to further data collection.
Question 16
Which two factors contribute to ethical challenges associated with the rise of internet censorship?
(Select two)
a) Government surveillance
b) Transparency in data sharing
c) Totalitarian governments
d) Dependency on regional providers
Correct Answer: c) Totalitarian governments, d) Dependency on regional providers
Explanation: Internet censorship is often driven by totalitarian governments and the reliance on regional providers, which can limit access to free information and free speech.
Question 17
What is the primary concern when AI systems rely on outdated or incomplete training data?
a) Reduced system speed
b) Loss of system integrity
c) Skewed decision-making
d) Increased customer satisfaction
Correct Answer: c) Skewed decision-making
Explanation: AI systems trained on incomplete or outdated data may produce biased or inaccurate results, leading to skewed decision-making and unfair outcomes.
Question 18
A company is using encrypted data storage to protect customer information. Which aspect of the CIA triad does this practice represent?
a) Confidentiality
b) Integrity
c) Availability
d) Accountability
Correct Answer: a) Confidentiality
Explanation: Encrypting data ensures that unauthorized parties cannot access sensitive information, thereby maintaining the confidentiality of customer data.
Question 19
A developer publishes an app that collects user location data but fails to disclose this in the app’s privacy policy. Which regulation is likely violated?
a) Children’s Online Privacy Protection Act (COPPA)
b) General Data Protection Regulation (GDPR)
c) CAN-SPAM Act
d) Fair Credit Reporting Act
Correct Answer: b) General Data Protection Regulation (GDPR)
Explanation: GDPR requires companies to be transparent about the collection and use of personal data, including location information, ensuring users are fully informed.
Question 20
A company gathers competitive intelligence by analyzing publicly available data on its competitors. Which ethical principle should the company follow in this practice?
a) Transparency
b) Fairness
c) Consent
d) Responsibility
Correct Answer: b) Fairness
Explanation: When gathering competitive intelligence, the company must ensure fairness by using only legally obtained and publicly available data without infringing on competitors’ rights.
